Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/OWb46o0vOEskmRSPG50sFKj1h4A.roa
File: OWb46o0vOEskmRSPG50sFKj1h4A.roa (raw, json)
Hash identifier: s+R+gIpzeJDLDwVWKteDvMXUaomka+edmOB36/JV3P0=
Subject key identifier: 39:66:F8:EA:8D:2F:38:4B:24:99:14:8F:1B:9D:2C:14:A8:F5:87:80
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01928F7DB16E200D132FE282860041845B3B
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/OWb46o0vOEskmRSPG50sFKj1h4A.roa
Signing time: Tue 15 Oct 2024 09:23:52 +0000
ROA not before: Tue 15 Oct 2024 09:23:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 2.58.148.0/22 maxlen: 24
45.91.149.0/24 maxlen: 24
45.135.187.0/24 maxlen: 24
45.143.53.0/24 maxlen: 24
45.145.44.0/23 maxlen: 24
45.145.47.0/24 maxlen: 24
62.197.144.0/24 maxlen: 24
62.197.147.0/24 maxlen: 24
62.197.148.0/24 maxlen: 24
62.197.150.0/24 maxlen: 24
62.197.151.0/24 maxlen: 24
62.197.152.0/24 maxlen: 24
62.197.159.0/24 maxlen: 24
84.247.25.0/24 maxlen: 24
84.247.26.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
89.36.22.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
92.62.121.0/24 maxlen: 24
93.115.255.0/24 maxlen: 24
94.103.249.0/24 maxlen: 24
94.103.250.0/24 maxlen: 24
185.121.121.0/24 maxlen: 24
185.121.122.0/24 maxlen: 24
185.121.123.0/24 maxlen: 24
185.184.134.0/24 maxlen: 24
185.205.190.0/24 maxlen: 24
185.239.241.0/24 maxlen: 24
185.239.243.0/24 maxlen: 24
185.244.137.0/24 maxlen: 24
185.245.5.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.240.68.0/24 maxlen: 24
188.240.74.0/24 maxlen: 24
193.19.108.0/24 maxlen: 24
193.218.32.0/24 maxlen: 24
193.239.164.0/23 maxlen: 24
194.169.169.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Oct 2024 17:06:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8f:7d:b1:6e:20:0d:13:2f:e2:82:86:00:41:84:5b:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 15 09:23:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3966f8ea8d2f384b2499148f1b9d2c14a8f58780
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:54:7c:73:93:4e:3b:8d:c8:75:da:b2:c3:05:
96:dc:56:f2:40:cf:a3:96:f7:d8:12:ee:96:b2:76:
09:89:a7:29:4c:46:5d:ec:34:73:77:74:2c:35:0f:
72:75:1b:95:45:46:57:a0:e5:02:96:d4:81:50:d9:
60:50:e8:1f:18:3e:e2:d5:96:88:1a:cd:65:d5:3a:
14:4f:d4:12:47:35:5c:d5:5f:8b:12:38:48:83:e9:
c7:f5:97:0b:29:9a:76:7a:cf:72:4e:32:c2:3a:1a:
dc:83:41:17:b8:9a:e8:77:e2:a7:4f:86:9a:9f:85:
32:d9:51:d8:8e:62:b0:0b:ce:17:9d:16:d2:b3:ee:
71:dc:45:46:76:53:7b:96:66:2c:bb:2b:01:43:d6:
cb:00:c0:e2:35:71:a1:e1:51:42:d6:df:fb:f1:7c:
c7:af:fb:2b:2d:93:e5:62:a4:37:9d:64:41:b1:71:
f8:78:6b:49:95:21:bb:7c:c1:04:48:2f:5e:f3:6b:
5e:2d:8f:19:a7:7f:d7:e8:e7:52:bd:e3:1c:00:94:
a7:0a:45:f8:ab:cf:45:18:78:c9:59:4d:40:e7:40:
6f:7e:13:7b:9a:9c:66:98:59:27:fe:a3:8f:e8:95:
06:32:59:ed:4b:18:c2:2d:3f:b2:18:e8:f6:e3:51:
13:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:66:F8:EA:8D:2F:38:4B:24:99:14:8F:1B:9D:2C:14:A8:F5:87:80
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/OWb46o0vOEskmRSPG50sFKj1h4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.148.0/22
