Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/MN2ciF66aJoIxTeYlFw8rRv-Q4U.roa
File: MN2ciF66aJoIxTeYlFw8rRv-Q4U.roa (raw, json)
Hash identifier: Gk+eG0mHG8IlLmCbmXgo2F5NtsjNyIQ619Rx6+GvT54=
Subject key identifier: 30:DD:9C:88:5E:BA:68:9A:08:C5:37:98:94:5C:3C:AD:1B:FE:43:85
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018A01EC67002DF586BA045F99D5F077DF36
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/MN2ciF66aJoIxTeYlFw8rRv-Q4U.roa
Signing time: Thu 17 Aug 2023 05:16:24 +0000
ROA not before: Thu 17 Aug 2023 05:16:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 91.217.250.0/24 maxlen: 24
91.217.249.0/24 maxlen: 24
45.89.32.0/22 maxlen: 24
188.213.202.0/24 maxlen: 24
45.131.248.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Sep 2023 07:51:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:01:ec:67:00:2d:f5:86:ba:04:5f:99:d5:f0:77:df:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 17 05:16:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30dd9c885eba689a08c53798945c3cad1bfe4385
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:1a:77:b9:a4:46:7c:7b:16:5b:ae:45:3b:a2:
6f:e8:49:b7:ac:c5:5c:7e:88:18:71:60:b4:a8:15:
85:64:ea:ee:43:4c:1f:90:ca:b0:63:ec:bb:3e:29:
c8:c0:df:88:59:a6:0e:a6:bf:49:5c:e1:e7:17:84:
4a:3c:a9:7e:02:f6:1c:2b:2c:c2:db:f4:c0:df:34:
f3:e4:25:16:69:11:81:18:e2:d6:a1:98:20:a4:5c:
b7:a4:ca:c9:dc:52:da:a1:ae:94:27:16:a6:80:03:
aa:25:fa:c5:73:15:50:c5:8f:6b:d4:2a:27:a8:29:
66:50:dd:3d:00:57:ac:57:b4:98:f1:35:c8:31:69:
3e:5d:cb:54:70:a1:10:8f:03:0f:8a:d0:9f:a8:e6:
9e:05:18:79:dc:d7:c8:34:9c:55:a3:7d:fe:5f:94:
84:63:6a:e9:e9:97:6d:10:63:76:df:8c:e1:0b:06:
a8:64:db:c6:4c:4f:1e:8b:62:ab:c5:d7:7c:72:fe:
8c:3c:e9:a5:8b:ac:b7:73:ff:12:2a:de:01:ee:68:
a0:1e:f5:b1:24:2b:33:43:6e:99:6e:a5:b8:8e:47:
93:b7:4f:5c:2e:7b:d6:94:d7:95:94:46:14:62:14:
f3:68:4d:da:2c:c2:5a:ae:d9:17:6f:df:92:2b:9e:
e0:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:DD:9C:88:5E:BA:68:9A:08:C5:37:98:94:5C:3C:AD:1B:FE:43:85
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/MN2ciF66aJoIxTeYlFw8rRv-Q4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.32.0/22
45.131.248.0/22
91.217.249.0-91.217.250.255
188.213.202.0/24
Signature Algorithm: sha256WithRSAEncryption
71:d7:89:d2:bf:f2:b9:c7:dc:3d:f9:4b:e8:d3:60:88:b9:69:
13:9b:19:03:5b:c6:0e:f1:c9:9c:c8:e9:3b:4c:25:a8:ef:29:
d2:a1:37:f2:14:5a:72:64:27:e6:da:8e:c6:a7:2d:7f:f6:36:
4f:2d:d8:df:37:7e:99:d1:20:28:16:3b:94:81:50:d5:03:af:
01:05:6b:4a:ba:eb:31:28:e5:31:c8:8f:cc:d8:ad:66:94:2b:
8c:19:49:23:1b:db:c5:32:a4:a1:59:bb:a2:ac:cd:d6:fe:d1:
1c:56:fa:33:18:31:fe:c1:e1:7b:f6:c2:09:3c:97:e7:46:fa:
f2:9b:09:83:c5:65:0e:a7:f8:db:80:20:6a:f5:28:79:13:2f:
a8:d5:41:2a:31:d4:89:34:f4:f7:01:9e:96:85:79:71:6d:01:
4b:d2:b2:db:44:15:53:44:00:7c:e7:3e:a2:0d:06:a5:a7:fd:
03:e6:6d:2d:55:61:be:22:dd:46:84:8d:c3:57:a4:ef:c6:f4:
29:f7:1c:01:8a:9b:11:13:be:a2:94:8a:53:d2:84:bf:9f:11:
19:3f:77:ba:8f:9c:92:6b:ed:d4:b8:13:39:b2:70:bf:7e:f9:
b8:20:a6:2c:9f:77:7f:7a:dc:70:c6:cc:38:86:e5:fa:c8:99:
1e:df:e3:5c
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYoB7GcALfWGugRfmdXwd982MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwODE3MDUxNjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGRkOWM4ODVlYmE2ODlhMDhjNTM3OTg5NDVjM2NhZDFiZmU0Mzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxp3uaRGfHsWW65FO6Jv6Em3rMVc
fogYcWC0qBWFZOruQ0wfkMqwY+y7PinIwN+IWaYOpr9JXOHnF4RKPKl+AvYcKyzC
2/TA3zTz5CUWaRGBGOLWoZggpFy3pMrJ3FLaoa6UJxamgAOqJfrFcxVQxY9r1Con
qClmUN09AFesV7SY8TXIMWk+XctUcKEQjwMPitCfqOaeBRh53NfINJxVo33+X5SE
Y2rp6ZdtEGN234zhCwaoZNvGTE8ei2Krxdd8cv6MPOmli6y3c/8SKt4B7migHvWx
JCszQ26ZbqW4jkeTt09cLnvWlNeVlEYUYhTzaE3aLMJartkXb9+SK57g9wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDDdnIheumiaCMU3mJRcPK0b/kOFMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvTU4yY2lGNjZhSm9JeFRlWWxGdzhyUnYtUTRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCLVkgAwQC
LYP4MAwDBABb2fkDBABb2foDBAC81cowDQYJKoZIhvcNAQELBQADggEBAHHXidK/
8rnH3D35S+jTYIi5aRObGQNbxg7xyZzI6TtMJajvKdKhN/IUWnJkJ+bajsanLX/2
Nk8t2N83fpnRICgWO5SBUNUDrwEFa0q66zEo5THIj8zYrWaUK4wZSSMb28UypKFZ
u6Kszdb+0RxW+jMYMf7B4Xv2wgk8l+dG+vKbCYPFZQ6n+NuAIGr1KHkTL6jVQSox
1Ik09PcBnpaFeXFtAUvSsttEFVNEAHznPqINBqWn/QPmbS1VYb4i3UaEjcNXpO/G
9Cn3HAGKmxETvqKUilPShL+fERk/d7qPnJJr7dS4EzmycL9++bggpiyfd3963HDG
zDiG5frImR7f41w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:45 2024 by rpki-client on console-fra.rpki-client.org