Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/zb6LB6yUMddX7kceFaBEdHw8D0o.roa
File: zb6LB6yUMddX7kceFaBEdHw8D0o.roa (raw, json)
Hash identifier: r3WC7teHeJ0itDZtl35Pkpsyg5YdRufrtOu/gYu7pcE=
Subject key identifier: CD:BE:8B:07:AC:94:31:D7:57:EE:47:1E:15:A0:44:74:7C:3C:0F:4A
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0188D37DD22C9FCF54CA09EBAD9B86CEE528
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/zb6LB6yUMddX7kceFaBEdHw8D0o.roa
Signing time: Mon 19 Jun 2023 11:50:18 +0000
ROA not before: Mon 19 Jun 2023 11:50:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.225.20.0/24 maxlen: 24
193.58.145.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
45.147.226.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
194.147.17.0/24 maxlen: 24
194.147.16.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 19 Jun 2023 20:54:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d3:7d:d2:2c:9f:cf:54:ca:09:eb:ad:9b:86:ce:e5:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 19 11:50:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cdbe8b07ac9431d757ee471e15a044747c3c0f4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:47:d1:bf:89:ff:b3:cc:17:5a:51:1d:20:d6:
43:ca:80:a7:cb:79:84:18:07:5b:0e:d9:87:0b:12:
be:da:4f:02:26:23:08:e4:3a:5f:21:f7:93:0f:d6:
21:6a:53:6f:0c:ab:66:6b:a6:e9:71:90:35:53:c5:
ac:5f:ac:1d:e6:6e:8c:f9:25:fe:d5:b3:f5:02:f1:
0d:71:ca:21:79:c7:ae:a5:16:76:85:d2:54:78:0e:
b9:32:6f:80:cd:e3:a7:2b:f0:bc:69:eb:b7:cd:33:
d7:2e:9c:2d:0c:93:3e:5d:97:17:87:e0:8e:33:1a:
91:bd:16:1f:02:11:41:fd:0e:4d:a3:e6:a4:bb:fc:
44:90:e9:4d:b0:f8:26:60:04:04:e9:d2:30:94:ef:
15:64:51:ad:d6:7a:b4:96:32:41:31:72:99:8c:d4:
31:de:c6:8c:e2:3f:15:8e:0c:49:3b:5c:b4:07:a4:
fd:39:9e:4a:89:42:90:13:65:81:f3:b9:3d:4d:10:
45:98:6c:06:55:70:46:79:85:ab:5f:59:d6:63:f9:
43:26:f2:25:a2:55:f6:70:f6:bc:2a:a1:6a:c2:b6:
c0:f9:16:08:fa:e8:0b:b8:5e:05:88:bc:69:5f:81:
5d:a7:21:8d:47:cd:79:91:67:dd:99:cf:f8:01:ea:
b6:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:BE:8B:07:AC:94:31:D7:57:EE:47:1E:15:A0:44:74:7C:3C:0F:4A
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/zb6LB6yUMddX7kceFaBEdHw8D0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
45.147.226.0/24
185.225.0.0/23
185.225.20.0/24
185.246.112.0/24
193.58.145.0-193.58.147.255
194.147.16.0/23
Signature Algorithm: sha256WithRSAEncryption
7e:80:44:f5:5b:c3:38:ca:40:93:73:a0:76:93:1b:08:53:d5:
29:75:d1:6d:cd:71:42:f3:02:4b:ee:41:95:8b:80:a3:b8:3e:
ab:eb:7b:3d:1f:44:36:61:3a:d1:05:f8:20:69:68:81:6d:57:
f2:f3:5b:11:98:11:42:6c:80:be:0f:44:e0:a0:ea:80:b2:58:
c3:c9:0d:f0:f8:2b:ae:95:64:2a:ef:4a:b7:ee:d1:43:a7:30:
0e:0a:c9:74:67:75:67:e1:7f:a9:c5:03:43:27:0a:3e:e9:f5:
d6:4e:ef:86:52:6e:b5:77:c0:b1:f8:c9:25:11:6a:cc:60:81:
d4:55:97:dd:bc:a0:a2:dc:3f:a8:55:af:03:73:9e:9e:49:e3:
a1:c6:9e:8e:af:1c:88:22:8b:98:ad:23:65:db:5e:67:71:c7:
f1:a7:3f:0e:d7:64:93:f3:a2:05:71:17:36:e0:f0:e9:46:2e:
7f:a4:12:91:2e:8e:bb:5b:50:75:44:49:dc:1f:5a:c9:4e:ec:
58:c7:02:55:44:54:22:49:38:5c:d5:18:b4:91:e0:82:0c:0d:
f7:70:0e:fd:4d:99:79:53:c3:29:d4:0e:66:cc:51:b1:3f:19:
fe:47:88:d6:66:fc:0e:81:ff:52:a2:9c:e7:16:cf:f8:c8:5f:
75:9a:75:66
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYjTfdIsn89UygnrrZuGzuUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNjE5MTE1MDE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGJlOGIwN2FjOTQzMWQ3NTdlZTQ3MWUxNWEwNDQ3NDdjM2MwZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUfRv4n/s8wXWlEdINZDyoCny3mE
GAdbDtmHCxK+2k8CJiMI5DpfIfeTD9YhalNvDKtma6bpcZA1U8WsX6wd5m6M+SX+
1bP1AvENccoheceupRZ2hdJUeA65Mm+AzeOnK/C8aeu3zTPXLpwtDJM+XZcXh+CO
MxqRvRYfAhFB/Q5No+aku/xEkOlNsPgmYAQE6dIwlO8VZFGt1nq0ljJBMXKZjNQx
3saM4j8VjgxJO1y0B6T9OZ5KiUKQE2WB87k9TRBFmGwGVXBGeYWrX1nWY/lDJvIl
olX2cPa8KqFqwrbA+RYI+ugLuF4FiLxpX4FdpyGNR815kWfdmc/4Aeq2aQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFM2+iweslDHXV+5HHhWgRHR8PA9KMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvemI2TEI2eVVNZGRYN2tjZUZhQkVkSHc4RDBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQALQgVAwQA
LZPgAwQALZPiAwQBueEAAwQAueEUAwQAufZwMAwDBADBOpEDBALBOpADBAHCkxAw
DQYJKoZIhvcNAQELBQADggEBAH6ARPVbwzjKQJNzoHaTGwhT1Sl10W3NcULzAkvu
QZWLgKO4Pqvrez0fRDZhOtEF+CBpaIFtV/LzWxGYEUJsgL4PROCg6oCyWMPJDfD4
K66VZCrvSrfu0UOnMA4KyXRndWfhf6nFA0MnCj7p9dZO74ZSbrV3wLH4ySURasxg
gdRVl928oKLcP6hVrwNznp5J46HGno6vHIgii5itI2XbXmdxx/GnPw7XZJPzogVx
Fzbg8OlGLn+kEpEujrtbUHVESdwfWslO7FjHAlVEVCJJOFzVGLSR4IIMDfdwDv1N
mXlTwynUDmbMUbE/Gf5HiNZm/A6B/1KinOcWz/jIX3WadWY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:30 2024 by rpki-client on console-ams.rpki-client.org