Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/MYpbfi3c1FPsp2ZEUaKHAKQzffs.roa
File: MYpbfi3c1FPsp2ZEUaKHAKQzffs.roa (raw, json)
Hash identifier: TKocFN2PqmOOdCrLnKwVIbZ9/Q4TLd64wlz4is2bmJQ=
Subject key identifier: 31:8A:5B:7E:2D:DC:D4:53:EC:A7:66:44:51:A2:87:00:A4:33:7D:FB
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018D8EB669A0974B0A754662F26B25E82070
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/MYpbfi3c1FPsp2ZEUaKHAKQzffs.roa
Signing time: Fri 09 Feb 2024 16:32:15 +0000
ROA not before: Fri 09 Feb 2024 16:32:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8038
IP address blocks: 46.229.255.0/24 maxlen: 24
91.190.107.0/24 maxlen: 24
185.150.0.0/24 maxlen: 24
185.165.44.0/24 maxlen: 24
185.217.118.0/24 maxlen: 24
193.26.114.0/24 maxlen: 24
194.76.134.0/24 maxlen: 24
203.25.124.0/24 maxlen: 24
203.159.82.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Feb 2024 19:28:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8e:b6:69:a0:97:4b:0a:75:46:62:f2:6b:25:e8:20:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 9 16:32:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=318a5b7e2ddcd453eca7664451a28700a4337dfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:29:ed:5f:51:3c:d7:cf:90:72:4a:ca:ae:5a:
f6:6b:c7:61:0f:6f:95:6e:8b:3e:5f:83:c7:ae:68:
21:1c:ec:ba:d3:ad:a1:96:18:a5:70:a4:98:59:36:
d7:5e:39:62:19:e4:6f:12:52:db:95:35:e0:03:05:
1c:c7:6a:17:b4:1b:16:0a:ba:98:e0:74:90:1e:a5:
cc:81:d3:fb:c0:c6:eb:05:d5:c3:26:d3:82:6d:c5:
51:71:5a:fd:f0:65:dd:ea:11:f8:1c:a6:19:fc:9c:
f7:8e:5b:f9:eb:7a:02:d3:73:46:a2:df:d9:74:85:
3d:c0:b3:6a:62:8e:75:57:5d:c7:3b:c2:9a:41:9f:
d4:d6:a0:d7:c4:7c:73:13:78:1b:cc:52:af:fa:45:
e2:b4:be:7e:da:6e:0a:47:52:6a:45:0e:6a:90:72:
59:6c:c4:9e:8d:cd:44:13:3f:58:56:27:6f:aa:eb:
c8:85:d3:b3:d2:ea:92:b2:1a:2b:a5:32:fe:e0:63:
b0:cd:a1:fb:62:9c:f7:7e:b8:a5:d1:af:71:7b:1d:
35:de:7f:76:90:58:83:3c:0c:5e:5e:ad:1f:36:b4:
0f:13:fc:ee:b2:37:e0:b9:c3:23:55:d7:f2:dc:8f:
d7:b9:5b:cd:c2:70:51:3a:14:a4:ea:35:bf:b5:b2:
ad:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:8A:5B:7E:2D:DC:D4:53:EC:A7:66:44:51:A2:87:00:A4:33:7D:FB
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/MYpbfi3c1FPsp2ZEUaKHAKQzffs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.255.0/24
91.190.107.0/24
185.150.0.0/24
185.165.44.0/24
185.217.118.0/24
193.26.114.0/24
194.76.134.0/24
203.25.124.0/24
203.159.82.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:26:9d:ea:7e:cb:60:26:a8:9f:ed:54:4d:83:fc:21:ef:2c:
9e:f3:83:8e:1b:9e:bd:51:25:a0:51:46:b3:ab:80:ad:6f:cc:
e8:57:e5:af:5e:66:b9:ad:25:42:9f:70:35:69:ef:f4:a0:d3:
a4:a3:8e:41:8c:2e:de:91:5f:4b:d5:2d:73:21:f2:34:68:b8:
7d:6e:f9:34:b5:a3:f5:30:3b:bf:ca:d4:a6:f1:2f:da:d0:d6:
e7:81:95:7c:e6:ef:59:80:80:82:29:71:05:33:fb:34:8e:73:
19:9f:94:4a:02:3b:cc:1e:07:f7:29:93:e1:bd:a8:c2:3a:c3:
a8:01:a0:1f:8a:08:b1:26:ae:78:57:e6:bc:bc:8c:77:5a:62:
b5:69:48:57:c0:2f:2c:da:d6:78:f4:33:fa:bc:1b:6f:08:0c:
54:17:a0:3a:a9:c6:03:8f:99:30:58:38:c2:9e:30:b7:fa:e3:
ce:7c:51:22:fd:19:f3:90:ed:f5:82:d9:02:dd:29:c3:a5:3e:
ad:c2:21:29:72:06:5c:21:14:50:c6:0f:ff:7e:fc:a9:62:e1:
dc:bc:4b:7b:00:75:dd:4c:92:82:02:69:48:0c:80:e4:cf:75:
e7:18:c2:58:38:9d:8b:0e:2d:51:52:33:e6:b1:25:ab:97:3c:
d9:20:35:53
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY2Otmmgl0sKdUZi8msl6CBwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMjA5MTYzMjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMThhNWI3ZTJkZGNkNDUzZWNhNzY2NDQ1MWEyODcwMGE0MzM3ZGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCntX1E818+QckrKrlr2a8dhD2+V
bos+X4PHrmghHOy6062hlhilcKSYWTbXXjliGeRvElLblTXgAwUcx2oXtBsWCrqY
4HSQHqXMgdP7wMbrBdXDJtOCbcVRcVr98GXd6hH4HKYZ/Jz3jlv563oC03NGot/Z
dIU9wLNqYo51V13HO8KaQZ/U1qDXxHxzE3gbzFKv+kXitL5+2m4KR1JqRQ5qkHJZ
bMSejc1EEz9YVidvquvIhdOz0uqSshorpTL+4GOwzaH7Ypz3fril0a9xex013n92
kFiDPAxeXq0fNrQPE/zusjfgucMjVdfy3I/XuVvNwnBROhSk6jW/tbKteQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFDGKW34t3NRT7KdmRFGihwCkM337MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvTVlwYmZpM2MxRlBzcDJaRVVhS0hBS1F6ZmZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALuX/AwQA
W75rAwQAuZYAAwQAuaUsAwQAudl2AwQAwRpyAwQAwkyGAwQAyxl8AwQAy59SMA0G
CSqGSIb3DQEBCwUAA4IBAQA9Jp3qfstgJqif7VRNg/wh7yye84OOG569USWgUUaz
q4Ctb8zoV+WvXma5rSVCn3A1ae/0oNOko45BjC7ekV9L1S1zIfI0aLh9bvk0taP1
MDu/ytSm8S/a0NbngZV85u9ZgICCKXEFM/s0jnMZn5RKAjvMHgf3KZPhvajCOsOo
AaAfigixJq54V+a8vIx3WmK1aUhXwC8s2tZ49DP6vBtvCAxUF6A6qcYDj5kwWDjC
njC3+uPOfFEi/RnzkO31gtkC3SnDpT6twiEpcgZcIRRQxg//fvypYuHcvEt7AHXd
TJKCAmlIDIDkz3XnGMJYOJ2LDi1RUjPmsSWrlzzZIDVT
-----END CERTIFICATE-----
Generated at Thu Feb 15 21:13:58 2024 by rpki-client on console-fra.rpki-client.org