Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/yRTi2p8Ntmdi5SyNSsyOy1TWk-g.roa
File: yRTi2p8Ntmdi5SyNSsyOy1TWk-g.roa (raw, json)
Hash identifier: OPXUekX60dTEWfnaXkqhRFWaWOUb/6c1plsEHbfl8uU=
Subject key identifier: C9:14:E2:DA:9F:0D:B6:67:62:E5:2C:8D:4A:CC:8E:CB:54:D6:93:E8
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01884816A9D1D3882DD3736E2760BBB6CB0D
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/yRTi2p8Ntmdi5SyNSsyOy1TWk-g.roa
Signing time: Tue 23 May 2023 10:10:24 +0000
ROA not before: Tue 23 May 2023 10:10:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.90.17.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.246.115.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 May 2023 11:18:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:48:16:a9:d1:d3:88:2d:d3:73:6e:27:60:bb:b6:cb:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 23 10:10:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c914e2da9f0db66762e52c8d4acc8ecb54d693e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:01:f5:a6:22:3a:45:22:26:df:74:82:cd:08:
cf:8a:55:a0:3d:3f:27:e7:02:50:4c:03:96:5a:86:
3b:b0:da:99:b0:ca:2d:68:31:06:ec:d8:7d:8c:b4:
36:09:d2:8b:56:59:8f:ff:75:99:1b:82:c0:14:89:
ed:58:c0:17:9d:3d:93:e5:88:aa:db:47:6c:3d:f6:
43:d7:9a:ac:11:4d:f1:44:03:d5:6d:46:28:0a:f8:
21:5a:8c:fc:db:dc:71:c3:96:6f:b8:0c:b2:e2:3f:
38:32:8c:35:3d:36:b6:48:3c:c1:5f:c5:3d:22:26:
16:ec:3f:44:c3:8c:df:74:b1:9b:ae:6e:fb:3f:ca:
1e:3c:b6:11:95:8b:47:1f:6c:ab:32:1b:43:66:d3:
3f:14:97:d9:52:ec:04:5a:91:b7:12:4c:75:e7:de:
64:7f:a8:ff:21:9f:74:da:55:48:63:1a:45:06:f4:
5a:c5:c5:40:47:80:28:00:a2:c2:8d:aa:14:05:24:
4e:f8:96:f7:61:ef:27:64:46:e8:f3:1d:62:26:fe:
fb:e0:72:4c:63:f2:0a:5a:37:ca:77:4e:5d:84:be:
93:41:3a:29:71:8b:3e:d7:b9:0d:b1:45:a9:ed:99:
54:2c:b4:73:e4:81:ac:36:c2:c6:b7:10:25:a7:6c:
9a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:14:E2:DA:9F:0D:B6:67:62:E5:2C:8D:4A:CC:8E:CB:54:D6:93:E8
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/yRTi2p8Ntmdi5SyNSsyOy1TWk-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.90.17.0/24
45.147.224.0/24
185.225.0.0/23
185.246.115.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
64:df:73:d6:5a:c7:d4:11:64:1a:f7:37:67:31:96:ca:27:70:
81:55:44:e3:07:4e:4b:9d:51:97:e2:50:0b:65:c1:2d:9a:52:
6a:b2:98:79:3a:54:42:d4:d5:7a:2b:b4:ca:9a:37:09:3b:87:
5b:2f:ce:8d:60:cf:c2:55:1e:34:86:2a:16:36:f6:f6:fa:5f:
bd:a3:89:55:95:3a:72:3b:d9:1d:c1:b7:66:b3:0a:22:e9:4d:
14:c2:61:73:1d:5a:13:cd:72:72:3c:04:08:8f:90:c9:46:a5:
12:75:ba:9a:9d:58:1f:b1:34:a8:42:09:5a:d0:55:9a:92:62:
bf:41:b9:36:2f:54:45:c8:e4:cd:3d:0e:af:06:ae:a5:40:0d:
77:42:e3:0a:84:4e:cd:b8:ce:49:0b:fb:44:43:d0:93:17:9b:
21:58:3b:b6:96:3e:4e:d5:cb:c1:3e:c5:15:30:d0:7e:c6:11:
f0:78:37:51:be:38:a4:ed:54:db:51:d6:4d:0d:8d:9f:92:c7:
29:bf:b1:64:e4:55:68:73:a6:5d:e3:db:94:e5:02:64:b5:37:
fb:69:3a:6a:bf:d2:87:14:2d:38:c5:2c:d5:6e:fa:c8:df:f6:
25:b5:4b:9c:eb:e2:e5:b8:b7:4a:1d:b3:de:9f:05:41:31:55:
59:4d:0f:8c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYhIFqnR04gt03NuJ2C7tssNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNTIzMTAxMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTE0ZTJkYTlmMGRiNjY3NjJlNTJjOGQ0YWNjOGVjYjU0ZDY5M2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgH1piI6RSIm33SCzQjPilWgPT8n
5wJQTAOWWoY7sNqZsMotaDEG7Nh9jLQ2CdKLVlmP/3WZG4LAFIntWMAXnT2T5Yiq
20dsPfZD15qsEU3xRAPVbUYoCvghWoz829xxw5ZvuAyy4j84Mow1PTa2SDzBX8U9
IiYW7D9Ew4zfdLGbrm77P8oePLYRlYtHH2yrMhtDZtM/FJfZUuwEWpG3Ekx1595k
f6j/IZ902lVIYxpFBvRaxcVAR4AoAKLCjaoUBSRO+Jb3Ye8nZEbo8x1iJv774HJM
Y/IKWjfKd05dhL6TQTopcYs+17kNsUWp7ZlULLRz5IGsNsLGtxAlp2yatwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMkU4tqfDbZnYuUsjUrMjstU1pPoMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEveVJUaTJwOE50bWRpNVN5TlNzeU95MVRXay1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALQgVAwQA
LVoRAwQALZPgAwQBueEAAwQAufZzAwQBwTqSMA0GCSqGSIb3DQEBCwUAA4IBAQBk
33PWWsfUEWQa9zdnMZbKJ3CBVUTjB05LnVGX4lALZcEtmlJqsph5OlRC1NV6K7TK
mjcJO4dbL86NYM/CVR40hioWNvb2+l+9o4lVlTpyO9kdwbdmswoi6U0UwmFzHVoT
zXJyPAQIj5DJRqUSdbqanVgfsTSoQgla0FWakmK/Qbk2L1RFyOTNPQ6vBq6lQA13
QuMKhE7NuM5JC/tEQ9CTF5shWDu2lj5O1cvBPsUVMNB+xhHweDdRvjik7VTbUdZN
DY2fkscpv7Fk5FVoc6Zd49uU5QJktTf7aTpqv9KHFC04xSzVbvrI3/YltUuc6+Ll
uLdKHbPenwVBMVVZTQ+M
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:44 2024 by rpki-client on console-fra.rpki-client.org