Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/2GdGonbTP33ML6UGzM_fYWlLbGs.roa
File: 2GdGonbTP33ML6UGzM_fYWlLbGs.roa (raw, json)
Hash identifier: 7kkW+Yli6SvLHTnS3HQhg0vUku7ahhhWpPqybUQAEa0=
Subject key identifier: D8:67:46:A2:76:D3:3F:7D:CC:2F:A5:06:CC:CF:DF:61:69:4B:6C:6B
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018E2C851A9281DFCCBEE89B8B1638780C43
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/2GdGonbTP33ML6UGzM_fYWlLbGs.roa
Signing time: Mon 11 Mar 2024 07:58:24 +0000
ROA not before: Mon 11 Mar 2024 07:58:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 45.83.29.0/24 maxlen: 24
45.88.20.0/24 maxlen: 24
45.88.22.0/24 maxlen: 24
45.89.36.0/24 maxlen: 24
45.89.38.0/24 maxlen: 24
45.92.2.0/24 maxlen: 24
45.143.54.0/24 maxlen: 24
45.145.46.0/24 maxlen: 24
45.146.187.0/24 maxlen: 24
87.247.148.0/22 maxlen: 24
89.31.216.0/24 maxlen: 24
91.190.96.0/24 maxlen: 24
91.190.99.0/24 maxlen: 24
91.190.104.0/24 maxlen: 24
91.217.236.0/24 maxlen: 24
91.217.250.0/24 maxlen: 24
185.184.135.0/24 maxlen: 24
185.205.189.0/24 maxlen: 24
185.239.241.0/24 maxlen: 24
185.244.137.0/24 maxlen: 24
185.245.5.0/24 maxlen: 24
185.245.7.0/24 maxlen: 24
188.240.75.0/24 maxlen: 24
217.74.16.0/24 maxlen: 24
2a0b:64c1::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 29 Apr 2024 11:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2c:85:1a:92:81:df:cc:be:e8:9b:8b:16:38:78:0c:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 11 07:58:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d86746a276d33f7dcc2fa506cccfdf61694b6c6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b7:63:15:2f:46:ba:1a:0e:43:66:cd:ca:de:
83:bb:ab:94:72:d2:85:07:11:b9:94:12:cd:fc:67:
77:ba:b1:97:8f:9d:ab:64:ff:41:11:71:38:65:44:
15:82:42:7e:ee:f5:0e:82:aa:0b:08:4a:bd:22:b1:
bc:4f:90:61:30:a4:3f:e5:48:f2:9f:a6:47:44:92:
54:0c:2a:a0:f5:9c:25:57:af:fd:4d:7b:70:45:0e:
b2:86:cb:1c:4a:be:bf:73:fc:24:84:0f:e1:6c:88:
77:2b:93:b6:3e:67:38:fa:09:d1:88:f3:df:08:20:
c6:47:01:5d:46:22:1b:5b:59:39:d7:5c:10:a1:07:
3b:c2:b2:e2:3d:b4:d4:a6:47:ab:cf:37:99:17:a5:
cc:a9:31:61:71:1a:b6:57:1f:68:3e:c2:ec:1c:2a:
cf:21:eb:03:6d:8d:c3:63:b2:65:8a:b1:2c:b7:0f:
df:e5:4a:0a:ea:a9:86:36:55:29:6c:3c:d8:10:48:
71:14:61:23:67:80:aa:46:83:fa:4c:c1:39:8f:48:
9f:33:6d:c2:2e:4f:02:71:91:17:63:1f:82:1d:4c:
fe:f3:6f:b4:ca:fd:08:61:13:ab:1e:d3:65:7f:ae:
45:e2:b2:95:d9:39:db:73:52:82:e5:84:f9:9e:fb:
c2:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:67:46:A2:76:D3:3F:7D:CC:2F:A5:06:CC:CF:DF:61:69:4B:6C:6B
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/2GdGonbTP33ML6UGzM_fYWlLbGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.29.0/24
45.88.20.0/24
45.88.22.0/24
45.89.36.0/24
45.89.38.0/24
45.92.2.0/24
