Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/IDA4EOU5nXdcvpWACDlrw56PICM.roa
File: IDA4EOU5nXdcvpWACDlrw56PICM.roa (raw, json)
Hash identifier: 5lAd8PP6S9ssLpJDXAyVSxKFydqn1roPnAitWc9psgU=
Subject key identifier: 20:30:38:10:E5:39:9D:77:5C:BE:95:80:08:39:6B:C3:9E:8F:20:23
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01896E27C4CA79AD0CFF80C6AA80099AE321
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/IDA4EOU5nXdcvpWACDlrw56PICM.roa
Signing time: Wed 19 Jul 2023 12:37:27 +0000
ROA not before: Wed 19 Jul 2023 12:37:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209854
IP address blocks: 185.244.139.0/24 maxlen: 24
212.119.32.0/23 maxlen: 24
212.119.34.0/24 maxlen: 24
194.169.168.0/22 maxlen: 24
193.218.35.0/24 maxlen: 24
45.144.227.0/24 maxlen: 24
91.190.101.0/24 maxlen: 24
91.190.102.0/23 maxlen: 24
91.190.100.0/24 maxlen: 24
62.197.144.0/20 maxlen: 24
45.135.184.0/24 maxlen: 24
92.62.120.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Jul 2023 06:18:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6e:27:c4:ca:79:ad:0c:ff:80:c6:aa:80:09:9a:e3:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 19 12:37:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20303810e5399d775cbe958008396bc39e8f2023
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:55:98:aa:52:30:fd:dd:40:b5:f6:5f:71:d1:
63:d8:52:5c:b4:e6:b6:6f:f4:fb:8a:70:4e:5a:61:
08:e5:20:f8:ac:e4:17:5d:e7:20:38:72:5c:17:8b:
26:4e:53:bd:8f:64:9e:b8:68:8e:41:90:87:3f:18:
7d:34:aa:44:a5:eb:83:c9:37:83:fc:06:fb:13:db:
2e:7d:c3:01:4c:36:5e:4b:25:38:1c:84:5a:4f:94:
77:f1:74:9f:c4:82:3a:f6:b2:78:11:00:1a:cf:ca:
cf:6a:7e:d2:8b:2a:17:85:b8:20:1b:d1:0e:67:5a:
39:a3:3c:1d:e9:e1:65:1f:8a:3c:13:b5:58:49:1e:
cc:21:ab:fe:31:2f:77:9f:c3:99:e6:05:13:ea:b8:
a4:4f:e8:ff:56:9d:b8:b8:00:89:0b:58:01:47:6d:
0d:ac:a1:ea:f0:49:16:5a:39:90:cf:3f:66:35:94:
96:f2:61:5e:88:83:72:34:ca:80:92:c9:87:6b:a8:
0e:8d:c6:86:ed:2e:4c:f5:24:46:8c:85:8d:c4:74:
39:bc:6e:33:59:a3:3e:e1:4b:a8:d5:92:85:22:2c:
78:f9:d9:c4:29:15:5c:3d:75:fa:10:5b:c6:61:92:
47:9d:d7:fd:6a:09:9e:93:6c:c8:63:8b:25:76:18:
68:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:30:38:10:E5:39:9D:77:5C:BE:95:80:08:39:6B:C3:9E:8F:20:23
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/IDA4EOU5nXdcvpWACDlrw56PICM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.184.0/24
45.144.227.0/24
62.197.144.0/20
