Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/zlUb90WpxoinUYrGE3TXVFqSXQA.roa
File: zlUb90WpxoinUYrGE3TXVFqSXQA.roa (raw, json)
Hash identifier: eLKF64el3QGEnlZDBSj0AeefWUwg3GM1tYsfLdg8mYU=
Subject key identifier: CE:55:1B:F7:45:A9:C6:88:A7:51:8A:C6:13:74:D7:54:5A:92:5D:00
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0188BE5F6882C5AB6EF6042FFDF192B16260
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/zlUb90WpxoinUYrGE3TXVFqSXQA.roa
Signing time: Thu 15 Jun 2023 09:25:03 +0000
ROA not before: Thu 15 Jun 2023 09:25:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.225.20.0/24 maxlen: 24
193.58.145.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.23.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
194.147.17.0/24 maxlen: 24
194.147.16.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 15 Jun 2023 10:44:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:be:5f:68:82:c5:ab:6e:f6:04:2f:fd:f1:92:b1:62:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 15 09:25:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce551bf745a9c688a7518ac61374d7545a925d00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d0:d6:56:1d:2d:ac:8c:cd:2b:61:46:ad:7e:
1e:08:01:ab:93:b3:7b:74:7d:36:d4:b2:86:e4:b2:
cc:a6:43:6b:a4:09:31:11:98:0c:4f:75:84:e6:42:
f6:01:57:51:b7:fe:b8:9c:d6:cb:03:b7:29:c0:7c:
86:f8:5a:dd:e2:ec:f7:ba:e3:41:23:64:bf:d8:d3:
51:66:80:af:2c:eb:19:d9:4e:64:2f:e9:73:28:1b:
b1:3c:55:e1:bd:00:69:af:6c:2f:bd:94:cf:2e:e1:
6f:6d:d0:f1:19:fc:3a:1b:83:69:f5:54:57:55:d5:
c6:45:19:00:ae:26:39:89:00:f9:ad:60:36:af:f4:
38:fc:d3:d5:b8:e3:c0:78:8d:8a:82:c6:71:e2:25:
94:30:62:b4:54:79:8a:a2:6c:b0:ba:47:60:ab:3d:
36:3f:4f:9d:5f:c1:1b:79:b6:f9:e4:7c:1b:fe:4b:
34:ad:75:1b:b5:07:a4:c7:0c:7f:ff:ef:4d:ef:f2:
1b:0a:8d:f3:13:b8:9e:8c:52:b5:1d:2d:bc:67:8d:
9b:0a:9f:66:13:df:30:4d:52:5f:1e:c3:21:4c:47:
68:0f:f4:2b:0b:db:5f:56:d5:95:f8:3b:64:a6:25:
e1:80:61:f9:0d:d0:79:53:e1:66:4a:00:e9:0c:33:
52:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:55:1B:F7:45:A9:C6:88:A7:51:8A:C6:13:74:D7:54:5A:92:5D:00
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/zlUb90WpxoinUYrGE3TXVFqSXQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.8.23.0/24
45.147.224.0/24
185.225.0.0/23
185.225.20.0/24
193.58.145.0-193.58.147.255
194.147.16.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:dc:3b:72:59:1e:68:5c:79:fb:1d:49:2c:5f:2d:78:5e:86:
dd:0f:5a:58:b5:44:4c:4d:63:9e:32:2f:db:f6:7d:5c:11:45:
b1:2b:0e:20:dc:a3:42:8e:ea:9c:06:5c:cb:b3:4e:30:44:bf:
5f:7c:95:e4:cd:64:ca:e8:62:24:30:81:49:52:25:9d:cd:33:
f4:23:be:dc:b2:e3:fc:63:5c:c5:fa:5b:80:ef:60:ed:ae:67:
f3:01:66:68:1d:1c:d4:7c:0f:42:fc:dc:9c:e0:eb:01:98:33:
17:e9:a0:4d:d0:a4:63:b4:98:9f:3d:bc:94:6b:1b:e3:5b:e0:
ca:c5:8b:d6:13:0e:c8:6c:62:c3:c8:de:b6:94:7c:e9:c9:83:
74:f5:63:15:6e:88:9f:dd:d6:c4:b5:46:41:fb:64:87:4f:96:
87:c9:99:c1:94:4d:43:17:3d:26:04:f4:86:ba:cc:14:ff:63:
ed:87:20:d9:e7:0a:0f:a7:17:1e:fa:a2:18:69:28:ca:f9:94:
a9:c1:35:e9:3c:e2:d9:98:fe:3c:b3:59:d4:8b:16:a0:3d:44:
23:ad:22:d0:de:13:c7:e2:a5:50:84:fc:83:cf:e3:0d:f5:5d:
62:70:09:f3:34:7a:af:52:22:81:6d:4b:4e:4a:fd:cf:00:4a:
4e:42:78:c3
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYi+X2iCxatu9gQv/fGSsWJgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNjE1MDkyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTU1MWJmNzQ1YTljNjg4YTc1MThhYzYxMzc0ZDc1NDVhOTI1ZDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtDWVh0trIzNK2FGrX4eCAGrk7N7
dH021LKG5LLMpkNrpAkxEZgMT3WE5kL2AVdRt/64nNbLA7cpwHyG+Frd4uz3uuNB
I2S/2NNRZoCvLOsZ2U5kL+lzKBuxPFXhvQBpr2wvvZTPLuFvbdDxGfw6G4Np9VRX
VdXGRRkAriY5iQD5rWA2r/Q4/NPVuOPAeI2KgsZx4iWUMGK0VHmKomywukdgqz02
P0+dX8Ebebb55Hwb/ks0rXUbtQekxwx//+9N7/IbCo3zE7iejFK1HS28Z42bCp9m
E98wTVJfHsMhTEdoD/QrC9tfVtWV+DtkpiXhgGH5DdB5U+FmSgDpDDNSUwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFM5VG/dFqcaIp1GKxhN011Rakl0AMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvemxVYjkwV3B4b2luVVlyR0UzVFhWRnFTWFFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQALQgVAwQA
LQgXAwQALZPgAwQBueEAAwQAueEUMAwDBADBOpEDBALBOpADBAHCkxAwDQYJKoZI
hvcNAQELBQADggEBAEvcO3JZHmhcefsdSSxfLXheht0PWli1RExNY54yL9v2fVwR
RbErDiDco0KO6pwGXMuzTjBEv198leTNZMroYiQwgUlSJZ3NM/Qjvtyy4/xjXMX6
W4DvYO2uZ/MBZmgdHNR8D0L83Jzg6wGYMxfpoE3QpGO0mJ89vJRrG+Nb4MrFi9YT
DshsYsPI3raUfOnJg3T1YxVuiJ/d1sS1RkH7ZIdPlofJmcGUTUMXPSYE9Ia6zBT/
Y+2HINnnCg+nFx76ohhpKMr5lKnBNek84tmY/jyzWdSLFqA9RCOtItDeE8fipVCE
/IPP4w31XWJwCfM0eq9SIoFtS05K/c8ASk5CeMM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:44 2024 by rpki-client on console-fra.rpki-client.org