Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-xLU0l180M0Nbm8M6gTbEn5vIc0.roa
File: 1-xLU0l180M0Nbm8M6gTbEn5vIc0.roa (raw, json)
Hash identifier: CyA00bpuxW82MWriukEQKruHKDz1y6UOO8Q6QrFCZrw=
Subject key identifier: FB:12:D4:D2:5D:7C:D0:CD:0D:6E:6F:0C:EA:04:DB:12:7E:6F:21:CD
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019082A438D52470A89C816EC3A1D8C4272B
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-xLU0l180M0Nbm8M6gTbEn5vIc0.roa
Signing time: Fri 05 Jul 2024 11:25:18 +0000
ROA not before: Fri 05 Jul 2024 11:25:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48806
IP address blocks: 45.146.186.0/24 maxlen: 24
185.205.191.0/24 maxlen: 24
185.228.225.0/24 maxlen: 24
185.239.242.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.241.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jul 2024 11:34:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:82:a4:38:d5:24:70:a8:9c:81:6e:c3:a1:d8:c4:27:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 5 11:25:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb12d4d25d7cd0cd0d6e6f0cea04db127e6f21cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:36:f4:60:a2:32:85:8c:30:f5:70:63:d5:7d:
f1:77:88:df:c3:e2:ae:46:5e:87:7f:87:ed:86:7c:
e6:5f:6f:5f:fa:a0:88:d2:51:8b:dd:bb:6e:8e:68:
3f:86:15:99:19:a3:21:0a:17:59:b1:8f:c8:4c:80:
9a:6b:b3:21:12:73:7b:72:06:89:7c:a5:b6:bc:13:
dc:49:16:dd:b7:5c:78:ea:98:71:3b:c8:75:eb:b5:
5f:5a:56:8a:e8:7a:d7:12:44:62:ba:67:dc:e6:68:
09:b0:87:e8:6f:23:08:b0:bc:f1:0b:93:5a:5b:10:
e4:e9:0c:5e:b7:71:6f:66:26:08:1d:a2:1d:09:94:
a9:cd:78:42:83:2d:38:af:1f:21:e3:8a:4c:13:8e:
00:32:f1:14:04:4e:67:eb:11:1f:d9:39:ce:07:f6:
d9:95:96:b8:b0:e4:a9:97:c1:e3:fe:52:09:14:2e:
7a:3a:f0:7d:38:e7:a8:ec:89:58:89:5a:8d:3e:c4:
8c:10:8a:f1:24:06:30:e6:79:36:34:f4:14:ea:55:
21:1a:4e:1b:bf:d3:6f:7c:76:b9:00:ff:f7:e1:f7:
ac:b7:3e:c5:88:a6:43:ad:1a:6e:94:ef:33:b1:da:
9a:c8:ad:85:52:68:62:11:c1:71:78:de:cf:30:64:
16:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:12:D4:D2:5D:7C:D0:CD:0D:6E:6F:0C:EA:04:DB:12:7E:6F:21:CD
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-xLU0l180M0Nbm8M6gTbEn5vIc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.186.0/24
185.205.191.0/24
185.228.225.0/24
185.239.242.0/24
188.212.155.0/24
188.241.182.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:27:b2:a0:64:5d:0f:ae:77:fd:74:d7:fb:68:70:b9:0b:08:
ea:7f:27:87:be:9a:5f:9d:b5:0e:51:8b:65:69:12:8b:b9:75:
b0:0b:cc:f7:84:34:a9:f8:97:73:f4:02:d2:b5:5e:fb:31:ac:
5f:11:58:4d:a4:34:ff:cf:0e:02:d6:f5:fc:54:16:a5:38:9e:
c4:16:b0:b0:0c:a8:02:2d:af:d8:8c:84:96:10:dc:a6:97:8b:
35:9d:48:7e:3d:9b:ef:3d:a6:08:bd:7c:77:54:38:9e:fa:59:
16:ba:4c:19:bb:29:01:8b:39:1c:f2:7e:5a:f8:79:63:06:6e:
aa:ea:81:57:1f:0e:75:8c:64:de:f6:c6:63:7a:4f:71:35:ec:
1a:63:6d:7e:d5:9e:cc:ae:3d:77:81:9a:11:43:68:8b:0d:87:
93:fd:3b:1d:78:38:4e:5a:d0:d8:af:0d:fa:17:61:80:4e:25:
0c:65:14:ce:c9:7a:26:48:e8:60:99:0a:fb:34:92:c2:c2:7c:
99:ee:26:0c:b2:9f:70:a3:13:fa:10:42:6a:89:a3:9f:fb:52:
17:99:3d:b5:b7:65:ca:6b:27:69:12:0d:ad:8c:41:79:f9:58:
aa:3a:91:e7:38:5a:bc:6e:19:2f:23:a1:2a:55:4b:89:09:ec:
8e:11:61:e5
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZCCpDjVJHConIFuw6HYxCcrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwNzA1MTEyNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjEyZDRkMjVkN2NkMGNkMGQ2ZTZmMGNlYTA0ZGIxMjdlNmYyMWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjb0YKIyhYww9XBj1X3xd4jfw+Ku
Rl6Hf4fthnzmX29f+qCI0lGL3btujmg/hhWZGaMhChdZsY/ITICaa7MhEnN7cgaJ
fKW2vBPcSRbdt1x46phxO8h167VfWlaK6HrXEkRiumfc5mgJsIfobyMIsLzxC5Na
WxDk6Qxet3FvZiYIHaIdCZSpzXhCgy04rx8h44pME44AMvEUBE5n6xEf2TnOB/bZ
lZa4sOSpl8Hj/lIJFC56OvB9OOeo7IlYiVqNPsSMEIrxJAYw5nk2NPQU6lUhGk4b
v9NvfHa5AP/34festz7FiKZDrRpulO8zsdqayK2FUmhiEcFxeN7PMGQWjQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFPsS1NJdfNDNDW5vDOoE2xJ+byHNMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMS14TFUwbDE4ME0wTmJtOE02Z1RiRW41dkljMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1
OC8xL05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAC2SugME
ALnNvwMEALnk4QMEALnv8gMEALzUmwMEALzxtjANBgkqhkiG9w0BAQsFAAOCAQEA
fCeyoGRdD653/XTX+2hwuQsI6n8nh76aX521DlGLZWkSi7l1sAvM94Q0qfiXc/QC
0rVe+zGsXxFYTaQ0/88OAtb1/FQWpTiexBawsAyoAi2v2IyElhDcppeLNZ1Ifj2b
7z2mCL18d1Q4nvpZFrpMGbspAYs5HPJ+Wvh5YwZuquqBVx8OdYxk3vbGY3pPcTXs
GmNtftWezK49d4GaEUNoiw2Hk/07HXg4TlrQ2K8N+hdhgE4lDGUUzsl6JkjoYJkK
+zSSwsJ8me4mDLKfcKMT+hBCaomjn/tSF5k9tbdlymsnaRINrYxBeflYqjqR5zha
vG4ZLyOhKlVLiQnsjhFh5Q==
-----END CERTIFICATE-----
Generated at Mon Jul 22 16:02:47 2024 by rpki-client on console-fra.rpki-client.org