Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ySmil2HPZlWIOI256SnsbRJcP6w.roa
File: ySmil2HPZlWIOI256SnsbRJcP6w.roa (raw, json)
Hash identifier: UhD9IlJU10hvL+TL7yOFKlaPLnTyk2heQOyUlHOCAgE=
Subject key identifier: C9:29:A2:97:61:CF:66:55:88:38:8D:B9:E9:29:EC:6D:12:5C:3F:AC
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018AC6CD4B35A88221021E4D1DD856415F55
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ySmil2HPZlWIOI256SnsbRJcP6w.roa
Signing time: Sun 24 Sep 2023 10:47:37 +0000
ROA not before: Sun 24 Sep 2023 10:47:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.225.22.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
176.125.248.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.223.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Sep 2023 14:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c6:cd:4b:35:a8:82:21:02:1e:4d:1d:d8:56:41:5f:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Sep 24 10:47:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c929a29761cf665588388db9e929ec6d125c3fac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:0f:2a:b2:a6:ff:bd:ef:22:58:dc:ac:83:3f:
42:cb:19:9a:30:09:e4:36:70:ab:33:ca:2a:d9:83:
17:1e:1b:c1:84:d5:35:87:99:1f:e9:4a:30:de:14:
81:03:18:01:d4:f5:e5:5a:07:d8:d7:b9:a0:a2:a0:
38:9e:e6:bb:c7:0e:15:7a:3c:e1:8e:c7:73:ec:44:
74:ff:35:24:f8:f7:fe:f1:1f:82:bf:50:e7:8a:2c:
7f:74:d2:59:ca:44:3a:9b:8a:3a:5a:7d:48:62:2b:
4d:b9:35:f3:ff:21:63:32:ed:cd:c4:70:53:19:64:
7d:c5:1e:ff:e8:ec:30:c7:f0:8b:3e:98:86:cf:c6:
f0:5d:76:c6:3d:5b:47:60:bf:55:6a:91:96:f2:7f:
b3:f8:72:cb:66:70:8d:09:80:6e:21:32:57:81:2b:
b6:fe:db:cd:bb:f5:01:75:b9:88:ed:cd:a5:f1:3e:
ee:bd:e7:50:17:3a:46:43:d8:48:e8:f4:3b:ea:fe:
31:08:1a:88:d9:94:18:e1:02:50:36:08:30:be:0a:
7b:97:c2:68:0a:8c:9c:e7:7d:7d:9f:75:7b:24:59:
2b:cd:20:bd:84:d4:db:cb:6c:bb:e9:fe:68:0d:0e:
bd:50:61:98:57:9e:17:2e:60:2d:4e:41:e9:f7:45:
15:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:29:A2:97:61:CF:66:55:88:38:8D:B9:E9:29:EC:6D:12:5C:3F:AC
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ySmil2HPZlWIOI256SnsbRJcP6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
176.125.248.0/24
185.126.82.0/24
185.223.80.0/24
185.225.0.0/23
185.225.22.0/24
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:98:cf:db:e9:74:45:cc:e2:2d:5d:b0:e9:95:34:0a:f2:f9:
20:38:28:eb:5a:d3:cb:77:05:ba:c9:7f:d2:15:f8:2a:b5:7e:
66:7e:60:cd:9f:17:c2:eb:f8:ec:ba:25:83:c7:c4:6b:77:9e:
c8:8d:2d:ed:f2:35:df:4b:36:25:96:0e:76:12:55:d0:34:85:
c2:31:7b:0a:e7:cd:a2:db:6b:28:bf:2b:94:d4:ea:4e:6f:ef:
c9:3e:00:ab:5e:e4:65:2e:17:b6:97:24:6b:24:83:61:27:49:
d6:9e:4d:59:2d:01:c1:b8:34:a6:43:fc:9a:1c:d8:e8:bf:01:
02:47:09:10:f4:f6:74:79:44:54:b6:c7:7e:02:1d:3d:d4:d1:
45:07:e0:60:17:82:e5:12:73:4d:fc:ee:c9:e7:ca:30:72:76:
65:24:07:58:a3:b3:e9:8b:6c:a1:1d:a3:0e:b2:94:dd:33:c7:
7c:26:51:b8:40:53:4d:1c:b4:24:b7:a7:9f:25:dd:3a:7f:e1:
9f:4f:59:cc:55:73:50:d0:af:4c:c8:ad:fb:9e:b9:ec:1b:c1:
63:3e:79:a1:e1:ae:a8:72:fe:b0:9e:f7:8b:1f:44:a6:14:38:
19:42:6d:4d:5f:c2:84:46:ea:63:7e:a8:ee:aa:bd:ea:4f:93:
01:c4:82:22
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYrGzUs1qIIhAh5NHdhWQV9VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwOTI0MTA0NzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTI5YTI5NzYxY2Y2NjU1ODgzODhkYjllOTI5ZWM2ZDEyNWMzZmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoA8qsqb/ve8iWNysgz9CyxmaMAnk
NnCrM8oq2YMXHhvBhNU1h5kf6Uow3hSBAxgB1PXlWgfY17mgoqA4nua7xw4Vejzh
jsdz7ER0/zUk+Pf+8R+Cv1Dniix/dNJZykQ6m4o6Wn1IYitNuTXz/yFjMu3NxHBT
GWR9xR7/6Owwx/CLPpiGz8bwXXbGPVtHYL9VapGW8n+z+HLLZnCNCYBuITJXgSu2
/tvNu/UBdbmI7c2l8T7uvedQFzpGQ9hI6PQ76v4xCBqI2ZQY4QJQNggwvgp7l8Jo
Coyc5319n3V7JFkrzSC9hNTby2y76f5oDQ69UGGYV54XLmAtTkHp90UV4wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMkpopdhz2ZViDiNuekp7G0SXD+sMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEveVNtaWwySFBabFdJT0kyNTZTbnNiUkpjUDZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQgVAwQA
LZPgAwQAsH34AwQAuX5SAwQAud9QAwQBueEAAwQAueEWAwQAufvlAwQBwTqSMA0G
CSqGSIb3DQEBCwUAA4IBAQB/mM/b6XRFzOItXbDplTQK8vkgOCjrWtPLdwW6yX/S
FfgqtX5mfmDNnxfC6/jsuiWDx8Rrd57IjS3t8jXfSzYllg52ElXQNIXCMXsK582i
22sovyuU1OpOb+/JPgCrXuRlLhe2lyRrJINhJ0nWnk1ZLQHBuDSmQ/yaHNjovwEC
RwkQ9PZ0eURUtsd+Ah091NFFB+BgF4LlEnNN/O7J58owcnZlJAdYo7Ppi2yhHaMO
spTdM8d8JlG4QFNNHLQkt6efJd06f+GfT1nMVXNQ0K9MyK37nrnsG8FjPnmh4a6o
cv6wnveLH0SmFDgZQm1NX8KERupjfqjuqr3qT5MBxIIi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:30 2024 by rpki-client on console-ams.rpki-client.org