Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/rNM4B1LmoaR6USNGSEcY1yxoc1U.roa
File: rNM4B1LmoaR6USNGSEcY1yxoc1U.roa (raw, json)
Hash identifier: jKBakRpjm07q59BzBls67Cms6hHQRdIgKduBFTKu1vo=
Subject key identifier: AC:D3:38:07:52:E6:A1:A4:7A:51:23:46:48:47:18:D7:2C:68:73:55
Certificate issuer: /CN=33c342c06aacc359d39439ff58defa8ea1875748
Certificate serial: 01856F0B624CF91AD0FC7E645050366D98EF
Authority key identifier: 33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/rNM4B1LmoaR6USNGSEcY1yxoc1U.roa
Signing time: Sun 01 Jan 2023 20:34:55 +0000
ROA not before: Sun 01 Jan 2023 20:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50374
IP address blocks: 109.236.240.0/24 maxlen: 24
109.236.241.0/24 maxlen: 24
185.216.100.0/22 maxlen: 22
45.146.64.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:62:4c:f9:1a:d0:fc:7e:64:50:50:36:6d:98:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33c342c06aacc359d39439ff58defa8ea1875748
Validity
Not Before: Jan 1 20:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=acd3380752e6a1a47a512346484718d72c687355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:76:ad:3b:5f:8f:cc:01:e4:84:3b:ca:3a:51:
a7:df:44:eb:c9:9e:c2:75:49:64:0b:ce:d4:34:ef:
5b:24:30:fd:68:88:ab:dd:28:c9:3e:56:b1:05:09:
be:c6:8e:7b:13:39:1d:d6:08:15:f8:f1:7b:b9:bd:
5c:fd:36:85:87:f3:21:b0:06:ba:f5:59:aa:9e:30:
fc:d0:df:6b:06:d5:8c:2f:dc:d5:02:64:39:a3:be:
96:d4:9e:de:76:f9:1f:40:4b:30:d4:3c:64:f7:80:
48:9d:9f:3e:51:30:53:d2:54:c7:29:f5:5f:d4:45:
38:3f:14:ec:10:8d:a2:1f:e6:d1:55:4a:0c:f6:f1:
bd:65:0c:91:ee:34:d3:31:2e:69:b3:da:6f:e9:33:
fa:86:ea:c1:d0:7f:b4:3f:80:c7:af:ff:df:75:d3:
a4:fd:94:01:ce:de:a2:7b:c0:30:67:ea:85:bd:0e:
c3:6f:bd:5e:22:fa:ba:c8:5b:72:37:e3:be:e3:ff:
58:ec:4b:96:97:ac:13:0f:54:c5:ef:36:32:7a:c2:
4c:7d:42:84:62:e2:e7:d5:4a:47:17:fd:74:b0:6b:
dd:a5:f5:dc:57:ae:9b:14:99:6a:7a:08:91:b7:3f:
44:98:1c:47:18:f7:b6:54:f3:91:0f:c3:07:47:b0:
fa:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:D3:38:07:52:E6:A1:A4:7A:51:23:46:48:47:18:D7:2C:68:73:55
X509v3 Authority Key Identifier:
keyid:33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/rNM4B1LmoaR6USNGSEcY1yxoc1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/M8NCwGqsw1nTlDn_WN76jqGHV0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.64.0/22
109.236.240.0/23
185.216.100.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:13:e9:85:da:6e:e7:6b:4e:92:51:d6:47:cb:d2:8c:54:6f:
