Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/1-KWtmwoJrP4KncxL9QMCiHdYbeI.roa
File: 1-KWtmwoJrP4KncxL9QMCiHdYbeI.roa (raw, json)
Hash identifier: SzzOL13Z5DFn/+PL0D5dUKSV8vMzizQm50I9ilZcB2U=
Subject key identifier: F8:A5:AD:9B:0A:09:AC:FE:0A:9D:CC:4B:F5:03:02:88:77:58:6D:E2
Certificate issuer: /CN=4456c14cd8724f9a909627b94e006cf69d12307b
Certificate serial: 018B65FA2CD0D1E46CC74F4AF3F5E02170EB
Authority key identifier: 44:56:C1:4C:D8:72:4F:9A:90:96:27:B9:4E:00:6C:F6:9D:12:30:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFbBTNhyT5qQlie5TgBs9p0SMHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/1-KWtmwoJrP4KncxL9QMCiHdYbeI.roa
Signing time: Wed 25 Oct 2023 08:36:16 +0000
ROA not before: Wed 25 Oct 2023 08:36:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44654
IP address blocks: 185.36.124.0/22 maxlen: 24
185.36.124.0/24 maxlen: 24
185.36.124.0/23 maxlen: 23
185.36.125.0/24 maxlen: 24
109.205.8.0/21 maxlen: 24
37.252.215.0/24 maxlen: 24
37.252.211.0/24 maxlen: 24
37.252.210.0/23 maxlen: 23
37.252.210.0/24 maxlen: 24
37.252.209.0/24 maxlen: 24
37.252.208.0/24 maxlen: 24
37.252.208.0/23 maxlen: 23
37.252.213.0/24 maxlen: 24
37.252.212.0/24 maxlen: 24
37.252.212.0/23 maxlen: 23
2a02:d8:8::/48 maxlen: 48
2a02:d8:9::/48 maxlen: 48
2a02:d8:a::/48 maxlen: 48
2a02:d8::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:65:fa:2c:d0:d1:e4:6c:c7:4f:4a:f3:f5:e0:21:70:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4456c14cd8724f9a909627b94e006cf69d12307b
Validity
Not Before: Oct 25 08:36:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8a5ad9b0a09acfe0a9dcc4bf503028877586de2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:94:d0:e4:ab:39:19:6d:b6:fe:bc:04:c0:62:
d9:fc:25:db:88:96:db:98:a8:66:c0:47:84:57:c3:
cb:e3:c2:c1:6b:97:25:ab:e8:80:8e:4b:90:c1:7a:
30:5d:5a:5d:9f:9c:e3:53:a6:03:18:79:62:d7:9f:
e7:7a:f3:ba:34:17:ae:ef:4a:3c:38:1d:04:65:77:
43:94:31:ba:f1:d3:6e:3d:5d:68:9b:b5:75:1d:57:
a8:a5:53:5c:3c:96:27:66:66:f6:e0:8a:ee:4b:3b:
98:b9:2c:2d:fe:8d:6b:e3:60:4a:47:7d:81:a9:4d:
84:c8:ae:2d:71:3c:d8:49:5f:d6:c3:71:cf:52:a7:
4c:cd:cc:46:c6:f4:cd:a4:b1:4e:5e:b6:ff:34:b1:
92:74:11:a3:5c:ea:f9:68:b6:2d:e2:78:57:80:bc:
82:76:8b:5a:10:0b:cc:f1:f5:7c:a6:c7:e5:7f:0a:
a2:74:5e:47:98:a2:8e:de:62:0c:d7:b9:33:55:14:
ca:38:c5:f5:7e:a1:f1:e7:e8:39:ef:65:54:2c:9b:
da:0f:33:9a:77:75:1f:76:ef:af:f3:f8:ac:0c:1c:
0c:62:3f:fe:39:13:31:a9:39:bb:f8:b4:43:2c:f8:
b6:f1:c6:d0:0c:77:b4:eb:90:7d:a8:dd:77:fa:71:
f3:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:A5:AD:9B:0A:09:AC:FE:0A:9D:CC:4B:F5:03:02:88:77:58:6D:E2
X509v3 Authority Key Identifier:
keyid:44:56:C1:4C:D8:72:4F:9A:90:96:27:B9:4E:00:6C:F6:9D:12:30:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFbBTNhyT5qQlie5TgBs9p0SMHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/1-KWtmwoJrP4KncxL9QMCiHdYbeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/RFbBTNhyT5qQlie5TgBs9p0SMHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.208.0-37.252.213.255
