Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/100_bM1Bfr8jpXMf8-Rfv80QjFw.roa
File: 100_bM1Bfr8jpXMf8-Rfv80QjFw.roa (raw, json)
Hash identifier: FXwSUdTXAxgcQfNQmJl8T2+1Jymvb0y9w2l8uydebK0=
Subject key identifier: D7:4D:3F:6C:CD:41:7E:BF:23:A5:73:1F:F3:E4:5F:BF:CD:10:8C:5C
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018571031E587E3ED708C29655D53010D523
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/100_bM1Bfr8jpXMf8-Rfv80QjFw.roa
Signing time: Mon 02 Jan 2023 05:45:07 +0000
ROA not before: Mon 02 Jan 2023 05:45:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211826
IP address blocks: 45.130.200.0/24 maxlen: 24
194.32.123.0/24 maxlen: 24
45.135.185.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Feb 2023 06:08:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:03:1e:58:7e:3e:d7:08:c2:96:55:d5:30:10:d5:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 2 05:45:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d74d3f6ccd417ebf23a5731ff3e45fbfcd108c5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:94:14:51:9a:7a:85:08:bb:fc:66:ad:c9:dc:
ee:67:e5:fd:ee:0a:55:4d:0b:12:6e:dd:2a:ee:42:
41:47:c4:f5:8b:d4:40:c8:b4:f6:45:5c:0e:87:fe:
6e:9a:00:ca:9d:df:41:4d:8d:0a:f7:b0:ab:78:3a:
a5:2b:77:ed:f1:b2:35:dd:25:14:44:87:84:76:c1:
93:72:d2:3e:24:87:53:e7:75:dc:73:26:53:d7:fc:
fd:26:cd:c8:dd:52:4b:b7:17:d2:cb:9e:69:eb:40:
ff:74:a6:91:7f:ed:e1:cc:d8:ec:27:b4:ef:36:1d:
10:5b:65:00:e4:84:ab:ac:ac:38:6d:2b:95:0b:61:
c5:19:4b:48:c8:fb:a4:74:92:e4:a1:da:22:97:49:
1c:c5:38:08:13:f7:83:f1:5b:e7:93:d0:c8:9d:5c:
b0:10:81:21:7c:94:3e:e2:5c:ce:f6:75:1e:f9:29:
11:aa:2a:26:7b:74:f9:fb:04:3e:96:00:7e:b0:51:
7e:fb:8c:35:b5:c4:d8:db:4c:be:10:52:d4:21:23:
9c:f2:30:fe:87:9d:16:9f:0a:06:96:9d:fa:ef:82:
e1:4c:1c:8a:bc:79:2e:84:09:36:b9:4d:c7:de:cd:
ac:0d:e5:c0:c0:61:22:5b:eb:79:d0:98:05:a5:d2:
fb:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:4D:3F:6C:CD:41:7E:BF:23:A5:73:1F:F3:E4:5F:BF:CD:10:8C:5C
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/100_bM1Bfr8jpXMf8-Rfv80QjFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.200.0/24
45.135.185.0/24
194.32.123.0/24
Signature Algorithm: sha256WithRSAEncryption
51:c9:51:67:93:4b:70:9d:bb:5b:b8:62:69:ec:28:1a:70:4f:
ae:0c:f7:97:bc:a1:8b:72:ee:e3:9f:4b:93:ec:ec:8a:58:60:
ba:18:f2:03:1c:81:28:a4:fc:15:ae:12:9a:f3:39:a5:dd:80:
e0:d1:36:ed:58:88:19:1c:4b:19:5e:9f:be:2f:3b:f1:c3:3b:
02:f8:6e:53:fe:f6:10:39:95:5e:32:73:79:03:dd:99:27:a5:
20:39:6b:ce:7c:cf:68:d8:6b:c3:81:01:b0:3b:3c:9a:46:b2:
36:97:d2:13:54:f6:7a:88:8b:6b:1e:4a:f6:bd:17:7b:d0:82:
b6:c7:82:29:df:ac:5e:bd:01:f7:0d:03:ee:62:28:69:d6:a4:
94:41:e2:83:54:37:d4:b4:da:85:25:44:a3:07:62:e4:43:ec:
41:2b:9f:15:88:72:7c:d0:77:7c:53:4c:35:6d:38:28:8c:90:
f4:94:d5:3a:4f:83:f6:33:d6:89:6c:de:64:39:68:f2:6e:08:
94:fa:02:dd:49:24:dc:86:56:fa:d5:34:5e:95:e8:d1:72:6a:
1b:44:0f:cf:1f:0c:37:66:e4:f8:7e:38:31:95:9a:e8:bb:66:
66:f2:10:75:08:31:b8:52:99:39:cd:89:9b:51:15:09:44:20:
81:f9:d4:fc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxAx5Yfj7XCMKWVdUwENUjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzRkM2Y2Y2NkNDE3ZWJmMjNhNTczMWZmM2U0NWZiZmNkMTA4YzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpQUUZp6hQi7/GatydzuZ+X97gpV
TQsSbt0q7kJBR8T1i9RAyLT2RVwOh/5umgDKnd9BTY0K97CreDqlK3ft8bI13SUU
RIeEdsGTctI+JIdT53XccyZT1/z9Js3I3VJLtxfSy55p60D/dKaRf+3hzNjsJ7Tv
Nh0QW2UA5ISrrKw4bSuVC2HFGUtIyPukdJLkodoil0kcxTgIE/eD8Vvnk9DInVyw
EIEhfJQ+4lzO9nUe+SkRqiome3T5+wQ+lgB+sFF++4w1tcTY20y+EFLUISOc8jD+
h50WnwoGlp3674LhTByKvHkuhAk2uU3H3s2sDeXAwGEiW+t50JgFpdL7uwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNdNP2zNQX6/I6VzH/PkX7/NEIxcMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMTAwX2JNMUJmcjhqcFhNZjgtUmZ2ODBRakZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYLIAwQA
LYe5AwQAwiB7MA0GCSqGSIb3DQEBCwUAA4IBAQBRyVFnk0twnbtbuGJp7CgacE+u
DPeXvKGLcu7jn0uT7OyKWGC6GPIDHIEopPwVrhKa8zml3YDg0TbtWIgZHEsZXp++
LzvxwzsC+G5T/vYQOZVeMnN5A92ZJ6UgOWvOfM9o2GvDgQGwOzyaRrI2l9ITVPZ6
iItrHkr2vRd70IK2x4Ip36xevQH3DQPuYihp1qSUQeKDVDfUtNqFJUSjB2LkQ+xB
K58ViHJ80Hd8U0w1bTgojJD0lNU6T4P2M9aJbN5kOWjybgiU+gLdSSTchlb61TRe
lejRcmobRA/PHww3ZuT4fjgxlZrou2Zm8hB1CDG4Upk5zYmbURUJRCCB+dT8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org