35:a6:95:de:c9:9a:35:a9:82:d0:2b:44:cd:62:88:e0:91:9a:
7d:f8:28:22:d1:8c:91:cf:66:08:c4:92:8b:e4:65:09:d3:00:
2f:30:2e:d0:6f:70:93:f4:70:d7:90:13:da:ff:22:a7:04:74:
a7:c5:2c:a3:a1:dc:15:b7:96:b0:a4:c2:04:e6:15:94:7f:e2:
b0:90:90:08:53:81:f6:c0:eb:af:cc:b8:51:87:5e:0b:c2:b9:
03:15:7e:f1:9a:19:2d:a7:d0:b1:a4:c0:96:67:8e:fa:63:82:
f5:20:34:45:9e:20:d3:5c:7a:aa:b8:a5:d2:28:3d:ce:0c:86:
f8:41:8b:33:8d:c8:f8:09:11:ef:aa:f4:c7:8f:f5:59:03:4a:
e3:f2:da:83:d7:01:53:a7:7d:9e:36:ea:fb:0f:9d:c4:f2:c9:
cd:5f:ba:ec:d5:b0:ff:f4:69:28:0e:1c:d3:e6:75:df:bc:4d:
f9:cf:e3:ce:87:25:29:a4:21:ab:22:aa:26:05:d2:bd:ea:97:
c9:21:ea:e1:52:f7:1a:3d:a9:8e:90:ff:78:bb:ce:6c:ed:5c:
47:28:c8:b8:84:e7:f3:2c:66:8e:d3:c3:e4:17:17:7b:70:c7:
0c:a0:1c:43
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvC2JM+RrQ/H5kUFA2bZjvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYzM0MmMwNmFhY2MzNTlkMzk0MzlmZjU4ZGVmYThlYTE4
NzU3NDgwHhcNMjMwMTAxMjAzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2QzMzgwNzUyZTZhMWE0N2E1MTIzNDY0ODQ3MThkNzJjNjg3MzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHatO1+PzAHkhDvKOlGn30TryZ7C
dUlkC87UNO9bJDD9aIir3SjJPlaxBQm+xo57Ezkd1ggV+PF7ub1c/TaFh/MhsAa6
9VmqnjD80N9rBtWML9zVAmQ5o76W1J7edvkfQEsw1Dxk94BInZ8+UTBT0lTHKfVf
1EU4PxTsEI2iH+bRVUoM9vG9ZQyR7jTTMS5ps9pv6TP6hurB0H+0P4DHr//fddOk
/ZQBzt6ie8AwZ+qFvQ7Db71eIvq6yFtyN+O+4/9Y7EuWl6wTD1TF7zYyesJMfUKE
YuLn1UpHF/10sGvdpfXcV66bFJlqegiRtz9EmBxHGPe2VPORD8MHR7D6/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKzTOAdS5qGkelEjRkhHGNcsaHNVMB8GA1UdIwQY
MBaAFDPDQsBqrMNZ05Q5/1je+o6hh1dIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTThOQ3dHcXN3MW5UbERuX1dONzZqcUdIVjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9jNTVmZGYtYTY4YS00YWEwLWI4YzUt
N2YyMzMzNjA0OTk3LzEvck5NNEIxTG1vYVI2VVNOR1NFY1kxeXhvYzFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9jNTVmZGYtYTY4YS00YWEwLWI4YzUtN2YyMzMzNjA0OTk3
LzEvTThOQ3dHcXN3MW5UbERuX1dONzZqcUdIVjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZJAAwQB
bezwAwQCudhkMA0GCSqGSIb3DQEBCwUAA4IBAQCtE+mF2m7na06SUdZHy9KMVG81
ppXeyZo1qYLQK0TNYojgkZp9+Cgi0YyRz2YIxJKL5GUJ0wAvMC7Qb3CT9HDXkBPa
/yKnBHSnxSyjodwVt5awpMIE5hWUf+KwkJAIU4H2wOuvzLhRh14LwrkDFX7xmhkt
p9CxpMCWZ476Y4L1IDRFniDTXHqquKXSKD3ODIb4QYszjcj4CRHvqvTHj/VZA0rj
8tqD1wFTp32eNur7D53E8snNX7rs1bD/9GkoDhzT5nXfvE35z+POhyUppCGrIqom
BdK96pfJIerhUvcaPamOkP94u85s7VxHKMi4hOfzLGaO08PkFxd7cMcMoBxD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:28 2024 by rpki-client on console-ams.rpki-client.org