Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JV58FwbJf0vbwzW6niVso_lK5GE.roa
File: JV58FwbJf0vbwzW6niVso_lK5GE.roa (raw, json)
Hash identifier: NcRZt9W/cM1Eest8iwda7CG8EOX6PkcsHIj/jODGMxM=
Subject key identifier: 25:5E:7C:17:06:C9:7F:4B:DB:C3:35:BA:9E:25:6C:A3:F9:4A:E4:61
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018D06C3069C7EAB8FDCB6710C071EDCB707
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JV58FwbJf0vbwzW6niVso_lK5GE.roa
Signing time: Sun 14 Jan 2024 06:57:40 +0000
ROA not before: Sun 14 Jan 2024 06:57:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.208.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.254.0/23 maxlen: 24
89.40.76.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jan 2024 08:14:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:06:c3:06:9c:7e:ab:8f:dc:b6:71:0c:07:1e:dc:b7:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 14 06:57:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=255e7c1706c97f4bdbc335ba9e256ca3f94ae461
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:33:ea:b1:48:00:ba:b2:d3:6c:eb:26:df:59:
10:2a:d0:96:79:50:26:f4:7c:e3:7f:bf:4e:b4:51:
ff:ef:90:81:e6:6c:f1:91:22:01:81:01:67:a9:69:
19:1c:70:c4:fb:85:d2:aa:84:7b:1c:45:95:c4:15:
ad:70:a3:20:80:48:dc:f0:12:6b:04:49:be:6f:5c:
66:97:84:ff:40:e5:73:4e:c3:10:eb:77:59:08:bf:
2f:5f:0f:9f:84:6b:cb:8d:60:88:bc:74:07:6f:ca:
04:c0:98:07:b7:01:58:e4:57:aa:86:1b:65:9e:9f:
7e:79:0e:e4:48:05:36:ca:b9:c0:9a:ba:e2:de:d3:
16:b8:85:aa:1d:23:7c:65:31:6e:b2:7b:c6:4a:a8:
77:fb:35:0a:dc:b7:e4:d7:0e:3c:a8:88:9b:51:c6:
a8:a5:a1:8f:85:7e:b9:34:95:6b:77:c8:d9:8d:ce:
c6:09:88:02:e0:48:cd:ae:a4:33:22:3a:54:08:c5:
56:bf:5a:c3:d0:e1:a1:bb:ca:6b:db:63:86:c3:76:
f9:e8:18:ef:28:31:b6:80:14:b1:25:58:7c:1c:ad:
d5:c9:9d:91:a9:18:ed:29:ae:ed:bc:87:36:dc:f3:
06:7c:66:9c:2a:27:b0:cf:c0:92:d7:42:6b:7c:64:
f2:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:5E:7C:17:06:C9:7F:4B:DB:C3:35:BA:9E:25:6C:A3:F9:4A:E4:61
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JV58FwbJf0vbwzW6niVso_lK5GE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
89.33.84.0/24
89.35.154.0/24
89.37.62.0/23
89.40.76.0/24
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
188.212.133.0/24
188.212.158.0/23
188.214.208.0/23
188.240.224.0/23
188.240.227.0/24
188.241.110.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:72:e9:47:44:70:2b:0e:36:47:6e:1f:7f:65:fa:e4:4b:0b:
79:69:5d:5e:12:73:c7:9e:49:cc:60:14:d0:b8:b7:e4:1e:88:
a7:6d:e0:b8:3e:97:e0:8d:e8:16:c8:89:4a:91:fe:90:c5:06:
66:85:11:5f:4c:41:82:17:bc:ad:e2:34:bd:09:a6:0d:f8:2a:
7f:d6:94:c0:25:64:fe:63:99:ee:c7:eb:a1:a5:e0:10:31:97:
a9:ef:4a:f5:d9:7b:25:59:32:9f:57:37:ac:a4:3d:1f:b9:e4:
6e:45:55:f0:a3:c7:f4:15:33:0a:52:fd:71:77:4a:8e:77:64:
32:cb:81:82:a8:f8:83:f1:48:d2:1a:4b:cd:fc:72:e3:f4:c2:
df:d8:f2:bc:f9:4b:44:4d:cf:e0:f4:0e:a8:41:09:ee:1c:fd:
ac:d8:a7:9f:64:8f:bf:5e:69:14:1e:d4:91:90:0c:15:6b:47:
71:b6:ec:dc:59:f7:2b:d6:ed:62:8a:b7:0e:85:e4:e0:5c:ed:
ae:37:e0:74:c3:71:ed:3b:dc:17:d7:cd:c2:aa:bc:13:78:85:
e4:09:1a:a5:26:12:fb:ec:18:90:b4:de:d0:c8:c9:35:15:85:
d4:37:d2:b6:73:d3:9f:d1:b9:b9:cd:bc:02:eb:2f:d0:5d:72:
d9:12:af:13
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAY0GwwacfquP3LZxDAce3LcHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTE0MDY1NzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTVlN2MxNzA2Yzk3ZjRiZGJjMzM1YmE5ZTI1NmNhM2Y5NGFlNDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDPqsUgAurLTbOsm31kQKtCWeVAm
9Hzjf79OtFH/75CB5mzxkSIBgQFnqWkZHHDE+4XSqoR7HEWVxBWtcKMggEjc8BJr
BEm+b1xml4T/QOVzTsMQ63dZCL8vXw+fhGvLjWCIvHQHb8oEwJgHtwFY5Feqhhtl
np9+eQ7kSAU2yrnAmrri3tMWuIWqHSN8ZTFusnvGSqh3+zUK3Lfk1w48qIibUcao
paGPhX65NJVrd8jZjc7GCYgC4EjNrqQzIjpUCMVWv1rD0OGhu8pr22OGw3b56Bjv
KDG2gBSxJVh8HK3VyZ2RqRjtKa7tvIc23PMGfGacKiewz8CS10JrfGTykQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFCVefBcGyX9L28M1up4lbKP5SuRhMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSlY1OEZ3YkpmMHZid3pXNm5pVnNvX2xLNUdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAIt
krgDBAAtnJ0DBABZIVQDBABZI5oDBAFZJT4DBABZKEwDBAJbvMwDBAFdc/4DBAG5
h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAC81IUDBAG81J4DBAG81tADBAG8
8OADBAC88OMDBAC88W4DBAC88fMDBAHBF4ADBALV6FwwDQYJKoZIhvcNAQELBQAD
ggEBAI9y6UdEcCsONkduH39l+uRLC3lpXV4Sc8eeScxgFNC4t+QeiKdt4Lg+l+CN
6BbIiUqR/pDFBmaFEV9MQYIXvK3iNL0Jpg34Kn/WlMAlZP5jme7H66Gl4BAxl6nv
SvXZeyVZMp9XN6ykPR+55G5FVfCjx/QVMwpS/XF3So53ZDLLgYKo+IPxSNIaS838
cuP0wt/Y8rz5S0RNz+D0DqhBCe4c/azYp59kj79eaRQe1JGQDBVrR3G27NxZ9yvW
7WKKtw6F5OBc7a434HTDce073BfXzcKqvBN4heQJGqUmEvvsGJC03tDIyTUVhdQ3
0rZz05/RubnNvALrL9BdctkSrxM=
-----END CERTIFICATE-----
Generated at Tue Jan 16 12:45:18 2024 by rpki-client on console-ams.rpki-client.org