45.91.149.0/24
45.135.187.0/24
45.143.53.0/24
45.145.44.0/23
45.145.47.0/24
62.197.144.0/24
62.197.147.0-62.197.148.255
62.197.150.0-62.197.152.255
62.197.159.0/24
84.247.25.0-84.247.26.255
89.33.84.0/24
89.36.22.0/24
89.37.62.0/24
92.62.121.0/24
93.115.255.0/24
94.103.249.0-94.103.250.255
185.121.121.0-185.121.123.255
185.184.134.0/24
185.205.190.0/24
185.239.241.0/24
185.239.243.0/24
185.244.137.0/24
185.245.5.0/24
188.212.132.0/24
188.240.68.0/24
188.240.74.0/24
193.19.108.0/24
193.218.32.0/24
193.239.164.0/23
194.169.169.0/24
Signature Algorithm: sha256WithRSAEncryption
27:99:a6:f8:cd:1f:43:bd:8d:c2:09:1b:1c:96:39:a7:b3:15:
e5:3e:24:e2:55:90:ba:2a:13:28:98:2e:ca:f9:7d:23:38:1f:
8f:81:b0:78:2d:1c:f7:43:1e:7a:f9:53:97:53:a1:c6:54:53:
d2:7f:0a:84:f2:c4:36:e4:05:a0:7d:f1:78:d8:0c:21:69:34:
d0:ad:3b:57:e8:82:80:94:e1:e0:e1:8a:65:e9:ef:19:3d:e5:
29:f9:43:c9:4d:20:13:cc:8d:f7:36:28:fa:56:87:5b:ee:c9:
d7:44:8f:e2:8b:dd:e6:d1:22:2c:1a:fb:40:96:b5:e3:11:f6:
ca:ab:73:4a:d3:bb:2d:40:33:5c:9e:9b:4b:46:6e:f6:24:7c:
45:b1:7b:df:46:a5:f0:6b:2c:3e:04:6e:c3:52:ab:00:97:26:
12:7a:7d:be:09:ec:2c:0f:fb:c3:8a:4f:f1:c5:32:4e:21:65:
64:01:4a:97:ef:ca:6a:63:e1:a6:6c:ec:71:65:0f:b3:1b:8a:
3e:af:d2:1a:b1:10:34:ad:b9:b7:2c:95:ef:f4:d2:fb:d4:11:
b2:e8:bc:18:11:4b:65:da:39:ff:29:0b:e4:1f:b7:c0:68:e6:
2c:00:4a:64:cc:86:3a:68:aa:57:ef:5f:91:7d:a4:98:ee:db:
02:78:0c:b1
-----BEGIN CERTIFICATE-----
MIIF3jCCBMagAwIBAgISAZKPfbFuIA0TL+KChgBBhFs7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQxMDE1MDkyMzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTY2ZjhlYThkMmYzODRiMjQ5OTE0OGYxYjlkMmMxNGE4ZjU4NzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1R8c5NOO43IddqywwWW3FbyQM+j
lvfYEu6WsnYJiacpTEZd7DRzd3QsNQ9ydRuVRUZXoOUCltSBUNlgUOgfGD7i1ZaI
Gs1l1ToUT9QSRzVc1V+LEjhIg+nH9ZcLKZp2es9yTjLCOhrcg0EXuJrod+KnT4aa
n4Uy2VHYjmKwC84XnRbSs+5x3EVGdlN7lmYsuysBQ9bLAMDiNXGh4VFC1t/78XzH
r/srLZPlYqQ3nWRBsXH4eGtJlSG7fMEESC9e82teLY8Zp3/X6OdSveMcAJSnCkX4
q89FGHjJWU1A50BvfhN7mpxmmFkn/qOP6JUGMlntSxjCLT+yGOj241ETZwIDAQAB
o4IC6jCCAuYwHQYDVR0OBBYEFDlm+OqNLzhLJJkUjxudLBSo9YeAMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvT1diNDZvMHZPRXNrbVJTUEc1MHNGS2oxaDRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH/BggrBgEFBQcBBwEB/wSB7zCB7DCB6QQCAAEwgeIDBAIC
OpQDBAAtW5UDBAAth7sDBAAtjzUDBAEtkSwDBAAtkS8DBAA+xZAwDAMEAD7FkwME
AD7FlDAMAwQBPsWWAwQAPsWYAwQAPsWfMAwDBABU9xkDBABU9xoDBABZIVQDBABZ
JBYDBABZJT4DBABcPnkDBABdc/8wDAMEAF5n+QMEAF5n+jAMAwQAuXl5AwQCuXl4
AwQAubiGAwQAuc2+AwQAue/xAwQAue/zAwQAufSJAwQAufUFAwQAvNSEAwQAvPBE
AwQAvPBKAwQAwRNsAwQAwdogAwQBwe+kAwQAwqmpMA0GCSqGSIb3DQEBCwUAA4IB
AQAnmab4zR9DvY3CCRscljmnsxXlPiTiVZC6KhMomC7K+X0jOB+PgbB4LRz3Qx56
+VOXU6HGVFPSfwqE8sQ25AWgffF42AwhaTTQrTtX6IKAlOHg4Ypl6e8ZPeUp+UPJ
TSATzI33Nij6Vodb7snXRI/ii93m0SIsGvtAlrXjEfbKq3NK07stQDNcnptLRm72
JHxFsXvfRqXwayw+BG7DUqsAlyYSen2+CewsD/vDik/xxTJOIWVkAUqX78pqY+Gm
bOxxZQ+zG4o+r9IasRA0rbm3LJXv9NL71BGy6LwYEUtl2jn/KQvkH7fAaOYsAEpk
zIY6aKpX71+RfaSY7tsCeAyx
-----END CERTIFICATE-----
Generated at Tue Oct 22 19:33:53 2024 by rpki-client on console-ams.rpki-client.org