37.252.215.0/24
109.205.8.0/21
185.36.124.0/22
IPv6:
2a02:d8::/32
Signature Algorithm: sha256WithRSAEncryption
20:75:8a:87:cb:82:55:51:6a:67:a4:f3:d5:76:8a:47:85:08:
11:40:c4:4a:71:10:12:90:8e:1d:5f:f8:91:bb:b5:08:14:00:
00:01:1f:c9:db:7c:10:26:e8:f5:5d:eb:42:02:2f:57:1e:00:
db:a3:0f:73:ff:4a:31:c8:e5:6a:f2:20:10:e8:36:80:0c:46:
6f:a2:62:f3:4d:73:ad:96:e6:b6:96:6e:85:8d:97:77:34:7d:
87:a2:fe:a6:db:45:21:13:3a:b1:9b:ca:4f:fa:bc:6f:bb:5c:
2e:3b:7a:69:6b:8a:bb:c1:d5:97:98:70:99:79:bc:0f:84:56:
e9:8b:0e:cb:45:95:a5:d0:aa:b4:d0:d3:a1:f1:d7:aa:45:a2:
09:08:0f:73:46:2f:d5:32:12:88:b4:ef:cc:08:dd:e0:4e:12:
8a:e4:4d:f8:07:35:54:09:84:35:53:1a:a7:bd:56:dc:18:01:
3e:46:5e:14:33:78:69:04:06:67:b3:09:3e:96:71:cc:75:08:
c2:19:2c:02:a1:91:be:ce:9e:fd:ac:b8:9d:50:23:05:6a:0a:
e2:06:15:f0:5c:e5:57:38:4d:b2:e7:9a:67:1e:82:e4:0e:50:
ec:bc:d7:04:b2:42:63:97:be:7a:ff:d1:0f:39:5e:ff:17:a8:
63:cc:fa:5d
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYtl+izQ0eRsx09K8/XgIXDrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTZjMTRjZDg3MjRmOWE5MDk2MjdiOTRlMDA2Y2Y2OWQx
MjMwN2IwHhcNMjMxMDI1MDgzNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGE1YWQ5YjBhMDlhY2ZlMGE5ZGNjNGJmNTAzMDI4ODc3NTg2ZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZTQ5Ks5GW22/rwEwGLZ/CXbiJbb
mKhmwEeEV8PL48LBa5clq+iAjkuQwXowXVpdn5zjU6YDGHli15/nevO6NBeu70o8
OB0EZXdDlDG68dNuPV1om7V1HVeopVNcPJYnZmb24IruSzuYuSwt/o1r42BKR32B
qU2EyK4tcTzYSV/Ww3HPUqdMzcxGxvTNpLFOXrb/NLGSdBGjXOr5aLYt4nhXgLyC
dotaEAvM8fV8psflfwqidF5HmKKO3mIM17kzVRTKOMX1fqHx5+g572VULJvaDzOa
d3Ufdu+v8/isDBwMYj/+ORMxqTm7+LRDLPi28cbQDHe065B9qN13+nHzvQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFPilrZsKCaz+Cp3MS/UDAoh3WG3iMB8GA1UdIwQY
MBaAFERWwUzYck+akJYnuU4AbPadEjB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZiQlROaHlUNXFRbGllNVRnQnM5cDBTTUhzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS81ZWNmYzItZGE3MC00MzMzLThmOTYt
NWI4NzgyNWMwN2VlLzEvMS1LV3Rtd29KclA0S25jeEw5UU1DaUhkWWJlSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzUvNWVjZmMyLWRhNzAtNDMzMy04Zjk2LTViODc4MjVjMDdl
ZS8xL1JGYkJUTmh5VDVxUWxpZTVUZ0JzOXAwU01Icy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBIBggrBgEFBQcBBwEB/wQ5MDcwJgQCAAEwIDAMAwQEJfzQ
AwQBJfzUAwQAJfzXAwQDbc0IAwQCuSR8MA0EAgACMAcDBQAqAgDYMA0GCSqGSIb3
DQEBCwUAA4IBAQAgdYqHy4JVUWpnpPPVdopHhQgRQMRKcRASkI4dX/iRu7UIFAAA
AR/J23wQJuj1XetCAi9XHgDbow9z/0oxyOVq8iAQ6DaADEZvomLzTXOtlua2lm6F
jZd3NH2Hov6m20UhEzqxm8pP+rxvu1wuO3ppa4q7wdWXmHCZebwPhFbpiw7LRZWl
0Kq00NOh8deqRaIJCA9zRi/VMhKItO/MCN3gThKK5E34BzVUCYQ1UxqnvVbcGAE+
Rl4UM3hpBAZnswk+lnHMdQjCGSwCoZG+zp79rLidUCMFagriBhXwXOVXOE2y55pn
HoLkDlDsvNcEskJjl756/9EPOV7/F6hjzPpd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:11 2024 by rpki-client on console-fra.rpki-client.org