Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/0IrMTV0v36sWkYip7qkiRf67RNo.roa
File: 0IrMTV0v36sWkYip7qkiRf67RNo.roa (raw, json)
Hash identifier: Z5LTBT+r7NhiPnQRZQiyEwlLj8dB6H4aOIOdj3b7fU8=
Subject key identifier: D0:8A:CC:4D:5D:2F:DF:AB:16:91:88:A9:EE:A9:22:45:FE:BB:44:DA
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0191FB116D4BD0035A1F2C4B910F8BB1591C
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/0IrMTV0v36sWkYip7qkiRf67RNo.roa
Signing time: Mon 16 Sep 2024 13:41:48 +0000
ROA not before: Mon 16 Sep 2024 13:41:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 45.83.29.0/24 maxlen: 24
45.88.20.0/24 maxlen: 24
45.88.22.0/24 maxlen: 24
45.89.36.0/24 maxlen: 24
45.89.38.0/24 maxlen: 24
45.92.2.0/24 maxlen: 24
45.134.138.0/24 maxlen: 24
45.143.54.0/24 maxlen: 24
45.145.46.0/24 maxlen: 24
45.146.187.0/24 maxlen: 24
45.156.157.0/24 maxlen: 24
45.156.159.0/24 maxlen: 24
87.247.148.0/22 maxlen: 24
91.190.96.0/24 maxlen: 24
91.190.99.0/24 maxlen: 24
91.190.104.0/24 maxlen: 24
91.217.250.0/24 maxlen: 24
178.239.205.0/24 maxlen: 24
185.184.135.0/24 maxlen: 24
185.205.189.0/24 maxlen: 24
188.240.75.0/24 maxlen: 24
217.74.16.0/24 maxlen: 24
2a0b:64c1::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 17 Sep 2024 05:09:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:fb:11:6d:4b:d0:03:5a:1f:2c:4b:91:0f:8b:b1:59:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Sep 16 13:41:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d08acc4d5d2fdfab169188a9eea92245febb44da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:7a:3b:0f:d1:c4:26:11:e8:20:85:d1:da:ac:
21:c8:c2:82:ea:d7:ae:0b:b0:bc:97:99:95:ba:96:
f0:7d:56:65:0b:89:4d:15:93:37:e7:99:27:74:f3:
d0:53:6e:39:5f:e2:0c:4a:1e:fb:60:dc:b3:56:6e:
02:58:53:af:f9:47:46:cf:74:49:85:a0:2a:5e:21:
e8:fc:81:40:47:7f:d2:0c:3d:25:f3:c5:c3:3e:1d:
c2:73:c6:68:e2:77:9b:9a:9a:3a:e8:53:82:6c:6f:
99:72:c1:d9:ca:22:55:f8:21:cf:57:cf:21:96:bd:
14:17:5c:3c:91:f6:30:15:c6:90:4e:57:a7:86:a4:
9d:c7:65:5d:d3:84:87:56:a9:c5:7e:48:89:9c:16:
3d:4a:c9:c3:fc:8b:20:47:84:02:11:a1:dd:f5:03:
71:ab:d7:2c:0d:1a:23:6f:03:c8:68:5d:e1:f6:39:
5e:2a:f3:f9:aa:73:f4:cb:4f:9f:36:e0:15:9c:12:
53:a9:07:68:bd:43:8f:2a:08:8f:fe:0e:c1:19:84:
ff:57:73:40:61:b0:1a:1c:7b:53:8e:92:6f:35:63:
15:e6:7b:1a:1d:e3:1c:44:b7:05:7f:ab:98:4a:ce:
87:5b:15:52:7f:f5:78:6d:dd:12:7c:82:13:14:00:
f2:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:8A:CC:4D:5D:2F:DF:AB:16:91:88:A9:EE:A9:22:45:FE:BB:44:DA
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/0IrMTV0v36sWkYip7qkiRf67RNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.29.0/24
45.88.20.0/24
45.88.22.0/24
45.89.36.0/24
45.89.38.0/24
45.92.2.0/24
