Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/8GDrURR8nCm-fPbUNPQixd9_MkQ.roa
File: 8GDrURR8nCm-fPbUNPQixd9_MkQ.roa (raw, json)
Hash identifier: InwHYgPCNFLtebjLWGAmgLr47hlhtGmu3xk67TLGtA4=
Subject key identifier: F0:60:EB:51:14:7C:9C:29:BE:7C:F6:D4:34:F4:22:C5:DF:7F:32:44
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018AAC9EE9F841F351818990871FF1F56DFA
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/8GDrURR8nCm-fPbUNPQixd9_MkQ.roa
Signing time: Tue 19 Sep 2023 08:46:50 +0000
ROA not before: Tue 19 Sep 2023 08:46:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 185.198.243.0/24 maxlen: 24
185.192.69.0/24 maxlen: 24
185.217.117.0/24 maxlen: 24
185.198.240.0/24 maxlen: 24
45.80.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Sep 2023 08:06:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ac:9e:e9:f8:41:f3:51:81:89:90:87:1f:f1:f5:6d:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Sep 19 08:46:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f060eb51147c9c29be7cf6d434f422c5df7f3244
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c1:9d:b5:63:fc:0d:fa:f9:c2:b8:27:a9:78:
cd:aa:dd:66:93:53:74:b5:37:5d:72:68:91:91:0d:
f0:32:9e:4d:a4:fd:50:e9:ee:a6:05:fb:a3:f5:64:
e1:1e:f9:2e:a0:e2:e8:f1:75:c2:ab:29:d0:b3:cb:
c5:69:e3:74:41:0a:91:f5:6a:9b:54:a7:82:58:a8:
37:72:05:d2:1b:27:85:48:1f:16:c1:97:1f:2c:0b:
71:9a:b6:e2:0c:b5:53:1d:4e:88:8b:00:78:05:c9:
cc:7c:1c:3a:c4:f6:f7:3e:d4:c0:88:63:88:b0:a3:
cf:ab:d5:96:8b:2f:16:1f:96:ef:b4:0d:eb:7c:6e:
d9:67:67:12:d3:b6:05:f3:3a:86:9b:3b:8e:e0:21:
46:63:b3:98:87:a8:fb:c6:0e:17:8b:51:a5:7a:95:
c5:c9:b6:83:87:ce:33:3a:c9:95:a2:a8:1f:d3:d1:
eb:81:0e:97:ae:f4:67:43:ae:d9:23:3d:95:e7:6d:
92:48:b4:89:04:0d:1e:ca:e0:d0:6b:94:2f:4c:8b:
84:e2:e7:1a:a1:da:21:7e:36:26:9d:8d:1e:24:6f:
21:9e:ec:ae:9d:d2:be:95:2a:17:6b:a7:c2:df:1d:
16:22:b2:35:b9:94:8d:ec:cc:07:c6:91:96:5a:c0:
85:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:60:EB:51:14:7C:9C:29:BE:7C:F6:D4:34:F4:22:C5:DF:7F:32:44
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/8GDrURR8nCm-fPbUNPQixd9_MkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.157.0/24
185.192.69.0/24
185.198.240.0/24
185.198.243.0/24
185.217.117.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:af:3b:29:6b:db:21:3b:41:6c:0d:78:c3:42:3f:c7:90:a6:
c3:7b:be:ca:fd:35:0c:5c:e8:c7:4a:13:e1:fa:71:e7:53:82:
03:f9:b9:07:46:3c:8d:ce:55:f6:bf:99:0a:1a:1f:13:1e:6f:
ff:ca:8d:7d:c5:a2:bd:18:34:19:a0:39:95:e5:f4:d4:57:9a:
f6:95:2e:8f:4d:ee:d5:11:6a:bd:dd:23:92:80:5f:30:ab:d9:
ae:1a:56:41:0e:f4:d0:e5:b7:0b:0f:a8:90:7a:f2:54:6c:58:
2d:f3:7b:1b:28:46:0f:26:99:0b:81:17:40:ee:36:75:a3:23:
9b:86:e3:15:46:78:81:4e:5a:68:af:f4:40:49:75:b0:ba:26:
9e:1b:21:de:89:41:56:b4:4d:88:bc:1d:45:d4:e4:87:3d:0b:
92:52:a2:11:37:be:3f:32:6f:1e:a5:b9:9d:2a:52:7a:28:ec:
a9:48:ce:a7:98:08:9d:31:28:42:d1:87:f7:cc:0a:a1:0d:89:
72:97:b1:f5:24:a9:da:7c:05:df:1a:f5:00:6a:f1:11:ba:a2:
09:d5:44:f1:bb:65:2c:25:7c:96:42:5a:07:33:ec:ea:e9:94:
d8:19:0a:27:01:80:ed:61:06:53:2a:a9:dd:4f:4a:83:21:45:
4d:3b:58:8f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYqsnun4QfNRgYmQhx/x9W36MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwOTE5MDg0NjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDYwZWI1MTE0N2M5YzI5YmU3Y2Y2ZDQzNGY0MjJjNWRmN2YzMjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsGdtWP8Dfr5wrgnqXjNqt1mk1N0
tTddcmiRkQ3wMp5NpP1Q6e6mBfuj9WThHvkuoOLo8XXCqynQs8vFaeN0QQqR9Wqb
VKeCWKg3cgXSGyeFSB8WwZcfLAtxmrbiDLVTHU6IiwB4BcnMfBw6xPb3PtTAiGOI
sKPPq9WWiy8WH5bvtA3rfG7ZZ2cS07YF8zqGmzuO4CFGY7OYh6j7xg4Xi1GlepXF
ybaDh84zOsmVoqgf09HrgQ6XrvRnQ67ZIz2V522SSLSJBA0eyuDQa5QvTIuE4uca
odohfjYmnY0eJG8hnuyundK+lSoXa6fC3x0WIrI1uZSN7MwHxpGWWsCFawIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPBg61EUfJwpvnz21DT0IsXffzJEMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvOEdEclVSUjhuQ20tZlBiVU5QUWl4ZDlfTWtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVCdAwQA
ucBFAwQAucbwAwQAucbzAwQAudl1MA0GCSqGSIb3DQEBCwUAA4IBAQB7rzspa9sh
O0FsDXjDQj/HkKbDe77K/TUMXOjHShPh+nHnU4ID+bkHRjyNzlX2v5kKGh8THm//
yo19xaK9GDQZoDmV5fTUV5r2lS6PTe7VEWq93SOSgF8wq9muGlZBDvTQ5bcLD6iQ
evJUbFgt83sbKEYPJpkLgRdA7jZ1oyObhuMVRniBTlpor/RASXWwuiaeGyHeiUFW
tE2IvB1F1OSHPQuSUqIRN74/Mm8epbmdKlJ6KOypSM6nmAidMShC0Yf3zAqhDYly
l7H1JKnafAXfGvUAavERuqIJ1UTxu2UsJXyWQloHM+zq6ZTYGQonAYDtYQZTKqnd
T0qDIUVNO1iP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:08 2024 by rpki-client on console-ams.rpki-client.org