Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5WmUoXx1FLz2t70RaA6lGLz7Vtw.roa
File: 5WmUoXx1FLz2t70RaA6lGLz7Vtw.roa (raw, json)
Hash identifier: ShWY4QoObcxjQ5pBD4UN4PwqHH7xoLTdeF7/qB+WOfk=
Subject key identifier: E5:69:94:A1:7C:75:14:BC:F6:B7:BD:11:68:0E:A5:18:BC:FB:56:DC
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01857102FC497572CA109E675BFA14FA8A9B
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5WmUoXx1FLz2t70RaA6lGLz7Vtw.roa
Signing time: Mon 02 Jan 2023 05:44:59 +0000
ROA not before: Mon 02 Jan 2023 05:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 45.8.71.0/24 maxlen: 24
194.242.2.0/24 maxlen: 24
45.85.104.0/24 maxlen: 24
193.19.108.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:fc:49:75:72:ca:10:9e:67:5b:fa:14:fa:8a:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 2 05:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e56994a17c7514bcf6b7bd11680ea518bcfb56dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:64:3f:c2:0d:90:a8:50:90:ae:f9:01:40:00:
1a:2a:49:d6:19:a6:22:e0:98:c3:8c:5c:0c:53:b5:
71:55:9a:0d:c8:01:2c:05:2b:85:75:f0:01:63:b3:
1d:46:2f:f4:0a:6a:c4:2c:68:95:c0:ba:34:df:ce:
ea:cb:29:a4:7c:13:84:dd:6d:a7:a9:b2:d8:5f:73:
45:c1:0d:4a:7f:e2:5e:61:a1:a6:dc:9e:27:4e:a5:
b9:d2:25:82:52:0a:26:7d:d1:2a:f5:cd:e3:ca:7e:
56:9f:9c:8c:99:ce:1b:12:a8:93:5e:71:1d:5c:c9:
d6:c4:d4:f8:28:18:b7:f7:7d:32:f8:96:15:ce:ac:
a9:ab:23:c1:c5:15:4c:e4:c5:42:ce:74:18:ee:f3:
2b:d4:f0:e7:44:f6:a2:7f:a9:97:82:e2:26:eb:47:
a4:b8:7c:3a:d1:a8:06:43:16:a8:3e:51:ab:95:1a:
ef:cc:20:74:a4:f9:b7:a9:f7:df:5c:1f:76:0f:f0:
ea:b1:9f:40:5f:f1:f8:73:11:a0:c7:0f:8a:c0:3a:
3d:9a:c0:5b:ee:b8:78:13:a0:a0:7b:20:5e:7c:14:
5f:0e:90:14:4a:f6:62:bd:26:29:37:99:0d:2c:6a:
8b:62:77:0e:a8:2b:63:40:c1:2b:ee:81:6c:ee:f7:
00:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:69:94:A1:7C:75:14:BC:F6:B7:BD:11:68:0E:A5:18:BC:FB:56:DC
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5WmUoXx1FLz2t70RaA6lGLz7Vtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.71.0/24
45.85.104.0/24
193.19.108.0/24
194.242.2.0/24
Signature Algorithm: sha256WithRSAEncryption
10:69:ca:70:42:4f:fb:5b:70:fb:ac:78:0e:93:02:2c:68:cd:
38:34:a2:81:3f:bd:75:6c:7d:36:1f:fa:e4:8a:7f:26:87:06:
72:4a:78:cc:9e:96:e3:fe:22:02:4b:59:4d:22:fd:85:e7:85:
37:2f:68:d8:05:c6:2e:02:48:d3:e6:07:8e:50:7c:91:ab:9c:
3b:5c:37:67:2b:72:2e:6d:82:2e:cc:c5:0a:1a:17:a0:e2:99:
71:c2:26:f8:ce:b6:04:35:2a:0d:23:bb:97:df:9a:f0:33:2c:
06:b6:68:44:1c:21:eb:d0:b9:00:28:07:d2:19:c7:da:46:18:
10:04:cf:b0:3c:44:85:2e:39:71:79:68:18:a0:c9:10:63:45:
cf:d8:a2:eb:7a:cb:bd:8e:bb:d2:9e:3d:fd:02:74:55:d9:9a:
64:c1:f8:ee:70:31:f1:e7:04:cb:71:c4:2c:da:fd:79:04:52:
c3:45:13:1e:a6:c9:05:50:a5:bf:1e:35:c2:18:26:be:7a:2b:
58:0b:6f:32:62:3f:f3:5d:1b:66:76:e0:68:ad:e3:14:d8:9c:
31:71:af:d7:ec:8e:87:e0:35:20:71:ed:29:1c:20:64:d4:bc:
79:18:50:cc:ab:e6:5f:51:65:fd:04:b1:66:1b:49:0e:82:b2:
0b:0e:e7:1e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVxAvxJdXLKEJ5nW/oU+oqbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTY5OTRhMTdjNzUxNGJjZjZiN2JkMTE2ODBlYTUxOGJjZmI1NmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWQ/wg2QqFCQrvkBQAAaKknWGaYi
4JjDjFwMU7VxVZoNyAEsBSuFdfABY7MdRi/0CmrELGiVwLo0387qyymkfBOE3W2n
qbLYX3NFwQ1Kf+JeYaGm3J4nTqW50iWCUgomfdEq9c3jyn5Wn5yMmc4bEqiTXnEd
XMnWxNT4KBi3930y+JYVzqypqyPBxRVM5MVCznQY7vMr1PDnRPaif6mXguIm60ek
uHw60agGQxaoPlGrlRrvzCB0pPm3qfffXB92D/DqsZ9AX/H4cxGgxw+KwDo9msBb
7rh4E6CgeyBefBRfDpAUSvZivSYpN5kNLGqLYncOqCtjQMEr7oFs7vcAjQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOVplKF8dRS89re9EWgOpRi8+1bcMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvNVdtVW9YeDFGTHoydDcwUmFBNmxHTHo3VnR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQhHAwQA
LVVoAwQAwRNsAwQAwvICMA0GCSqGSIb3DQEBCwUAA4IBAQAQacpwQk/7W3D7rHgO
kwIsaM04NKKBP711bH02H/rkin8mhwZySnjMnpbj/iICS1lNIv2F54U3L2jYBcYu
AkjT5geOUHyRq5w7XDdnK3IubYIuzMUKGheg4plxwib4zrYENSoNI7uX35rwMywG
tmhEHCHr0LkAKAfSGcfaRhgQBM+wPESFLjlxeWgYoMkQY0XP2KLresu9jrvSnj39
AnRV2ZpkwfjucDHx5wTLccQs2v15BFLDRRMepskFUKW/HjXCGCa+eitYC28yYj/z
XRtmduBoreMU2Jwxca/X7I6H4DUgce0pHCBk1Lx5GFDMq+ZfUWX9BLFmG0kOgrIL
Duce
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:57 2023 by rpki-client on console-fra.rpki-client.org