Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/4HI0Mdz_RMxJjQ5N7N3wJ7ra7O8.roa
File: 4HI0Mdz_RMxJjQ5N7N3wJ7ra7O8.roa (raw, json)
Hash identifier: IRU+d59f2lDtiuFgGv6GYgqHOAeMAnz3KQM8RTgjzh4=
Subject key identifier: E0:72:34:31:DC:FF:44:CC:49:8D:0E:4D:EC:DD:F0:27:BA:DA:EC:EF
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0186F04A518CFA7E44142E0DDC19B3EA84C7
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/4HI0Mdz_RMxJjQ5N7N3wJ7ra7O8.roa
Signing time: Fri 17 Mar 2023 15:57:27 +0000
ROA not before: Fri 17 Mar 2023 15:57:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212477
IP address blocks: 45.123.40.0/22 maxlen: 24
45.141.203.0/24 maxlen: 24
45.141.200.0/23 maxlen: 24
185.35.138.0/23 maxlen: 24
185.35.136.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Apr 2023 11:30:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:f0:4a:51:8c:fa:7e:44:14:2e:0d:dc:19:b3:ea:84:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 17 15:57:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0723431dcff44cc498d0e4decddf027badaecef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:60:82:7b:99:ec:49:06:9c:12:a2:de:ad:05:
4e:34:c3:34:56:0b:f5:f9:3a:fb:9e:76:e1:55:ab:
56:32:84:82:91:e0:02:f0:9b:a2:d1:6a:89:62:f4:
c6:ff:ba:ef:d9:38:4a:9f:4f:ea:48:60:e4:40:3d:
17:6a:cf:b6:7c:fc:9d:61:24:5e:55:e2:2c:5f:68:
18:4d:86:0e:5c:f4:91:62:a8:34:f7:1d:11:74:f5:
4b:97:b6:00:6a:95:ed:5d:48:26:f2:e2:64:b1:6a:
98:3a:03:da:45:07:6e:91:b9:36:12:1e:7a:a2:0c:
97:52:b2:57:02:5e:8c:26:88:bd:00:47:3e:b7:a2:
f8:44:25:73:99:55:00:7f:b8:16:d4:7f:fa:33:d5:
d0:95:7a:50:ea:37:86:d0:01:f5:9d:32:ff:0d:32:
f3:ca:0d:4f:6e:f6:79:52:ab:88:9f:84:2d:45:89:
0d:a0:ba:a9:3d:b6:37:b7:c7:d3:82:c7:bb:8f:6f:
d2:2b:ed:e1:9b:48:26:54:cb:be:9b:b3:6a:32:96:
ee:bd:aa:fd:59:7a:e2:48:88:17:16:bb:f2:37:0d:
ce:a1:c3:fc:66:a1:2e:62:84:71:8c:f7:0e:44:11:
e2:35:d4:e1:c0:ed:6c:48:08:18:26:36:a5:24:7e:
4d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:72:34:31:DC:FF:44:CC:49:8D:0E:4D:EC:DD:F0:27:BA:DA:EC:EF
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/4HI0Mdz_RMxJjQ5N7N3wJ7ra7O8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.123.40.0/22
45.141.200.0/23
45.141.203.0/24
185.35.136.0/22
Signature Algorithm: sha256WithRSAEncryption
35:e9:04:be:59:c6:0d:04:31:d5:2a:21:73:4e:aa:58:40:d7:
ca:71:5d:8b:9c:29:ae:54:b9:4e:35:f5:19:9e:f4:7f:41:63:
28:e9:b6:a0:fa:b8:d7:79:2b:9c:6b:9a:d1:36:9f:bb:31:91:
17:d0:91:31:e1:13:25:38:2c:25:16:33:c2:ad:ba:cd:8f:23:
6a:7c:eb:41:22:9f:34:e5:fb:23:da:eb:79:a6:9a:01:27:b5:
cf:dd:8a:0c:57:21:c6:c5:dc:ad:49:9f:6a:18:93:95:75:59:
c3:28:b9:09:c7:98:38:64:13:88:7d:30:54:c8:17:49:56:ba:
af:03:64:8f:dc:02:24:50:67:d4:36:16:92:d5:66:26:f7:01:
ff:ff:f9:56:32:84:c1:03:e1:e8:29:c8:9b:6d:70:10:0b:87:
e6:fb:e7:19:c4:47:02:39:4f:8b:1c:6c:2c:09:bc:94:f2:03:
09:e8:42:10:44:47:51:c0:35:77:80:30:06:bb:9d:46:ec:0d:
40:6f:65:3f:1f:36:e4:5f:64:0e:a9:21:18:91:cd:14:b5:1f:
ad:f6:0c:14:20:40:88:da:ed:4f:e6:c9:d6:35:71:ad:7e:e2:
3b:f1:27:2c:35:68:88:90:21:49:fd:b2:6f:c0:5f:45:8a:40:
de:91:02:9a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYbwSlGM+n5EFC4N3Bmz6oTHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzE3MTU1NzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDcyMzQzMWRjZmY0NGNjNDk4ZDBlNGRlY2RkZjAyN2JhZGFlY2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmCCe5nsSQacEqLerQVONMM0Vgv1
+Tr7nnbhVatWMoSCkeAC8Jui0WqJYvTG/7rv2ThKn0/qSGDkQD0Xas+2fPydYSRe
VeIsX2gYTYYOXPSRYqg09x0RdPVLl7YAapXtXUgm8uJksWqYOgPaRQdukbk2Eh56
ogyXUrJXAl6MJoi9AEc+t6L4RCVzmVUAf7gW1H/6M9XQlXpQ6jeG0AH1nTL/DTLz
yg1PbvZ5UquIn4QtRYkNoLqpPbY3t8fTgse7j2/SK+3hm0gmVMu+m7NqMpbuvar9
WXriSIgXFrvyNw3OocP8ZqEuYoRxjPcORBHiNdThwO1sSAgYJjalJH5NmQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOByNDHc/0TMSY0OTezd8Ce62uzvMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvNEhJME1kel9STXhKalE1TjdOM3dKN3JhN084LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLXsoAwQB
LY3IAwQALY3LAwQCuSOIMA0GCSqGSIb3DQEBCwUAA4IBAQA16QS+WcYNBDHVKiFz
TqpYQNfKcV2LnCmuVLlONfUZnvR/QWMo6bag+rjXeSuca5rRNp+7MZEX0JEx4RMl
OCwlFjPCrbrNjyNqfOtBIp805fsj2ut5ppoBJ7XP3YoMVyHGxdytSZ9qGJOVdVnD
KLkJx5g4ZBOIfTBUyBdJVrqvA2SP3AIkUGfUNhaS1WYm9wH///lWMoTBA+HoKcib
bXAQC4fm++cZxEcCOU+LHGwsCbyU8gMJ6EIQREdRwDV3gDAGu51G7A1Ab2U/Hzbk
X2QOqSEYkc0UtR+t9gwUIECI2u1P5snWNXGtfuI78ScsNWiIkCFJ/bJvwF9FikDe
kQKa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org