Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BDj6mE-Xaa9ACeUil28TyCcPVSU.roa
File: BDj6mE-Xaa9ACeUil28TyCcPVSU.roa (raw, json)
Hash identifier: hw5MB48juxBwqmBFpr+tRsOozRJtJw3825l9YXIyw50=
Subject key identifier: 04:38:FA:98:4F:97:69:AF:40:09:E5:22:97:6F:13:C8:27:0F:55:25
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01918D9E3ABC8DB8BABADA2DCCB1C10A1425
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BDj6mE-Xaa9ACeUil28TyCcPVSU.roa
Signing time: Mon 26 Aug 2024 07:37:22 +0000
ROA not before: Mon 26 Aug 2024 07:37:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.144.226.0/24 maxlen: 24
185.121.120.0/24 maxlen: 24
185.121.121.0/24 maxlen: 24
185.121.122.0/23 maxlen: 24
185.239.243.0/24 maxlen: 24
220.158.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Aug 2024 06:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8d:9e:3a:bc:8d:b8:ba:ba:da:2d:cc:b1:c1:0a:14:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 26 07:37:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0438fa984f9769af4009e522976f13c8270f5525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:eb:05:ee:bd:28:4f:78:5d:08:fb:23:e7:63:
25:fa:86:4d:10:db:c4:ac:0e:fd:df:42:a7:63:0d:
95:03:2e:39:81:b8:04:2d:99:cc:74:31:d4:e2:2e:
54:81:42:77:ec:ff:0c:6b:59:23:b0:10:5d:fc:c0:
b7:27:28:4c:df:6a:f4:78:94:c4:0c:86:06:d2:d3:
1e:91:28:9e:cf:5a:6d:09:b2:c1:c3:3d:af:94:9c:
68:09:dc:a0:3a:cc:74:c1:41:a6:b3:9a:d4:52:22:
62:52:b7:8b:e8:09:75:2a:eb:53:cb:e9:a6:3c:f1:
d0:22:04:a4:2e:ba:6f:c1:7a:69:07:c2:69:8b:0e:
cd:17:58:94:88:42:8d:a0:24:f7:8c:74:dd:30:f9:
74:67:2a:12:02:98:02:70:20:5a:cb:e3:82:23:80:
c5:80:5c:b1:60:23:b6:07:70:5a:c0:4f:2a:a1:2e:
cc:c1:3e:48:13:bd:27:b9:90:96:a9:d4:8b:39:1a:
ef:a2:58:73:98:f1:51:09:24:fc:50:cb:0e:ba:fb:
7f:85:9f:7d:9a:5e:53:49:2c:03:5b:b5:1e:3a:48:
fa:b6:f6:ad:50:8e:ce:83:cd:35:22:4e:3f:58:9c:
98:9c:6c:df:16:56:10:6a:cb:20:c5:7f:8e:f3:bd:
f7:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:38:FA:98:4F:97:69:AF:40:09:E5:22:97:6F:13:C8:27:0F:55:25
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BDj6mE-Xaa9ACeUil28TyCcPVSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.226.0/24
185.121.120.0/22
185.239.243.0/24
220.158.199.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:1a:92:05:4a:67:2c:47:21:0e:b6:a6:cd:b1:16:ed:bf:01:
29:67:f5:86:ee:47:db:f9:6b:61:e7:60:51:bd:74:d5:78:ad:
08:1f:cc:a9:a5:3b:9a:e8:16:51:d7:8b:b9:e2:22:3e:a8:0e:
16:7a:42:e9:25:8c:9a:eb:bc:9b:65:63:be:0c:8f:db:5d:fb:
b4:14:71:21:f1:ab:ad:6a:96:07:65:55:72:6f:64:40:34:88:
fa:07:c9:9a:47:56:be:07:50:73:64:1b:77:90:bb:68:0c:73:
16:df:99:3c:8d:a1:23:7f:c4:16:d4:f9:c1:60:42:e7:fc:e0:
ff:63:4c:de:be:16:40:81:50:1d:2a:9f:11:76:0d:d8:46:08:
fc:ee:33:ab:29:44:50:72:2a:9e:ac:c7:b4:31:d8:4b:49:b8:
73:31:a3:df:04:a0:fc:bf:26:c4:d6:4c:d6:da:08:77:5f:ad:
23:a0:52:3d:ef:75:38:7c:84:40:7b:98:9e:37:af:f5:58:50:
a5:85:5b:8c:80:3f:16:ea:34:cf:75:1c:81:b7:36:81:e2:5e:
15:0e:18:37:f1:de:14:81:d8:f9:ed:5b:5d:b0:ef:75:3c:17:
46:c3:d4:2e:25:2d:5a:4e:f2:c2:52:5f:b1:be:b7:79:fe:7b:
5a:7b:a4:1b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZGNnjq8jbi6utotzLHBChQlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwODI2MDczNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDM4ZmE5ODRmOTc2OWFmNDAwOWU1MjI5NzZmMTNjODI3MGY1NTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqesF7r0oT3hdCPsj52Ml+oZNENvE
rA7930KnYw2VAy45gbgELZnMdDHU4i5UgUJ37P8Ma1kjsBBd/MC3JyhM32r0eJTE
DIYG0tMekSiez1ptCbLBwz2vlJxoCdygOsx0wUGms5rUUiJiUreL6Al1KutTy+mm
PPHQIgSkLrpvwXppB8Jpiw7NF1iUiEKNoCT3jHTdMPl0ZyoSApgCcCBay+OCI4DF
gFyxYCO2B3BawE8qoS7MwT5IE70nuZCWqdSLORrvolhzmPFRCST8UMsOuvt/hZ99
ml5TSSwDW7UeOkj6tvatUI7Og801Ik4/WJyYnGzfFlYQassgxX+O87331QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAQ4+phPl2mvQAnlIpdvE8gnD1UlMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvQkRqNm1FLVhhYTlBQ2VVaWwyOFR5Q2NQVlNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZDiAwQC
uXl4AwQAue/zAwQA3J7HMA0GCSqGSIb3DQEBCwUAA4IBAQBfGpIFSmcsRyEOtqbN
sRbtvwEpZ/WG7kfb+Wth52BRvXTVeK0IH8yppTua6BZR14u54iI+qA4WekLpJYya
67ybZWO+DI/bXfu0FHEh8autapYHZVVyb2RANIj6B8maR1a+B1BzZBt3kLtoDHMW
35k8jaEjf8QW1PnBYELn/OD/Y0zevhZAgVAdKp8Rdg3YRgj87jOrKURQciqerMe0
MdhLSbhzMaPfBKD8vybE1kzW2gh3X60joFI973U4fIRAe5ieN6/1WFClhVuMgD8W
6jTPdRyBtzaB4l4VDhg38d4Ugdj57VtdsO91PBdGw9QuJS1aTvLCUl+xvrd5/nta
e6Qb
-----END CERTIFICATE-----
Generated at Tue Aug 27 08:25:31 2024 by rpki-client on console-ams.rpki-client.org