Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/9WDcNkrcblFhnAkgP2hx_0EyrMc.roa
File: 9WDcNkrcblFhnAkgP2hx_0EyrMc.roa (raw, json)
Hash identifier: 8N14N0edeLftyOmrech2B+qae3Y08TbxlrRbVi9bhIE=
Subject key identifier: F5:60:DC:36:4A:DC:6E:51:61:9C:09:20:3F:68:71:FF:41:32:AC:C7
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018E9E29391694C4B54339CD868765C6D178
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/9WDcNkrcblFhnAkgP2hx_0EyrMc.roa
Signing time: Tue 02 Apr 2024 09:34:45 +0000
ROA not before: Tue 02 Apr 2024 09:34:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.146.184.0/22 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
93.115.254.0/23 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
185.255.39.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
188.214.208.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 13 Apr 2024 04:32:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9e:29:39:16:94:c4:b5:43:39:cd:86:87:65:c6:d1:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 2 09:34:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f560dc364adc6e51619c09203f6871ff4132acc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b7:32:2e:a6:05:33:42:d8:f4:ec:ea:d2:e0:
64:1e:4a:f1:a4:66:5d:54:98:ef:47:89:d7:4b:55:
b5:3b:c1:35:03:ef:5c:89:8b:b4:98:43:14:d5:c8:
28:b0:45:37:7b:40:98:48:15:32:7e:1e:7a:63:af:
5d:1c:16:78:0c:27:cf:6e:01:e7:8c:d8:e0:7e:56:
56:52:56:8d:35:11:d8:cb:f2:00:43:c5:42:81:b5:
14:33:95:1a:e6:a2:34:d4:d0:7c:33:a1:de:d8:3b:
56:ca:a4:25:50:96:ec:5c:39:63:b4:f3:85:df:49:
b9:85:6b:38:76:4a:e4:b7:cb:6d:c5:14:90:dc:04:
81:d9:59:2c:5e:d7:ca:64:d8:42:bd:00:e3:29:7d:
2b:56:3c:84:cf:83:c7:cc:fb:26:f4:33:2c:ce:25:
a7:a3:b7:fb:41:84:a2:07:4a:f8:ef:e4:3e:b6:98:
f9:ef:16:2b:33:db:1c:2b:e1:b2:be:7d:34:36:d1:
49:71:ec:1f:82:a8:b1:88:b5:5e:db:08:cc:e9:21:
69:cb:4d:86:2c:69:a9:94:17:78:aa:37:b7:45:4a:
6d:70:3d:0a:5a:b0:f7:b1:c0:1b:59:8d:ca:07:02:
0a:b1:24:1b:00:4d:18:bd:0c:17:e1:8b:cb:91:51:
27:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:60:DC:36:4A:DC:6E:51:61:9C:09:20:3F:68:71:FF:41:32:AC:C7
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/9WDcNkrcblFhnAkgP2hx_0EyrMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
89.33.84.0/24
89.35.154.0/24
89.37.62.0/23
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
188.212.133.0/24
188.212.158.0/23
188.214.208.0/23
188.240.224.0/23
188.240.227.0/24
188.240.232.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:e8:9e:e1:ae:23:63:4c:1e:cd:12:0d:79:18:d4:55:c5:33:
0d:f0:db:01:04:b1:18:f7:75:76:6c:ec:a3:5a:81:bc:d3:46:
fe:88:5f:34:e2:54:30:bc:cd:49:98:f0:56:8f:12:70:81:fd:
ff:79:69:07:7f:3f:d9:75:98:99:ad:2d:eb:36:7e:d4:3c:37:
1f:02:20:d7:ed:31:bd:8a:a0:c8:8a:44:0e:24:20:73:e3:42:
73:6d:3d:98:94:c1:12:3b:40:ab:90:af:d6:1c:b5:88:c7:95:
70:5d:70:40:21:69:b8:6b:c6:11:da:cd:ea:32:4c:93:f5:13:
00:fe:b3:ac:e6:bc:71:39:b4:db:59:b2:17:b0:87:f0:0b:36:
a4:6f:55:dc:48:b8:bd:c5:90:c7:81:05:04:12:b2:3e:40:3d:
ed:75:77:34:2e:0b:06:d5:94:17:95:9b:31:f7:0d:8d:c7:67:
81:c6:ee:12:fd:e6:62:7b:fe:5a:07:6c:f6:d5:a7:46:13:03:
8f:4f:ad:c5:4d:c1:73:18:2d:12:a8:81:cf:60:de:38:5a:8e:
f3:b5:1e:23:b9:38:32:29:45:2d:59:60:b7:5c:84:f1:ba:45:
62:cc:03:39:2c:ce:d0:55:c0:b4:a1:6f:9a:ca:49:1a:50:4e:
29:10:29:59
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAY6eKTkWlMS1QznNhodlxtF4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwNDAyMDkzNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTYwZGMzNjRhZGM2ZTUxNjE5YzA5MjAzZjY4NzFmZjQxMzJhY2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbcyLqYFM0LY9Ozq0uBkHkrxpGZd
VJjvR4nXS1W1O8E1A+9ciYu0mEMU1cgosEU3e0CYSBUyfh56Y69dHBZ4DCfPbgHn
jNjgflZWUlaNNRHYy/IAQ8VCgbUUM5Ua5qI01NB8M6He2DtWyqQlUJbsXDljtPOF
30m5hWs4dkrkt8ttxRSQ3ASB2VksXtfKZNhCvQDjKX0rVjyEz4PHzPsm9DMsziWn
o7f7QYSiB0r47+Q+tpj57xYrM9scK+Gyvn00NtFJcewfgqixiLVe2wjM6SFpy02G
LGmplBd4qje3RUptcD0KWrD3scAbWY3KBwIKsSQbAE0YvQwX4YvLkVEntQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFPVg3DZK3G5RYZwJID9ocf9BMqzHMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvOVdEY05rcmNibEZobkFrZ1AyaHhfMEV5ck1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAi2S
uAMEAC2cnQMEAFkhVAMEAFkjmgMEAVklPgMEAlu8zAMEAV1z/gMEAbmHjAMEALmH
jwMEALnuCgMEAbnx0gMEALn/JwMEALzUhQMEAbzUngMEAbzW0AMEAbzw4AMEALzw
4wMEALzw6AMEALzx8wMEAcEXgAMEAtXoXDANBgkqhkiG9w0BAQsFAAOCAQEADuie
4a4jY0wezRINeRjUVcUzDfDbAQSxGPd1dmzso1qBvNNG/ohfNOJUMLzNSZjwVo8S
cIH9/3lpB38/2XWYma0t6zZ+1Dw3HwIg1+0xvYqgyIpEDiQgc+NCc209mJTBEjtA
q5Cv1hy1iMeVcF1wQCFpuGvGEdrN6jJMk/UTAP6zrOa8cTm021myF7CH8As2pG9V
3Ei4vcWQx4EFBBKyPkA97XV3NC4LBtWUF5WbMfcNjcdngcbuEv3mYnv+Wgds9tWn
RhMDj0+txU3BcxgtEqiBz2DeOFqO87UeI7k4MilFLVlgt1yE8bpFYswDOSzO0FXA
tKFvmspJGlBOKRApWQ==
-----END CERTIFICATE-----
Generated at Sat Apr 13 06:06:47 2024 by rpki-client on console-ams.rpki-client.org