Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/4WXTwymUu0vgQYxAj-NOcKzxYe8.roa
File: 4WXTwymUu0vgQYxAj-NOcKzxYe8.roa (raw, json)
Hash identifier: YZ4KF8SUivERX8MDjUvoNVDaR7E6rEeFvPON75nHB0I=
Subject key identifier: E1:65:D3:C3:29:94:BB:4B:E0:41:8C:40:8F:E3:4E:70:AC:F1:61:EF
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187572C6F966FB3C24A4CB9789F85047A8A
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/4WXTwymUu0vgQYxAj-NOcKzxYe8.roa
Signing time: Thu 06 Apr 2023 15:25:42 +0000
ROA not before: Thu 06 Apr 2023 15:25:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 188.241.243.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
45.156.159.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.241.182.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Apr 2023 08:34:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:57:2c:6f:96:6f:b3:c2:4a:4c:b9:78:9f:85:04:7a:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 6 15:25:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e165d3c32994bb4be0418c408fe34e70acf161ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6b:d4:8d:6b:2e:de:f3:60:b5:85:d3:54:b3:
39:58:32:38:81:e6:bd:cd:0c:07:2d:4d:d2:62:3d:
f7:d9:d0:af:2c:f6:11:6a:c8:4b:2c:3d:88:68:c1:
5f:76:b8:ee:f1:b6:dd:6b:eb:e5:56:5d:13:ec:5c:
3a:61:a5:01:34:80:9c:be:57:cf:5a:66:3b:48:3e:
2e:39:d5:5e:1f:9a:b1:3f:27:45:f0:0e:9d:e0:f9:
46:c9:1e:a8:36:27:8f:b6:92:89:2c:e5:1e:bb:4d:
71:e2:79:14:10:9b:1f:91:40:a6:a0:51:84:fd:15:
c0:ba:c5:d7:ee:aa:14:3a:5e:55:86:a0:ae:47:78:
d2:af:63:b7:c6:e9:e5:64:a4:61:cd:c1:ca:63:65:
a4:f6:d2:ac:46:4d:df:73:35:34:77:80:94:42:04:
d7:93:2e:95:89:0b:92:7f:4d:e2:dd:17:66:00:b6:
4e:05:3a:12:b3:57:89:1d:07:2b:98:ef:4c:e7:03:
47:57:56:66:e7:e8:a9:62:55:fe:64:72:68:57:c0:
04:56:52:b2:6e:71:b5:23:64:a6:e2:6d:95:12:21:
30:22:33:ec:00:0e:a9:54:51:0b:57:38:20:f9:a0:
19:8c:1f:7c:a6:02:b1:84:48:a5:5b:a6:c8:f5:8c:
ee:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:65:D3:C3:29:94:BB:4B:E0:41:8C:40:8F:E3:4E:70:AC:F1:61:EF
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/4WXTwymUu0vgQYxAj-NOcKzxYe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.159.0/24
87.247.149.0/24
87.247.151.0/24
89.37.63.0/24
91.188.204.0/24
185.135.141.0/24
185.135.143.0/24
185.255.169.0/24
188.212.155.0/24
188.241.182.0/24
188.241.243.0/24
Signature Algorithm: sha256WithRSAEncryption
34:b1:fc:82:0c:97:4f:22:67:16:02:a7:6c:76:ed:49:db:dd:
a5:c6:04:07:96:d9:8e:fe:9a:6f:88:19:4e:5a:7c:e3:7e:6c:
21:4e:cd:b4:2e:a2:02:ca:dc:42:3b:a0:73:6e:af:0e:6c:44:
ac:d4:6c:33:53:2e:2a:76:53:30:fb:56:60:b3:7e:d3:e8:02:
37:3e:1e:12:e6:b0:6e:a2:46:ae:75:a2:06:9f:8a:a5:eb:4f:
7a:22:ff:64:66:89:24:78:a1:90:35:b9:f9:e3:34:24:23:07:
12:ae:2b:60:bb:4a:07:50:c0:af:8d:af:72:06:7f:6e:2a:dd:
82:53:ab:bc:59:87:39:d2:79:ec:a5:45:92:ee:79:74:46:0b:
1f:71:91:6d:b6:54:20:b8:c6:cd:70:9b:f3:2e:90:fe:93:71:
87:49:4f:37:5d:87:f0:6c:23:2a:a6:ca:1c:61:76:89:df:95:
81:64:2c:29:fe:38:55:59:1a:4a:b8:7f:88:f5:1c:2b:d0:02:
95:9c:97:37:83:70:eb:fb:1f:57:0f:16:80:a9:98:e0:34:0d:
4a:d8:65:ad:6b:2e:f5:db:87:e2:e0:b1:65:2b:fc:06:76:bb:
48:a0:67:3d:44:ff:78:fc:f3:04:0a:19:17:bb:85:f9:f3:ae:
c3:f7:e9:02
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYdXLG+Wb7PCSky5eJ+FBHqKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDA2MTUyNTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTY1ZDNjMzI5OTRiYjRiZTA0MThjNDA4ZmUzNGU3MGFjZjE2MWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmvUjWsu3vNgtYXTVLM5WDI4gea9
zQwHLU3SYj332dCvLPYRashLLD2IaMFfdrju8bbda+vlVl0T7Fw6YaUBNICcvlfP
WmY7SD4uOdVeH5qxPydF8A6d4PlGyR6oNiePtpKJLOUeu01x4nkUEJsfkUCmoFGE
/RXAusXX7qoUOl5VhqCuR3jSr2O3xunlZKRhzcHKY2Wk9tKsRk3fczU0d4CUQgTX
ky6ViQuSf03i3RdmALZOBToSs1eJHQcrmO9M5wNHV1Zm5+ipYlX+ZHJoV8AEVlKy
bnG1I2Sm4m2VEiEwIjPsAA6pVFELVzgg+aAZjB98pgKxhEilW6bI9YzudQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFOFl08MplLtL4EGMQI/jTnCs8WHvMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvNFdYVHd5bVV1MHZnUVl4QWotTk9jS3p4WWU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALZyfAwQA
V/eVAwQAV/eXAwQAWSU/AwQAW7zMAwQAuYeNAwQAuYePAwQAuf+pAwQAvNSbAwQA
vPG2AwQAvPHzMA0GCSqGSIb3DQEBCwUAA4IBAQA0sfyCDJdPImcWAqdsdu1J292l
xgQHltmO/ppviBlOWnzjfmwhTs20LqICytxCO6Bzbq8ObESs1GwzUy4qdlMw+1Zg
s37T6AI3Ph4S5rBuokaudaIGn4ql6096Iv9kZokkeKGQNbn54zQkIwcSritgu0oH
UMCvja9yBn9uKt2CU6u8WYc50nnspUWS7nl0RgsfcZFttlQguMbNcJvzLpD+k3GH
SU83XYfwbCMqpsocYXaJ35WBZCwp/jhVWRpKuH+I9Rwr0AKVnJc3g3Dr+x9XDxaA
qZjgNA1K2GWtay7124fi4LFlK/wGdrtIoGc9RP94/PMEChkXu4X5867D9+kC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org