Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ACGolYS10sZFQqZCk8aMUzRtJhc.roa
File: ACGolYS10sZFQqZCk8aMUzRtJhc.roa (raw, json)
Hash identifier: QQhJGZBEymJSFB/yE1HNMW0tStAp1ez+12XTZkDXHks=
Subject key identifier: 00:21:A8:95:84:B5:D2:C6:45:42:A6:42:93:C6:8C:53:34:6D:26:17
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018AD7D6B63307117CB293F375A7D841AB86
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ACGolYS10sZFQqZCk8aMUzRtJhc.roa
Signing time: Wed 27 Sep 2023 18:11:27 +0000
ROA not before: Wed 27 Sep 2023 18:11:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.112.64.0/22 maxlen: 24
188.241.242.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Oct 2023 17:58:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d7:d6:b6:33:07:11:7c:b2:93:f3:75:a7:d8:41:ab:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Sep 27 18:11:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0021a89584b5d2c64542a64293c68c53346d2617
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:79:16:55:05:34:48:32:d7:df:34:5a:c6:c9:
f0:e0:55:56:4e:ab:1e:f4:33:f3:60:84:13:ae:44:
eb:85:ec:27:8f:ed:27:b7:1c:ce:10:f5:dd:2f:17:
b6:5c:bb:9f:2a:32:0b:cb:3b:78:b9:5e:e2:4f:f5:
50:60:05:94:47:c0:b6:61:a5:0c:14:8d:38:0c:5b:
e7:35:e2:89:82:bf:ba:7e:ef:40:8c:18:3d:c7:95:
ea:5f:14:52:54:0b:f9:86:06:32:b8:97:46:2c:d3:
df:46:ef:b6:41:0a:94:30:f4:ff:54:7c:4a:28:22:
43:de:d9:42:e7:da:00:ca:75:d9:53:d4:6b:f3:a7:
b2:7b:e9:f9:a5:7d:15:b8:ac:36:be:c6:67:b4:fe:
05:93:bf:34:8b:51:23:f9:10:7f:cd:ba:d1:31:51:
82:55:87:f3:70:54:78:e5:2a:54:41:f0:bf:b6:63:
ce:09:ed:ca:c6:13:5e:61:d7:c1:f6:c0:68:5a:a6:
8e:76:e3:97:97:f2:7d:d7:12:88:a9:07:34:b3:21:
04:09:57:70:16:43:bb:5f:0c:53:b7:4e:82:0f:c3:
44:ce:68:79:6a:ba:d7:43:cb:d3:55:4e:4d:9e:66:
a3:55:1e:69:cd:c0:fb:1b:79:ac:29:48:39:3a:c0:
0d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:21:A8:95:84:B5:D2:C6:45:42:A6:42:93:C6:8C:53:34:6D:26:17
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ACGolYS10sZFQqZCk8aMUzRtJhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
87.247.148.0/22
89.33.84.0/23
89.35.154.0/24
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.112.64.0/22
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.169.0-185.255.171.255
188.212.133.0/24
188.212.155.0/24
188.212.158.0/24
188.213.202.0/23
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.240.233.0/24
188.241.242.0/23
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:82:81:bd:cb:53:87:c8:89:60:5d:68:1a:a4:e9:06:e3:e6:
a8:be:48:7a:81:79:61:72:4b:c3:58:88:49:6e:70:2e:37:6b:
87:22:00:4f:5d:32:18:8a:fb:f4:db:a7:05:f2:9f:bf:25:44:
1e:c8:7b:77:03:6a:c5:79:92:23:e1:d5:ce:d3:8f:81:6c:96:
fd:ab:f7:8a:65:ed:07:a7:19:68:64:db:6f:15:25:31:33:8a:
a1:5c:ca:b2:2d:28:84:68:0d:bc:c5:30:f2:0d:01:23:a5:41:
c0:7c:12:ed:52:83:04:93:c1:b5:1e:39:ca:ad:ca:0e:91:26:
93:54:ba:c1:50:1c:ec:07:cf:ed:46:e0:06:20:af:ee:1a:22:
8f:61:9a:38:1f:94:6a:00:4e:ea:c6:d1:d1:7a:db:fe:ae:3a:
db:42:fb:6c:b3:d5:d0:60:14:b4:4d:52:d9:e4:14:5a:20:9f:
7d:84:16:9b:c5:5c:19:c4:da:a4:d1:41:2c:6e:80:5c:f8:cc:
23:0d:a3:e5:5e:e2:47:a3:e0:4d:dc:72:4a:9c:48:f7:7a:74:
bf:27:bd:fc:9c:8a:0e:76:b8:6f:86:7d:25:51:6b:d1:16:51:
4e:cc:7c:be:bc:61:05:9e:b0:52:63:9d:f8:a4:06:54:15:3c:
c5:ec:6c:35
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAYrX1rYzBxF8spPzdafYQauGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwOTI3MTgxMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDIxYTg5NTg0YjVkMmM2NDU0MmE2NDI5M2M2OGM1MzM0NmQyNjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXkWVQU0SDLX3zRaxsnw4FVWTqse
9DPzYIQTrkTrhewnj+0ntxzOEPXdLxe2XLufKjILyzt4uV7iT/VQYAWUR8C2YaUM
FI04DFvnNeKJgr+6fu9AjBg9x5XqXxRSVAv5hgYyuJdGLNPfRu+2QQqUMPT/VHxK
KCJD3tlC59oAynXZU9Rr86eye+n5pX0VuKw2vsZntP4Fk780i1Ej+RB/zbrRMVGC
VYfzcFR45SpUQfC/tmPOCe3KxhNeYdfB9sBoWqaOduOXl/J91xKIqQc0syEECVdw
FkO7XwxTt06CD8NEzmh5arrXQ8vTVU5NnmajVR5pzcD7G3msKUg5OsANVQIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFAAhqJWEtdLGRUKmQpPGjFM0bSYXMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvQUNHb2xZUzEwc1pGUXFaQ2s4YU1VelJ0SmhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBAIt
krgDBAAtnJ0DBAJX95QDBAFZIVQDBABZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAK5
cEADBAG5h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycwDAMEALn/qQMEArn/qAME
ALzUhQMEALzUmwMEALzUngMEAbzVygMEALzW0QMEAbzw4AMEALzw4wMEALzw6QME
Abzx8gMEAcEXgAMEAtXoXDANBgkqhkiG9w0BAQsFAAOCAQEAioKBvctTh8iJYF1o
GqTpBuPmqL5IeoF5YXJLw1iISW5wLjdrhyIAT10yGIr79NunBfKfvyVEHsh7dwNq
xXmSI+HVztOPgWyW/av3imXtB6cZaGTbbxUlMTOKoVzKsi0ohGgNvMUw8g0BI6VB
wHwS7VKDBJPBtR45yq3KDpEmk1S6wVAc7AfP7UbgBiCv7hoij2GaOB+UagBO6sbR
0Xrb/q4620L7bLPV0GAUtE1S2eQUWiCffYQWm8VcGcTapNFBLG6AXPjMIw2j5V7i
R6PgTdxySpxI93p0vye9/JyKDna4b4Z9JVFr0RZRTsx8vrxhBZ6wUmOd+KQGVBU8
xexsNQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org