45.134.138.0/24
45.143.54.0/24
45.145.46.0/24
45.146.187.0/24
45.156.157.0/24
45.156.159.0/24
87.247.148.0/22
91.190.96.0/24
91.190.99.0/24
91.190.104.0/24
91.217.250.0/24
178.239.205.0/24
185.184.135.0/24
185.205.189.0/24
188.240.75.0/24
217.74.16.0/24
IPv6:
2a0b:64c1::/32
Signature Algorithm: sha256WithRSAEncryption
39:59:c4:c9:52:0a:9f:47:4d:af:f6:1c:f9:ac:33:c5:dc:af:
cf:22:4f:7e:b5:07:19:1c:5f:00:ee:31:7f:3d:e0:b1:42:b7:
b0:f8:2d:1a:62:39:45:2c:cd:7a:be:4a:20:7c:e6:c9:ab:67:
38:41:3d:46:97:f8:55:dc:70:12:52:f7:5b:72:a3:97:51:cb:
9d:22:40:51:d0:7d:68:97:97:7c:c6:54:af:b9:7c:54:b8:5a:
4f:44:ba:9c:c9:27:71:80:e5:45:36:0e:9b:04:97:ae:da:a2:
ee:73:1a:c8:fb:31:fd:20:1b:ca:92:8a:3d:99:7f:df:f9:52:
42:55:01:b7:6b:f9:f0:b9:28:b0:44:a3:5f:55:79:82:1f:63:
9f:d6:fa:71:af:24:a5:2f:d3:8d:2b:78:80:bc:47:b1:3e:d8:
4c:66:e5:a5:af:41:5f:13:76:9a:2a:a3:6b:78:80:6a:0d:9e:
51:db:62:13:65:37:8e:4b:b1:f8:73:cd:cf:9b:d4:7d:22:62:
c9:43:b4:ec:14:f2:33:b5:d8:c5:bc:d3:a9:31:04:2b:33:0d:
41:7a:d4:b7:21:aa:1b:dd:ba:5f:c5:ea:f4:9a:c0:61:90:02:
64:d6:df:72:32:53:1e:c7:db:d2:57:9e:a3:95:11:00:65:66:
03:85:30:5f
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAZH7EW1L0ANaHyxLkQ+LsVkcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwOTE2MTM0MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDhhY2M0ZDVkMmZkZmFiMTY5MTg4YTllZWE5MjI0NWZlYmI0NGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHo7D9HEJhHoIIXR2qwhyMKC6teu
C7C8l5mVupbwfVZlC4lNFZM355kndPPQU245X+IMSh77YNyzVm4CWFOv+UdGz3RJ
haAqXiHo/IFAR3/SDD0l88XDPh3Cc8Zo4nebmpo66FOCbG+ZcsHZyiJV+CHPV88h
lr0UF1w8kfYwFcaQTlenhqSdx2Vd04SHVqnFfkiJnBY9SsnD/IsgR4QCEaHd9QNx
q9csDRojbwPIaF3h9jleKvP5qnP0y0+fNuAVnBJTqQdovUOPKgiP/g7BGYT/V3NA
YbAaHHtTjpJvNWMV5nsaHeMcRLcFf6uYSs6HWxVSf/V4bd0SfIITFADysQIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFNCKzE1dL9+rFpGIqe6pIkX+u0TaMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMElyTVRWMHYzNnNXa1lpcDdxa2lSZjY3Uk5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTCBiwQCAAEwgYQDBAAt
Ux0DBAAtWBQDBAAtWBYDBAAtWSQDBAAtWSYDBAAtXAIDBAAthooDBAAtjzYDBAAt
kS4DBAAtkrsDBAAtnJ0DBAAtnJ8DBAJX95QDBABbvmADBABbvmMDBABbvmgDBABb
2foDBACy780DBAC5uIcDBAC5zb0DBAC88EsDBADZShAwDQQCAAIwBwMFACoLZMEw
DQYJKoZIhvcNAQELBQADggEBADlZxMlSCp9HTa/2HPmsM8Xcr88iT361BxkcXwDu
MX894LFCt7D4LRpiOUUszXq+SiB85smrZzhBPUaX+FXccBJS91tyo5dRy50iQFHQ
fWiXl3zGVK+5fFS4Wk9EupzJJ3GA5UU2DpsEl67aou5zGsj7Mf0gG8qSij2Zf9/5
UkJVAbdr+fC5KLBEo19VeYIfY5/W+nGvJKUv040reIC8R7E+2Exm5aWvQV8Tdpoq
o2t4gGoNnlHbYhNlN45Lsfhzzc+b1H0iYslDtOwU8jO12MW806kxBCszDUF61Lch
qhvdul/F6vSawGGQAmTW33IyUx7H29JXnqOVEQBlZgOFMF8=
-----END CERTIFICATE-----
Generated at Tue Sep 17 08:50:24 2024 by rpki-client on console-ams.rpki-client.org