Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/0nNl5aeOCtYVQu6BKMkXE1VtRo8.roa
File: 0nNl5aeOCtYVQu6BKMkXE1VtRo8.roa (raw, json)
Hash identifier: Saj9LP3x4N8dZW6HGbcpZoQpWrjpMRc6tr0NLC5Vlpo=
Subject key identifier: D2:73:65:E5:A7:8E:0A:D6:15:42:EE:81:28:C9:17:13:55:6D:46:8F
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01892B0DE431ABEEC39C1A70644163D074EB
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/0nNl5aeOCtYVQu6BKMkXE1VtRo8.roa
Signing time: Thu 06 Jul 2023 11:54:37 +0000
ROA not before: Thu 06 Jul 2023 11:54:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7393
IP address blocks: 89.38.136.0/24 maxlen: 24
91.209.12.0/24 maxlen: 24
78.142.243.0/24 maxlen: 24
45.86.37.0/24 maxlen: 24
188.241.248.0/24 maxlen: 24
188.241.159.0/24 maxlen: 24
193.221.210.0/24 maxlen: 24
62.197.128.0/24 maxlen: 24
5.180.178.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Jul 2023 11:58:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:2b:0d:e4:31:ab:ee:c3:9c:1a:70:64:41:63:d0:74:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 6 11:54:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d27365e5a78e0ad61542ee8128c91713556d468f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a8:98:92:bf:a5:5a:0e:44:3a:45:45:22:d3:
5e:db:07:6a:32:bf:4a:96:71:7c:1c:a7:5c:3f:bc:
07:5b:48:9f:7a:be:ae:e3:20:4e:75:ef:77:34:69:
ff:1a:ca:17:08:7a:d9:47:bd:91:74:bf:5e:79:ca:
37:8b:ae:7e:52:3d:d1:15:db:69:cc:10:50:ba:af:
65:2b:83:7a:73:a1:4b:49:51:ee:55:fe:aa:f5:10:
16:67:b1:f0:d0:22:49:ab:58:14:67:3f:e8:cb:e8:
b8:9d:c9:65:ca:8a:66:5b:70:f4:31:18:0c:b4:37:
51:e2:7c:c5:2f:cc:9a:6d:61:3e:b8:68:a4:3f:39:
88:8b:8c:59:6e:ba:98:9a:f1:80:a5:7b:fe:b1:ba:
37:08:b1:fa:f7:46:65:d7:e3:f2:f7:8f:62:1c:44:
4b:a2:0b:6c:55:72:0b:17:70:62:98:83:93:0a:54:
d5:d7:0d:d7:7c:37:bb:9d:f2:d7:62:a6:a8:73:3e:
79:3b:73:c8:15:9c:22:1e:70:4b:7c:68:27:1f:9f:
b1:38:22:cb:56:bb:22:b7:5f:7e:95:7e:5d:90:8b:
58:e7:63:d6:5d:f9:e6:a9:24:20:49:10:7f:46:6f:
22:0b:43:53:12:6b:76:fd:e8:28:a7:e2:ee:8a:25:
74:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:73:65:E5:A7:8E:0A:D6:15:42:EE:81:28:C9:17:13:55:6D:46:8F
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/0nNl5aeOCtYVQu6BKMkXE1VtRo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.178.0/24
45.86.37.0/24
62.197.128.0/24
78.142.243.0/24
89.38.136.0/24
91.209.12.0/24
188.241.159.0/24
188.241.248.0/24
193.221.210.0/24
Signature Algorithm: sha256WithRSAEncryption
34:eb:89:5c:33:f7:3f:58:6d:75:a9:9a:45:f8:17:f0:d3:f2:
16:0d:4d:c6:f5:da:47:c0:e2:82:c4:a2:87:19:91:1f:30:be:
91:56:92:b5:63:f0:32:99:4d:c9:93:95:8f:b2:10:96:4c:a7:
87:74:8b:5c:0a:31:e5:b9:d7:1b:b1:62:7c:d0:79:8b:db:38:
6c:29:5e:1e:01:99:e4:13:e4:79:2f:ae:c1:82:44:65:4a:6d:
46:29:3e:da:cf:69:a5:15:aa:d3:c4:41:1e:00:49:65:93:99:
d7:69:5e:4d:61:0c:f1:e7:32:15:2c:fd:5b:6a:c2:76:9b:f0:
ad:e6:f5:75:ac:2c:c5:00:4a:cc:17:fb:c0:a0:9e:bf:92:1c:
2e:3e:00:a2:d3:30:14:bf:a4:00:52:b0:1c:a5:90:e7:76:b0:
f2:0c:ec:cc:40:75:8a:21:de:7c:56:8e:d4:77:33:34:05:05:
11:f0:a7:bd:e6:f4:10:6f:bf:f4:9b:46:2c:6d:bb:83:0d:34:
e3:34:5f:86:ec:04:7f:b5:ea:f5:47:22:d3:05:be:4b:52:64:
15:d6:24:4f:b2:97:6b:c1:f5:5d:c7:e4:fc:8a:7e:28:70:08:
20:0d:e2:cc:dd:9a:20:24:60:7f:b2:20:e4:59:4d:1d:22:35:
c1:f7:66:6f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYkrDeQxq+7DnBpwZEFj0HTrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzA2MTE1NDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjczNjVlNWE3OGUwYWQ2MTU0MmVlODEyOGM5MTcxMzU1NmQ0NjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKiYkr+lWg5EOkVFItNe2wdqMr9K
lnF8HKdcP7wHW0ifer6u4yBOde93NGn/GsoXCHrZR72RdL9eeco3i65+Uj3RFdtp
zBBQuq9lK4N6c6FLSVHuVf6q9RAWZ7Hw0CJJq1gUZz/oy+i4ncllyopmW3D0MRgM
tDdR4nzFL8yabWE+uGikPzmIi4xZbrqYmvGApXv+sbo3CLH690Zl1+Py949iHERL
ogtsVXILF3BimIOTClTV1w3XfDe7nfLXYqaocz55O3PIFZwiHnBLfGgnH5+xOCLL
Vrsit19+lX5dkItY52PWXfnmqSQgSRB/Rm8iC0NTEmt2/egop+LuiiV0KQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFNJzZeWnjgrWFULugSjJFxNVbUaPMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMG5ObDVhZU9DdFlWUXU2QktNa1hFMVZ0Um84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQABbSyAwQA
LVYlAwQAPsWAAwQATo7zAwQAWSaIAwQAW9EMAwQAvPGfAwQAvPH4AwQAwd3SMA0G
CSqGSIb3DQEBCwUAA4IBAQA064lcM/c/WG11qZpF+Bfw0/IWDU3G9dpHwOKCxKKH
GZEfML6RVpK1Y/AymU3Jk5WPshCWTKeHdItcCjHludcbsWJ80HmL2zhsKV4eAZnk
E+R5L67BgkRlSm1GKT7az2mlFarTxEEeAEllk5nXaV5NYQzx5zIVLP1basJ2m/Ct
5vV1rCzFAErMF/vAoJ6/khwuPgCi0zAUv6QAUrAcpZDndrDyDOzMQHWKId58Vo7U
dzM0BQUR8Ke95vQQb7/0m0YsbbuDDTTjNF+G7AR/ter1RyLTBb5LUmQV1iRPspdr
wfVdx+T8in4ocAggDeLM3ZogJGB/siDkWU0dIjXB92Zv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:07 2024 by rpki-client on console-ams.rpki-client.org