Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BZe7_naBpHti74bERNaxzq-ATmo.roa
File: BZe7_naBpHti74bERNaxzq-ATmo.roa (raw, json)
Hash identifier: jH6qlmuf52vShSR5kM8s+MMia+PEETntiZHcIumk7iU=
Subject key identifier: 05:97:BB:FE:76:81:A4:7B:62:EF:86:C4:44:D6:B1:CE:AF:80:4E:6A
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018DA29E25C0481A88E09D506567EE40972D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BZe7_naBpHti74bERNaxzq-ATmo.roa
Signing time: Tue 13 Feb 2024 13:18:09 +0000
ROA not before: Tue 13 Feb 2024 13:18:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.146.184.0/22 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
89.36.23.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
93.115.254.0/23 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
185.255.39.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
188.214.208.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 05:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a2:9e:25:c0:48:1a:88:e0:9d:50:65:67:ee:40:97:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 13 13:18:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0597bbfe7681a47b62ef86c444d6b1ceaf804e6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:61:45:55:68:9f:23:34:c5:08:6e:55:b4:d4:
b6:58:2a:42:bb:b1:fc:97:81:18:18:16:5c:c8:74:
c0:23:ab:83:88:71:11:91:ff:97:46:22:22:91:4c:
d2:2a:78:06:ae:86:79:83:22:af:18:59:3b:b9:48:
ff:0d:42:3c:25:14:59:b8:e8:8e:7e:02:2d:7f:f4:
61:f3:35:bd:25:32:98:b4:2c:7d:64:f4:f9:e3:a1:
4e:3e:bc:49:2e:24:a1:98:1a:50:d3:b6:14:34:55:
84:69:81:e1:db:ee:2a:85:05:11:ce:75:3f:5f:19:
3f:65:f5:cb:96:80:26:88:96:a4:b2:d2:52:57:2b:
fb:b1:27:7b:b5:8b:62:97:d6:dd:a2:39:d6:e6:f2:
55:4f:46:62:30:33:b3:ec:aa:bf:1b:30:14:fe:ec:
2c:d9:62:8e:5a:2f:23:9e:59:e5:d8:28:08:c2:fa:
1d:97:b2:63:6f:c6:8c:6a:38:6f:99:e5:f0:bd:3d:
f8:01:9e:c9:2d:38:c4:1a:00:bf:d2:17:1b:13:06:
5d:5b:f7:b8:a6:e3:78:e3:f5:cb:8e:a4:c9:98:86:
94:27:3f:c4:af:3a:b5:12:38:4a:29:7a:7a:a0:1f:
00:b0:5d:9f:31:a9:e7:63:44:a5:0b:ac:ab:96:a5:
5a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:97:BB:FE:76:81:A4:7B:62:EF:86:C4:44:D6:B1:CE:AF:80:4E:6A
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BZe7_naBpHti74bERNaxzq-ATmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
89.33.84.0/24
89.35.154.0/24
89.36.23.0/24
89.37.62.0/23
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
188.212.133.0/24
188.212.158.0/23
188.214.208.0/23
188.240.224.0/23
188.240.227.0/24
188.240.232.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
90:18:28:a2:c1:78:16:5e:57:96:65:7e:92:cc:6c:77:10:0c:
a9:18:d1:92:d3:c6:da:7a:59:db:6f:36:d2:92:61:36:b0:f3:
42:1d:bb:73:c4:55:0a:08:7e:cd:5e:2d:b0:fd:2a:48:65:78:
2b:02:ef:94:65:7f:d4:16:6c:f9:3a:e9:7c:26:2c:50:e9:2a:
cf:88:3a:d2:17:14:0c:80:b7:07:0d:13:92:03:f5:1e:a9:6a:
72:ec:54:5c:a1:01:db:e2:1f:57:38:7b:03:7c:67:c4:0d:8d:
03:2d:9c:bb:f3:13:2c:59:6b:17:74:37:ee:17:cc:c7:b7:85:
03:8b:74:d8:87:bc:6e:21:ef:88:17:32:3f:4c:49:f2:88:1b:
89:b3:df:86:42:d4:be:1e:4b:11:06:6a:90:66:d2:76:3b:b1:
03:e6:b9:a4:c9:d5:6b:b6:b3:f4:5a:66:f4:6c:ce:5c:39:4d:
7d:20:bb:59:db:05:3c:57:10:e2:fe:f8:5e:ed:65:c2:90:8d:
13:09:50:1b:50:eb:49:42:13:ca:19:78:e9:69:18:8b:15:74:
7b:61:e1:ad:c5:83:af:4c:72:8d:db:97:51:6b:10:f8:5e:e8:
c3:c5:1d:e9:5f:88:85:f1:d8:94:3a:e0:12:97:76:c7:e8:12:
f7:ca:d1:27
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAY2iniXASBqI4J1QZWfuQJctMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMjEzMTMxODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTk3YmJmZTc2ODFhNDdiNjJlZjg2YzQ0NGQ2YjFjZWFmODA0ZTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGFFVWifIzTFCG5VtNS2WCpCu7H8
l4EYGBZcyHTAI6uDiHERkf+XRiIikUzSKngGroZ5gyKvGFk7uUj/DUI8JRRZuOiO
fgItf/Rh8zW9JTKYtCx9ZPT546FOPrxJLiShmBpQ07YUNFWEaYHh2+4qhQURznU/
Xxk/ZfXLloAmiJakstJSVyv7sSd7tYtil9bdojnW5vJVT0ZiMDOz7Kq/GzAU/uws
2WKOWi8jnlnl2CgIwvodl7Jjb8aMajhvmeXwvT34AZ7JLTjEGgC/0hcbEwZdW/e4
puN44/XLjqTJmIaUJz/Erzq1EjhKKXp6oB8AsF2fMannY0SlC6yrlqVa0QIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFAWXu/52gaR7Yu+GxETWsc6vgE5qMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvQlplN19uYUJwSHRpNzRiRVJOYXh6cS1BVG1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAIt
krgDBAAtnJ0DBABZIVQDBABZI5oDBABZJBcDBAFZJT4DBAJbvMwDBAFdc/4DBAG5
h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAC81IUDBAG81J4DBAG81tADBAG8
8OADBAC88OMDBAC88OgDBAC88fMDBAHBF4ADBALV6FwwDQYJKoZIhvcNAQELBQAD
ggEBAJAYKKLBeBZeV5ZlfpLMbHcQDKkY0ZLTxtp6WdtvNtKSYTaw80Idu3PEVQoI
fs1eLbD9KkhleCsC75Rlf9QWbPk66XwmLFDpKs+IOtIXFAyAtwcNE5ID9R6panLs
VFyhAdviH1c4ewN8Z8QNjQMtnLvzEyxZaxd0N+4XzMe3hQOLdNiHvG4h74gXMj9M
SfKIG4mz34ZC1L4eSxEGapBm0nY7sQPmuaTJ1Wu2s/RaZvRszlw5TX0gu1nbBTxX
EOL++F7tZcKQjRMJUBtQ60lCE8oZeOlpGIsVdHth4a3Fg69Mco3bl1FrEPhe6MPF
HelfiIXx2JQ64BKXdsfoEvfK0Sc=
-----END CERTIFICATE-----
Generated at Thu Feb 29 09:05:31 2024 by rpki-client on console-ams.rpki-client.org