Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/IqAmODxolmq_SkFIqGHw2FBrjKM.roa
File: IqAmODxolmq_SkFIqGHw2FBrjKM.roa (raw, json)
Hash identifier: k07dSas5mBmwOzL4VYEsphV2AmQHlJi0kHKZwx+M/XA=
Subject key identifier: 22:A0:26:38:3C:68:96:6A:BF:4A:41:48:A8:61:F0:D8:50:6B:8C:A3
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018D204D47A31EBA9098BBF91F824D6C34A5
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/IqAmODxolmq_SkFIqGHw2FBrjKM.roa
Signing time: Fri 19 Jan 2024 05:59:12 +0000
ROA not before: Fri 19 Jan 2024 05:59:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.146.184.0/22 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
89.40.76.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
93.115.254.0/23 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
185.255.39.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
188.214.208.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.230.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Jan 2024 16:05:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:20:4d:47:a3:1e:ba:90:98:bb:f9:1f:82:4d:6c:34:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 19 05:59:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22a026383c68966abf4a4148a861f0d8506b8ca3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:8d:df:e2:82:46:f7:ea:3e:79:90:5a:7f:1d:
a8:42:ea:d3:c5:68:68:e9:2b:38:a5:b4:ff:ec:2b:
c7:14:c1:5e:af:98:f4:f0:44:a8:9c:39:cb:02:54:
1c:6d:35:74:f0:93:16:d9:64:f6:a1:3a:00:bd:a0:
3e:37:ce:fd:18:7b:27:d1:60:22:79:5e:d4:db:21:
c6:77:ee:b9:18:71:23:ae:18:4c:2b:f7:e5:07:44:
05:84:3e:94:22:6f:26:42:6b:66:7a:02:de:ad:49:
39:f3:84:ab:fb:08:60:16:f4:46:6e:ea:28:a8:28:
e5:07:f3:4b:e0:f5:4b:47:78:49:59:e1:00:d1:57:
fd:56:98:a4:63:25:79:8c:d9:09:c9:ad:77:3b:0e:
a4:7c:c8:ae:1f:7e:19:21:68:2a:2d:7b:d2:59:88:
26:a6:62:ed:87:f9:77:de:2a:01:5c:e3:d1:61:2e:
e2:d0:fe:c3:f5:4a:27:1e:a7:d7:b8:7f:09:47:bd:
25:61:b4:d5:99:09:27:a8:f7:c6:da:be:14:d9:63:
f9:55:c9:bc:b1:47:88:a4:05:f4:1d:e7:20:ad:57:
8d:13:7d:a3:69:37:c7:89:31:cd:e8:ed:15:25:68:
e2:c4:d0:3a:4d:43:d6:e8:9b:33:d6:a2:1b:00:36:
36:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:A0:26:38:3C:68:96:6A:BF:4A:41:48:A8:61:F0:D8:50:6B:8C:A3
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/IqAmODxolmq_SkFIqGHw2FBrjKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
89.33.84.0/24
89.35.154.0/24
89.37.62.0/23
89.40.76.0/24
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
188.212.133.0/24
188.212.158.0/23
188.214.208.0/23
188.240.224.0/23
188.240.227.0/24
188.240.230.0/24
188.240.232.0/24
188.241.110.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
41:82:4a:5b:90:f1:8c:10:8d:51:03:66:58:3a:d8:6c:fe:61:
94:eb:14:ad:f7:8e:6b:32:69:07:61:07:2c:6a:00:e5:e4:fc:
01:dc:32:cd:85:14:60:6a:b1:5d:a2:87:c3:e3:ef:d7:e1:bf:
db:16:91:c8:14:9e:c3:02:65:d2:88:b7:28:13:e0:7f:7d:ea:
c0:78:c5:5a:ed:f4:c1:f1:61:f0:95:60:f1:21:f0:29:8e:53:
3f:50:e6:80:c5:49:63:ed:1a:c9:3b:d6:e4:9e:47:7a:6f:54:
31:69:00:86:00:46:d6:d8:5f:7d:02:a8:28:71:97:ce:f8:d3:
79:6a:8a:c8:28:55:3f:4e:26:b7:ad:10:0f:db:9f:c5:30:15:
d7:85:73:1e:6c:e4:2d:72:5e:60:dc:cb:62:10:bd:06:0d:b7:
14:10:63:da:b0:55:f2:56:e9:56:1f:45:99:ca:a0:b6:21:60:
5a:9c:1d:4a:af:1c:5c:d2:66:0f:b8:96:81:d7:a0:25:59:d8:
bf:38:20:90:3b:45:42:ce:19:db:f2:3a:36:c7:b3:43:0a:5b:
c3:f7:9b:bb:89:67:9e:a0:c4:e3:1d:93:9b:72:84:4b:ec:70:
5e:79:6e:4c:bc:94:ba:35:2d:e1:3e:cc:a1:60:3f:2c:cb:52:
0b:1c:7d:74
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAY0gTUejHrqQmLv5H4JNbDSlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTE5MDU1OTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmEwMjYzODNjNjg5NjZhYmY0YTQxNDhhODYxZjBkODUwNmI4Y2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlY3f4oJG9+o+eZBafx2oQurTxWho
6Ss4pbT/7CvHFMFer5j08ESonDnLAlQcbTV08JMW2WT2oToAvaA+N879GHsn0WAi
eV7U2yHGd+65GHEjrhhMK/flB0QFhD6UIm8mQmtmegLerUk584Sr+whgFvRGbuoo
qCjlB/NL4PVLR3hJWeEA0Vf9VpikYyV5jNkJya13Ow6kfMiuH34ZIWgqLXvSWYgm
pmLth/l33ioBXOPRYS7i0P7D9UonHqfXuH8JR70lYbTVmQknqPfG2r4U2WP5Vcm8
sUeIpAX0HecgrVeNE32jaTfHiTHN6O0VJWjixNA6TUPW6Jsz1qIbADY2IQIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFCKgJjg8aJZqv0pBSKhh8NhQa4yjMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSXFBbU9EeG9sbXFfU2tGSXFHSHcyRkJyaktNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBAIt
krgDBAAtnJ0DBABZIVQDBABZI5oDBAFZJT4DBABZKEwDBAJbvMwDBAFdc/4DBAG5
h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAC81IUDBAG81J4DBAG81tADBAG8
8OADBAC88OMDBAC88OYDBAC88OgDBAC88W4DBAC88fMDBAHBF4ADBALV6FwwDQYJ
KoZIhvcNAQELBQADggEBAEGCSluQ8YwQjVEDZlg62Gz+YZTrFK33jmsyaQdhByxq
AOXk/AHcMs2FFGBqsV2ih8Pj79fhv9sWkcgUnsMCZdKItygT4H996sB4xVrt9MHx
YfCVYPEh8CmOUz9Q5oDFSWPtGsk71uSeR3pvVDFpAIYARtbYX30CqChxl87403lq
isgoVT9OJretEA/bn8UwFdeFcx5s5C1yXmDcy2IQvQYNtxQQY9qwVfJW6VYfRZnK
oLYhYFqcHUqvHFzSZg+4loHXoCVZ2L84IJA7RULOGdvyOjbHs0MKW8P3m7uJZ56g
xOMdk5tyhEvscF55bky8lLo1LeE+zKFgPyzLUgscfXQ=
-----END CERTIFICATE-----
Generated at Fri Jan 19 21:14:45 2024 by rpki-client on console-fra.rpki-client.org