Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/IgL1s6q-rVz-EexMkUv4TJvUrok.roa
File: IgL1s6q-rVz-EexMkUv4TJvUrok.roa (raw, json)
Hash identifier: B/sjsTpWYZj17Cj58Y39CwZDdxpAIQU3dbXH6N7hocI=
Subject key identifier: 22:02:F5:B3:AA:BE:AD:5C:FE:11:EC:4C:91:4B:F8:4C:9B:D4:AE:89
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01857102FEA7075B011941F025D50ECF7780
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/IgL1s6q-rVz-EexMkUv4TJvUrok.roa
Signing time: Mon 02 Jan 2023 05:44:59 +0000
ROA not before: Mon 02 Jan 2023 05:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14178
IP address blocks: 194.61.42.0/23 maxlen: 24
185.35.228.0/22 maxlen: 24
45.65.92.0/22 maxlen: 24
193.187.136.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:fe:a7:07:5b:01:19:41:f0:25:d5:0e:cf:77:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 2 05:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2202f5b3aabead5cfe11ec4c914bf84c9bd4ae89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e3:63:f5:b9:ba:01:e5:41:ca:a0:11:37:6d:
e2:18:5a:68:4a:cb:a2:37:a4:00:14:b9:42:c3:bc:
d1:96:6b:44:42:12:41:fd:c6:2e:2e:d2:5c:4c:a8:
6f:b7:c4:6e:9c:9e:4f:3a:81:7e:83:cd:e1:5c:90:
45:da:30:60:60:60:3a:8a:2f:44:f3:a0:dc:b6:95:
f3:f4:23:16:f3:24:68:a7:af:f1:52:92:a8:63:60:
ca:d4:ea:cc:08:17:38:52:84:da:5b:f5:8c:d4:da:
54:56:7d:5c:ed:fd:1d:fd:2d:fe:df:49:d1:d2:97:
47:a5:77:2a:b8:92:f0:ab:21:9c:49:24:bc:3c:28:
c9:8a:a6:4e:f2:2f:f2:de:9b:c3:b9:5e:33:e9:6b:
53:5e:f1:5e:86:56:9a:1a:01:87:66:27:0e:39:b8:
93:80:b6:53:fa:01:cd:ef:04:ad:ba:ce:5b:11:2a:
71:89:43:cd:6f:8a:a6:db:38:94:26:ec:da:c7:1b:
0d:25:44:57:c6:0a:b3:e0:2c:cb:ee:94:6f:d7:58:
d3:bf:bb:e0:7f:bf:c4:b0:d6:c8:91:7b:93:b3:c9:
d7:f1:ba:14:09:a7:5e:f2:b1:ed:3e:cf:5a:71:72:
77:09:35:1b:2a:05:27:1f:bf:03:d0:ef:c1:2d:bb:
fd:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:02:F5:B3:AA:BE:AD:5C:FE:11:EC:4C:91:4B:F8:4C:9B:D4:AE:89
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/IgL1s6q-rVz-EexMkUv4TJvUrok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.92.0/22
185.35.228.0/22
193.187.136.0/22
194.61.42.0/23
Signature Algorithm: sha256WithRSAEncryption
61:c4:6c:74:7c:76:54:69:53:d8:d1:63:47:6d:ce:c9:43:ed:
2d:1f:40:aa:90:ae:e0:41:fb:12:e4:58:f8:d7:05:5a:99:9d:
34:ea:92:ca:1f:c8:2c:a7:05:f0:b0:7a:b3:24:f4:e1:5d:b8:
83:8c:f6:d0:4b:79:df:b4:76:b9:cd:aa:64:5a:11:7f:fe:f1:
55:e9:a6:56:18:5c:1d:ab:42:e6:3f:ad:ee:8e:a1:80:33:13:
95:6e:35:80:2f:78:18:9f:72:c1:6b:9c:ea:c3:d5:ac:85:67:
8c:31:1b:a6:9e:4a:04:ef:58:64:69:b5:ef:b9:8b:37:2c:26:
4b:71:c4:33:65:10:9d:96:ab:a0:36:37:7c:79:74:6e:45:59:
12:73:50:9c:11:46:bb:35:af:ed:81:54:04:b7:90:47:5c:93:
a6:03:93:3f:6f:e6:a8:53:c7:0a:94:a0:0b:ce:4b:82:91:48:
2d:0f:9e:c8:03:d4:20:01:a8:43:32:1b:e5:a2:91:c6:87:26:
59:35:9c:4c:6c:c3:43:72:af:4f:03:13:9f:6b:13:6b:50:5a:
a1:13:f2:e1:a0:7c:ed:5c:00:76:9e:47:a0:c9:1e:82:71:4c:
b0:9e:6c:4d:dc:02:b5:5c:34:61:6f:89:5b:af:08:ba:47:52:
e3:af:ca:7c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVxAv6nB1sBGUHwJdUOz3eAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjAyZjViM2FhYmVhZDVjZmUxMWVjNGM5MTRiZjg0YzliZDRhZTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeNj9bm6AeVByqARN23iGFpoSsui
N6QAFLlCw7zRlmtEQhJB/cYuLtJcTKhvt8RunJ5POoF+g83hXJBF2jBgYGA6ii9E
86DctpXz9CMW8yRop6/xUpKoY2DK1OrMCBc4UoTaW/WM1NpUVn1c7f0d/S3+30nR
0pdHpXcquJLwqyGcSSS8PCjJiqZO8i/y3pvDuV4z6WtTXvFehlaaGgGHZicOObiT
gLZT+gHN7wStus5bESpxiUPNb4qm2ziUJuzaxxsNJURXxgqz4CzL7pRv11jTv7vg
f7/EsNbIkXuTs8nX8boUCade8rHtPs9acXJ3CTUbKgUnH78D0O/BLbv9+QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCIC9bOqvq1c/hHsTJFL+Eyb1K6JMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSWdMMXM2cS1yVnotRWV4TWtVdjRUSnZVcm9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLUFcAwQC
uSPkAwQCwbuIAwQBwj0qMA0GCSqGSIb3DQEBCwUAA4IBAQBhxGx0fHZUaVPY0WNH
bc7JQ+0tH0CqkK7gQfsS5Fj41wVamZ006pLKH8gspwXwsHqzJPThXbiDjPbQS3nf
tHa5zapkWhF//vFV6aZWGFwdq0LmP63ujqGAMxOVbjWAL3gYn3LBa5zqw9WshWeM
MRumnkoE71hkabXvuYs3LCZLccQzZRCdlqugNjd8eXRuRVkSc1CcEUa7Na/tgVQE
t5BHXJOmA5M/b+aoU8cKlKALzkuCkUgtD57IA9QgAahDMhvlopHGhyZZNZxMbMND
cq9PAxOfaxNrUFqhE/LhoHztXAB2nkegyR6CcUywnmxN3AK1XDRhb4lbrwi6R1Lj
r8p8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:10 2024 by rpki-client on console-ams.rpki-client.org