Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/E_20QMVF_H3hlx-91Vdq3nW68f8.roa
File: E_20QMVF_H3hlx-91Vdq3nW68f8.roa (raw, json)
Hash identifier: py214yjdQkMOMiJ8jjnI6uv1pZUklDGr0wykJ534yYg=
Subject key identifier: 13:FD:B4:40:C5:45:FC:7D:E1:97:1F:BD:D5:57:6A:DE:75:BA:F1:FF
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018F13EC135E0EC02A9456DC349FA7B9B7CC
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/E_20QMVF_H3hlx-91Vdq3nW68f8.roa
Signing time: Thu 25 Apr 2024 06:23:09 +0000
ROA not before: Thu 25 Apr 2024 06:23:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137409
IP address blocks: 45.8.70.0/24 maxlen: 24
45.130.202.0/23 maxlen: 24
45.133.4.0/24 maxlen: 24
45.133.5.0/24 maxlen: 24
45.133.6.0/24 maxlen: 24
45.133.7.0/24 maxlen: 24
89.34.126.0/23 maxlen: 24
89.36.23.0/24 maxlen: 24
93.114.192.0/24 maxlen: 24
185.165.45.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
194.5.82.0/24 maxlen: 24
194.5.83.0/24 maxlen: 24
194.61.40.0/23 maxlen: 24
203.25.124.0/24 maxlen: 24
204.75.229.0/24 maxlen: 24
220.158.198.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 May 2024 05:38:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:13:ec:13:5e:0e:c0:2a:94:56:dc:34:9f:a7:b9:b7:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 25 06:23:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=13fdb440c545fc7de1971fbdd5576ade75baf1ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:be:55:16:9a:f1:61:dd:e8:29:20:86:38:4c:
a2:be:cf:3f:50:d3:f8:9c:7d:3b:74:7a:91:47:35:
32:d4:81:f6:5f:85:d8:9c:04:1e:3d:62:61:f3:4b:
63:43:f0:29:e9:de:f2:86:10:c6:07:37:55:d6:dc:
f7:58:c2:14:da:8c:b0:a7:57:72:65:a8:37:65:2e:
f0:ee:1e:43:0c:5e:b8:39:98:93:cc:41:a8:21:8d:
cd:52:8a:f6:a9:25:61:be:b6:40:61:2f:5b:98:b7:
23:ba:9e:e5:56:c6:70:8f:e7:68:5c:ec:3e:af:36:
fc:29:d9:95:a8:4b:e3:c1:82:22:f4:c4:4e:80:a5:
8e:8f:c2:bf:28:4d:eb:1d:8c:6d:cc:9b:b1:60:6b:
02:3a:df:a8:da:a3:45:14:8b:b5:fb:c7:dc:68:a8:
e0:b1:df:4a:2e:2e:95:59:06:19:d1:7f:a4:cf:5b:
1b:2f:82:49:70:a5:06:cb:5b:c5:2f:39:0f:66:d1:
90:2d:1d:2b:7a:47:b7:c3:c1:31:f1:97:6d:8a:5c:
cf:1d:52:8a:1c:7d:ad:19:c6:31:72:55:cf:75:48:
62:c6:e1:51:dc:b6:a8:b3:16:07:03:96:ad:12:9a:
34:69:61:74:39:b1:f0:6a:b5:d4:91:4f:1a:31:2e:
bb:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:FD:B4:40:C5:45:FC:7D:E1:97:1F:BD:D5:57:6A:DE:75:BA:F1:FF
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/E_20QMVF_H3hlx-91Vdq3nW68f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.70.0/24