45.143.54.0/24
45.145.46.0/24
45.146.187.0/24
87.247.148.0/22
89.31.216.0/24
91.190.96.0/24
91.190.99.0/24
91.190.104.0/24
91.217.236.0/24
91.217.250.0/24
185.184.135.0/24
185.205.189.0/24
185.239.241.0/24
185.244.137.0/24
185.245.5.0/24
185.245.7.0/24
188.240.75.0/24
217.74.16.0/24
IPv6:
2a0b:64c1::/32
Signature Algorithm: sha256WithRSAEncryption
0d:25:df:f5:a6:33:51:0a:eb:e5:a0:19:20:ec:1b:19:8a:c8:
53:6d:79:ec:36:85:66:b5:bf:62:31:8d:01:89:ed:81:cc:c8:
08:3a:de:41:53:18:d5:0f:bb:9a:f7:f6:9f:d7:fc:1b:8b:7b:
61:14:0d:9f:83:a9:02:03:af:ef:51:35:dc:e3:e0:bd:42:05:
f1:70:f0:79:df:b0:ef:85:62:bc:03:e5:00:86:9f:bd:5b:65:
73:f6:04:bb:a5:6a:0c:32:20:3b:ce:20:53:a8:b3:43:2f:83:
76:a5:7e:da:4e:8f:9a:e4:f5:55:34:22:e4:80:d2:83:a7:bb:
c6:4c:70:49:04:b2:81:75:f8:38:ee:02:0d:3c:b5:bf:68:d1:
c3:07:50:00:b0:29:4c:66:ee:ac:f2:bc:6e:10:e2:d4:3f:2b:
a7:83:43:b8:9b:e5:56:fd:ca:91:db:51:eb:11:4f:c0:25:20:
af:a0:7c:a4:2a:1e:41:96:2d:f0:03:35:4d:82:bb:7c:56:9f:
df:b6:c3:47:e9:49:ad:24:34:80:79:dc:76:e6:9e:96:84:a5:
4c:e8:51:5d:e6:d4:f8:96:9e:e1:51:f7:a9:e2:72:d6:8d:d1:
b2:0c:87:b4:d0:03:2e:a3:af:61:7b:f8:1f:81:10:1f:53:16:
2e:f0:2f:8b
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISAY4shRqSgd/MvuibixY4eAxDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMzExMDc1ODI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODY3NDZhMjc2ZDMzZjdkY2MyZmE1MDZjY2NmZGY2MTY5NGI2YzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLdjFS9GuhoOQ2bNyt6Du6uUctKF
BxG5lBLN/Gd3urGXj52rZP9BEXE4ZUQVgkJ+7vUOgqoLCEq9IrG8T5BhMKQ/5Ujy
n6ZHRJJUDCqg9ZwlV6/9TXtwRQ6yhsscSr6/c/wkhA/hbIh3K5O2Pmc4+gnRiPPf
CCDGRwFdRiIbW1k511wQoQc7wrLiPbTUpkerzzeZF6XMqTFhcRq2Vx9oPsLsHCrP
IesDbY3DY7JlirEstw/f5UoK6qmGNlUpbDzYEEhxFGEjZ4CqRoP6TME5j0ifM23C
Lk8CcZEXYx+CHUz+82+0yv0IYROrHtNlf65F4rKV2Tnbc1KC5YT5nvvC9QIDAQAB
o4ICpzCCAqMwHQYDVR0OBBYEFNhnRqJ20z99zC+lBszP32FpS2xrMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMkdkR29uYlRQMzNNTDZVR3pNX2ZZV2xMYkdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG8BggrBgEFBQcBBwEB/wSBrDCBqTCBlwQCAAEwgZADBAAt
Ux0DBAAtWBQDBAAtWBYDBAAtWSQDBAAtWSYDBAAtXAIDBAAtjzYDBAAtkS4DBAAt
krsDBAJX95QDBABZH9gDBABbvmADBABbvmMDBABbvmgDBABb2ewDBABb2foDBAC5
uIcDBAC5zb0DBAC57/EDBAC59IkDBAC59QUDBAC59QcDBAC88EsDBADZShAwDQQC
AAIwBwMFACoLZMEwDQYJKoZIhvcNAQELBQADggEBAA0l3/WmM1EK6+WgGSDsGxmK
yFNteew2hWa1v2IxjQGJ7YHMyAg63kFTGNUPu5r39p/X/BuLe2EUDZ+DqQIDr+9R
Ndzj4L1CBfFw8HnfsO+FYrwD5QCGn71bZXP2BLulagwyIDvOIFOos0Mvg3alftpO
j5rk9VU0IuSA0oOnu8ZMcEkEsoF1+DjuAg08tb9o0cMHUACwKUxm7qzyvG4Q4tQ/
K6eDQ7ib5Vb9ypHbUesRT8AlIK+gfKQqHkGWLfADNU2Cu3xWn9+2w0fpSa0kNIB5
3HbmnpaEpUzoUV3m1PiWnuFR96nictaN0bIMh7TQAy6jr2F7+B+BEB9TFi7wL4s=
-----END CERTIFICATE-----
Generated at Mon Apr 29 14:03:30 2024 by rpki-client on console-fra.rpki-client.org