Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/zAICEamokpHMSA2g_9kEZYrObR8.roa
File: zAICEamokpHMSA2g_9kEZYrObR8.roa (raw, json)
Hash identifier: EaHuxrfiMSWOt7SJpL2Gdv4ia3QSYtD2W4T3lqCPIvE=
Subject key identifier: CC:02:02:11:A9:A8:92:91:CC:48:0D:A0:FF:D9:04:65:8A:CE:6D:1F
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018E2D33625190A5EC1EF64E753804192A21
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/zAICEamokpHMSA2g_9kEZYrObR8.roa
Signing time: Mon 11 Mar 2024 11:08:45 +0000
ROA not before: Mon 11 Mar 2024 11:08:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 185.126.81.0/24 maxlen: 24
185.194.177.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
193.58.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 10:18:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2d:33:62:51:90:a5:ec:1e:f6:4e:75:38:04:19:2a:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 11 11:08:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc020211a9a89291cc480da0ffd904658ace6d1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e0:00:57:e3:25:d7:43:6a:78:40:85:5c:14:
13:e6:51:54:0d:88:c9:90:d1:1c:68:1d:1d:95:76:
a6:a7:d1:78:52:e4:f2:9b:6d:fc:ec:ee:4a:0d:8a:
c3:9e:ad:7b:2f:6e:48:9e:82:05:a4:35:a4:f3:99:
cf:fa:bc:4a:4e:9e:85:2d:04:d9:33:70:6b:8f:98:
04:8a:d2:39:78:51:30:db:d6:fb:61:35:f9:21:1b:
79:d2:a0:1f:99:75:db:cf:ca:23:65:90:89:86:f8:
13:59:3e:6b:0c:cb:8c:0f:17:bf:7a:5e:3c:da:4c:
e1:1a:21:dc:de:4b:3d:e1:76:c8:bf:e9:00:14:e9:
60:a5:aa:cf:75:89:ba:76:4e:88:79:56:34:dd:ad:
58:5a:08:0f:f0:48:df:75:21:91:6b:13:2c:eb:89:
65:3b:68:21:ce:af:d3:7a:84:ea:8c:bd:57:fb:da:
71:69:56:d9:82:69:7a:fe:30:be:b0:4a:c5:fc:3c:
03:25:dc:1d:d5:cb:1b:73:a1:a0:81:6c:ee:d5:1d:
be:32:ce:41:ea:7b:38:68:0f:d4:ff:62:fc:b2:1c:
8b:69:59:40:66:49:a3:b4:ca:94:03:d6:d7:ea:b2:
5f:b2:b5:f7:eb:49:fa:cb:e3:23:29:ba:91:f5:8e:
66:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:02:02:11:A9:A8:92:91:CC:48:0D:A0:FF:D9:04:65:8A:CE:6D:1F
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/zAICEamokpHMSA2g_9kEZYrObR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.81.0/24
185.194.177.0/24
185.209.73.0/24
185.222.29.0/24
185.246.112.0/24
193.58.146.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:d1:78:9d:bc:ce:43:3a:a7:ff:bb:45:96:16:28:89:92:0f:
71:a3:f5:28:d5:fe:e5:dd:d4:c1:03:68:24:f3:06:d0:fa:93:
54:e7:5c:4c:ad:ab:73:eb:03:00:80:91:1b:60:c7:f5:8c:43:
b1:8b:b7:2f:41:e7:2d:74:f8:d5:2b:98:74:ee:4f:c8:14:64:
c9:af:ab:4f:f2:41:a6:20:95:59:b7:e2:18:aa:52:8d:7c:1b:
8b:d3:35:cd:e9:2c:b8:b9:2a:b0:96:14:be:70:92:41:4f:8e:
3e:95:da:e6:68:8b:62:73:83:ea:62:f8:15:2d:49:1c:d8:08:
62:03:e1:90:70:b2:01:87:27:15:3f:be:27:be:79:da:21:82:
48:99:ab:8e:01:89:9d:64:66:b4:42:0d:4c:2b:61:c9:80:39:
89:e3:dd:04:3d:92:48:c7:b1:54:20:3f:20:94:94:5d:ab:26:
78:e2:fc:ce:56:94:75:d2:70:46:ba:e6:8e:03:54:1b:42:18:
e9:b0:c6:c4:75:ab:c6:7a:2b:45:ec:e9:d9:2c:74:c5:f1:75:
63:51:aa:b1:03:74:5a:fd:79:24:8d:84:49:3b:82:b7:85:71:
79:ed:67:42:1a:34:8a:58:dd:41:ca:8d:b6:12:f5:6f:22:15:
fd:e9:2c:9a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY4tM2JRkKXsHvZOdTgEGSohMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMzExMTEwODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzAyMDIxMWE5YTg5MjkxY2M0ODBkYTBmZmQ5MDQ2NThhY2U2ZDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeAAV+Ml10NqeECFXBQT5lFUDYjJ
kNEcaB0dlXamp9F4UuTym2387O5KDYrDnq17L25InoIFpDWk85nP+rxKTp6FLQTZ
M3Brj5gEitI5eFEw29b7YTX5IRt50qAfmXXbz8ojZZCJhvgTWT5rDMuMDxe/el48
2kzhGiHc3ks94XbIv+kAFOlgparPdYm6dk6IeVY03a1YWggP8EjfdSGRaxMs64ll
O2ghzq/TeoTqjL1X+9pxaVbZgml6/jC+sErF/DwDJdwd1csbc6GggWzu1R2+Ms5B
6ns4aA/U/2L8shyLaVlAZkmjtMqUA9bX6rJfsrX360n6y+MjKbqR9Y5mAQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMwCAhGpqJKRzEgNoP/ZBGWKzm0fMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvekFJQ0VhbW9rcEhNU0EyZ185a0VaWXJPYlI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAuX5RAwQA
ucKxAwQAudFJAwQAud4dAwQAufZwAwQAwTqSMA0GCSqGSIb3DQEBCwUAA4IBAQC/
0XidvM5DOqf/u0WWFiiJkg9xo/Uo1f7l3dTBA2gk8wbQ+pNU51xMratz6wMAgJEb
YMf1jEOxi7cvQectdPjVK5h07k/IFGTJr6tP8kGmIJVZt+IYqlKNfBuL0zXN6Sy4
uSqwlhS+cJJBT44+ldrmaItic4PqYvgVLUkc2AhiA+GQcLIBhycVP74nvnnaIYJI
mauOAYmdZGa0Qg1MK2HJgDmJ490EPZJIx7FUID8glJRdqyZ44vzOVpR10nBGuuaO
A1QbQhjpsMbEdavGeitF7OnZLHTF8XVjUaqxA3Ra/XkkjYRJO4K3hXF57WdCGjSK
WN1Byo22EvVvIhX96Sya
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:30 2024 by rpki-client on console-ams.rpki-client.org