91.190.100.0/22
92.62.120.0/22
185.244.139.0/24
193.218.35.0/24
194.169.168.0/22
212.119.32.0-212.119.34.255
Signature Algorithm: sha256WithRSAEncryption
14:a8:94:19:b6:c3:8c:c1:97:6b:3b:a3:fc:f5:95:b9:01:ee:
5f:de:cd:a0:58:8b:f9:7e:7e:76:6f:b4:dd:dc:24:f2:21:f0:
6b:a0:0f:d3:99:c8:63:c3:31:3a:a1:af:43:cf:58:97:1d:01:
1f:20:9d:cb:c9:47:f8:dd:71:8b:8c:5a:b7:3f:a4:b3:1c:4e:
71:89:8a:fd:45:af:4f:d1:4d:85:4c:2d:e6:28:f1:94:9e:00:
ca:c3:06:c4:6e:c8:54:6c:fd:3d:8a:9e:01:0f:07:eb:e2:e7:
61:31:ea:52:db:5a:ae:55:0a:ef:c4:2a:7b:66:09:2e:1b:0f:
bf:a7:39:97:e2:66:5f:63:51:ad:c1:e2:29:f2:16:3f:73:f0:
ad:ae:e0:13:56:05:38:9a:0b:de:7e:80:d4:aa:2e:c3:47:41:
4f:d3:c4:74:72:46:d5:99:b7:bc:3b:e3:cc:ae:31:d7:43:c7:
64:e6:41:28:b1:12:a7:6d:26:47:b4:f3:b6:95:8a:b4:6a:54:
da:14:5c:82:b4:13:b5:3e:8d:97:47:2b:e8:1a:a8:56:2d:92:
83:e4:d9:1a:e3:ea:6c:d8:e4:cb:f2:d3:9d:2b:77:95:84:5f:
4f:db:f9:68:ec:dc:45:64:bc:21:d7:8c:c2:38:61:d9:b9:82:
e4:61:aa:99
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYluJ8TKea0M/4DGqoAJmuMhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzE5MTIzNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDMwMzgxMGU1Mzk5ZDc3NWNiZTk1ODAwODM5NmJjMzllOGYyMDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVWYqlIw/d1AtfZfcdFj2FJctOa2
b/T7inBOWmEI5SD4rOQXXecgOHJcF4smTlO9j2SeuGiOQZCHPxh9NKpEpeuDyTeD
/Ab7E9sufcMBTDZeSyU4HIRaT5R38XSfxII69rJ4EQAaz8rPan7SiyoXhbggG9EO
Z1o5ozwd6eFlH4o8E7VYSR7MIav+MS93n8OZ5gUT6rikT+j/Vp24uACJC1gBR20N
rKHq8EkWWjmQzz9mNZSW8mFeiINyNMqAksmHa6gOjcaG7S5M9SRGjIWNxHQ5vG4z
WaM+4Uuo1ZKFIix4+dnEKRVcPXX6EFvGYZJHndf9agmek2zIY4sldhhoYQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFCAwOBDlOZ13XL6VgAg5a8OejyAjMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSURBNEVPVTVuWGRjdnBXQUNEbHJ3NTZQSUNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQALYe4AwQA
LZDjAwQEPsWQAwQCW75kAwQCXD54AwQAufSLAwQAwdojAwQCwqmoMAwDBAXUdyAD
BADUdyIwDQYJKoZIhvcNAQELBQADggEBABSolBm2w4zBl2s7o/z1lbkB7l/ezaBY
i/l+fnZvtN3cJPIh8GugD9OZyGPDMTqhr0PPWJcdAR8gncvJR/jdcYuMWrc/pLMc
TnGJiv1Fr0/RTYVMLeYo8ZSeAMrDBsRuyFRs/T2KngEPB+vi52Ex6lLbWq5VCu/E
KntmCS4bD7+nOZfiZl9jUa3B4inyFj9z8K2u4BNWBTiaC95+gNSqLsNHQU/TxHRy
RtWZt7w748yuMddDx2TmQSixEqdtJke087aVirRqVNoUXIK0E7U+jZdHK+gaqFYt
koPk2Rrj6mzY5Mvy050rd5WEX0/b+Wjs3EVkvCHXjMI4Ydm5guRhqpk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:45 2024 by rpki-client on console-fra.rpki-client.org