45.130.202.0/23
45.133.4.0/22
89.34.126.0/23
89.36.23.0/24
93.114.192.0/24
185.165.45.0/24
188.213.202.0/24
194.5.82.0/23
194.61.40.0/23
203.25.124.0/24
204.75.229.0/24
220.158.198.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:ca:9d:a9:b0:8c:0b:cc:7d:b2:eb:f8:7d:26:fe:4b:e1:f0:
15:6d:2e:55:e9:33:73:55:26:75:8a:59:14:6b:5b:5c:ca:86:
cd:83:d8:66:ae:d6:89:70:9d:60:da:f7:d5:ac:55:ae:55:ba:
12:aa:f5:2c:71:f1:cf:04:bd:35:28:e4:3d:bf:59:f5:96:17:
a2:60:a7:73:1f:ef:68:aa:99:f0:f4:34:5e:57:61:a5:fe:cb:
c3:10:cb:3a:1b:16:3c:3a:b4:90:0f:41:e3:b2:52:6f:cb:ff:
52:bb:26:67:c2:e3:5b:1c:e5:96:f5:75:85:90:90:56:b5:45:
f1:c5:8e:c2:4c:f4:d3:57:b1:ef:67:1d:f6:a4:06:2b:0c:c3:
c1:3e:fd:a1:10:f5:97:de:05:c2:98:a7:55:6f:09:b6:5e:26:
a5:8e:2e:78:e6:a8:22:e8:49:db:8d:d2:07:37:54:2f:f7:34:
02:92:6d:ae:c3:d1:05:56:67:0f:ce:ea:80:fe:fe:2e:8e:33:
ee:4a:7a:c1:6f:13:b1:f0:db:5f:07:b3:71:55:59:71:5e:27:
67:01:8a:8d:94:64:cf:12:b7:a0:b5:68:0f:c5:9a:83:33:a8:
27:23:2d:00:10:ef:8a:72:1f:aa:0b:8c:b2:ee:ce:74:e2:00:
85:0e:4b:f7
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAY8T7BNeDsAqlFbcNJ+nubfMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwNDI1MDYyMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2ZkYjQ0MGM1NDVmYzdkZTE5NzFmYmRkNTU3NmFkZTc1YmFmMWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr75VFprxYd3oKSCGOEyivs8/UNP4
nH07dHqRRzUy1IH2X4XYnAQePWJh80tjQ/Ap6d7yhhDGBzdV1tz3WMIU2oywp1dy
Zag3ZS7w7h5DDF64OZiTzEGoIY3NUor2qSVhvrZAYS9bmLcjup7lVsZwj+doXOw+
rzb8KdmVqEvjwYIi9MROgKWOj8K/KE3rHYxtzJuxYGsCOt+o2qNFFIu1+8fcaKjg
sd9KLi6VWQYZ0X+kz1sbL4JJcKUGy1vFLzkPZtGQLR0reke3w8Ex8ZdtilzPHVKK
HH2tGcYxclXPdUhixuFR3LaosxYHA5atEpo0aWF0ObHwarXUkU8aMS67ZwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFBP9tEDFRfx94ZcfvdVXat51uvH/MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvRV8yMFFNVkZfSDNobHgtOTFWZHEzblc2OGY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQALQhGAwQB
LYLKAwQCLYUEAwQBWSJ+AwQAWSQXAwQAXXLAAwQAuaUtAwQAvNXKAwQBwgVSAwQB
wj0oAwQAyxl8AwQAzEvlAwQA3J7GMA0GCSqGSIb3DQEBCwUAA4IBAQBLyp2psIwL
zH2y6/h9Jv5L4fAVbS5V6TNzVSZ1ilkUa1tcyobNg9hmrtaJcJ1g2vfVrFWuVboS
qvUscfHPBL01KOQ9v1n1lheiYKdzH+9oqpnw9DReV2Gl/svDEMs6GxY8OrSQD0Hj
slJvy/9SuyZnwuNbHOWW9XWFkJBWtUXxxY7CTPTTV7HvZx32pAYrDMPBPv2hEPWX
3gXCmKdVbwm2Xialji545qgi6EnbjdIHN1Qv9zQCkm2uw9EFVmcPzuqA/v4ujjPu
SnrBbxOx8NtfB7NxVVlxXidnAYqNlGTPEregtWgPxZqDM6gnIy0AEO+Kch+qC4yy
7s504gCFDkv3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:45 2024 by rpki-client on console-fra.rpki-client.org