Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Kmxu-iMjfg1uFFkawr0Nvt1QXng.roa
File: Kmxu-iMjfg1uFFkawr0Nvt1QXng.roa (raw, json)
Hash identifier: 40B9PQph3mwWA2dMGHrEY519S6AEW+XxB1B8S2AuTlQ=
Subject key identifier: 2A:6C:6E:FA:23:23:7E:0D:6E:14:59:1A:C2:BD:0D:BE:DD:50:5E:78
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018DF06EC8C0EFB5858C7F297C6AD38A1098
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Kmxu-iMjfg1uFFkawr0Nvt1QXng.roa
Signing time: Wed 28 Feb 2024 15:56:48 +0000
ROA not before: Wed 28 Feb 2024 15:56:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213035
IP address blocks: 45.144.226.0/24 maxlen: 24
185.121.121.0/24 maxlen: 24
185.121.122.0/23 maxlen: 24
185.239.243.0/24 maxlen: 24
193.239.164.0/23 maxlen: 24
220.158.198.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Mar 2024 06:08:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f0:6e:c8:c0:ef:b5:85:8c:7f:29:7c:6a:d3:8a:10:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 28 15:56:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a6c6efa23237e0d6e14591ac2bd0dbedd505e78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:e0:2d:54:e7:20:56:e7:c6:30:f0:ee:ca:86:
ce:dc:f7:da:e2:a9:74:71:18:f2:6d:9b:ea:27:60:
0f:92:78:a7:a6:f0:3d:23:6d:70:71:b5:27:8c:b6:
7f:1b:7f:f3:a3:67:45:27:11:ea:1c:28:97:08:f2:
7f:92:ae:b2:1a:91:98:49:a4:e5:8f:90:b1:cb:07:
75:c5:d1:46:27:f5:80:1f:81:e4:95:0a:58:5d:2a:
c8:2a:4b:8f:08:62:80:41:17:96:b7:f9:0f:8d:99:
84:99:4a:ba:c6:ae:7a:99:f4:6d:62:21:4b:71:84:
f5:b9:8b:11:48:e1:61:4b:3b:96:b1:fa:24:89:04:
87:68:b5:38:09:24:0c:b9:b0:e1:e1:5f:61:08:cd:
9d:66:2b:46:de:c9:20:43:02:73:c4:e1:de:30:48:
a5:aa:f2:7c:3e:b8:80:8e:41:09:d9:ea:4b:99:aa:
fa:96:9e:8c:78:34:f7:79:0b:2d:b1:ea:0a:90:91:
f5:94:98:c0:4a:ae:46:6a:e4:bb:cb:6d:39:63:d2:
34:70:0f:47:eb:a7:13:8a:b2:3b:c1:41:9c:eb:03:
86:f0:c6:c5:5d:3f:9e:99:8b:33:03:92:21:b6:40:
c3:5b:b1:be:d3:cb:75:d5:86:26:a4:c9:b4:6e:04:
c7:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:6C:6E:FA:23:23:7E:0D:6E:14:59:1A:C2:BD:0D:BE:DD:50:5E:78
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Kmxu-iMjfg1uFFkawr0Nvt1QXng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.226.0/24
185.121.121.0-185.121.123.255
185.239.243.0/24
193.239.164.0/23
220.158.198.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:19:04:d9:03:c9:f6:98:55:02:96:f2:5a:4b:dd:06:e2:fc:
ab:38:18:91:6f:5e:65:ab:0e:64:62:59:49:3a:75:23:a1:08:
2a:4b:64:d9:c0:36:32:68:83:36:71:c8:8b:44:75:81:6c:50:
aa:ee:fc:65:21:0c:6f:80:52:29:63:c6:b7:63:ed:61:6b:05:
8c:14:4f:2a:d1:e8:d0:82:57:19:ae:02:8a:4a:67:9b:91:5d:
4f:f1:05:c5:b9:96:18:12:f1:c6:af:4c:a8:f7:cb:89:4a:e0:
ca:77:0e:db:89:77:27:2f:d6:f0:f2:bd:37:4f:36:c2:9d:75:
15:84:9c:30:24:38:b1:ee:83:ea:2b:99:c9:33:93:a7:91:2e:
96:63:14:f1:63:75:52:56:ac:be:42:19:d3:83:6f:c5:7e:bb:
f4:f5:3d:2d:1d:ff:40:8f:0d:71:ed:fe:5c:8a:e9:fd:a2:82:
98:ba:58:0d:0d:2c:63:85:9e:2b:e8:59:8c:a9:9a:6b:72:0d:
1c:07:ab:b1:5a:59:82:fd:14:53:fa:ff:85:6e:86:e5:bc:2c:
e6:d5:d8:99:09:f7:df:27:bb:2c:f9:51:a9:35:b3:6b:9c:0b:
69:9e:29:fa:46:1f:ff:f5:81:e3:cc:6f:60:07:8a:13:b7:e5:
fd:b3:cc:31
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY3wbsjA77WFjH8pfGrTihCYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMjI4MTU1NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTZjNmVmYTIzMjM3ZTBkNmUxNDU5MWFjMmJkMGRiZWRkNTA1ZTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjeAtVOcgVufGMPDuyobO3Pfa4ql0
cRjybZvqJ2APkninpvA9I21wcbUnjLZ/G3/zo2dFJxHqHCiXCPJ/kq6yGpGYSaTl
j5Cxywd1xdFGJ/WAH4HklQpYXSrIKkuPCGKAQReWt/kPjZmEmUq6xq56mfRtYiFL
cYT1uYsRSOFhSzuWsfokiQSHaLU4CSQMubDh4V9hCM2dZitG3skgQwJzxOHeMEil
qvJ8PriAjkEJ2epLmar6lp6MeDT3eQstseoKkJH1lJjASq5GauS7y205Y9I0cA9H
66cTirI7wUGc6wOG8MbFXT+emYszA5IhtkDDW7G+08t11YYmpMm0bgTHFQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCpsbvojI34NbhRZGsK9Db7dUF54MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvS214dS1pTWpmZzF1RkZrYXdyME52dDFRWG5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQALZDiMAwD
BAC5eXkDBAK5eXgDBAC57/MDBAHB76QDBADcnsYwDQYJKoZIhvcNAQELBQADggEB
ACsZBNkDyfaYVQKW8lpL3Qbi/Ks4GJFvXmWrDmRiWUk6dSOhCCpLZNnANjJogzZx
yItEdYFsUKru/GUhDG+AUiljxrdj7WFrBYwUTyrR6NCCVxmuAopKZ5uRXU/xBcW5
lhgS8cavTKj3y4lK4Mp3DtuJdycv1vDyvTdPNsKddRWEnDAkOLHug+ormckzk6eR
LpZjFPFjdVJWrL5CGdODb8V+u/T1PS0d/0CPDXHt/lyK6f2igpi6WA0NLGOFnivo
WYypmmtyDRwHq7FaWYL9FFP6/4VuhuW8LObV2JkJ998nuyz5Uak1s2ucC2meKfpG
H//1gePMb2AHihO35f2zzDE=
-----END CERTIFICATE-----
Generated at Mon Mar 4 06:50:45 2024 by rpki-client on console-ams.rpki-client.org