Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/RSF8MrR5uChLBxCIqSdKNX2nzw8.roa
File: RSF8MrR5uChLBxCIqSdKNX2nzw8.roa (raw, json)
Hash identifier: PyEQxLwHB6Qx0ay84JHAim/sq+NnWNDGdylc0Y86htI=
Subject key identifier: 45:21:7C:32:B4:79:B8:28:4B:07:10:88:A9:27:4A:35:7D:A7:CF:0F
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CC50132482ED2E6C8931DE3D8E8E18108
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/RSF8MrR5uChLBxCIqSdKNX2nzw8.roa
Signing time: Mon 01 Jan 2024 12:30:39 +0000
ROA not before: Mon 01 Jan 2024 12:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399471
IP address blocks: 185.121.120.0/24 maxlen: 24
2.56.56.0/22 maxlen: 24
185.239.243.0/24 maxlen: 24
2.58.148.0/22 maxlen: 24
89.37.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 May 2024 11:42:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:32:48:2e:d2:e6:c8:93:1d:e3:d8:e8:e1:81:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 12:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45217c32b479b8284b071088a9274a357da7cf0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e1:db:a6:9b:59:8b:54:95:4f:af:dc:ae:5c:
0f:39:e0:56:0e:52:03:03:ea:ae:89:92:3c:37:4d:
fd:65:52:ba:8d:f9:6f:99:50:ef:51:b1:44:44:9c:
82:8a:17:08:21:c8:95:56:51:a9:22:6a:35:32:e9:
91:b7:ea:08:ee:db:00:af:3b:6e:9b:6d:4d:11:21:
e4:2d:34:ee:2e:82:e6:8b:d2:a5:bf:c9:ad:e2:41:
bd:a7:c1:2b:0e:ff:d3:6f:d2:9b:33:66:e4:cc:5f:
d0:cd:3e:18:44:b1:64:34:24:5a:d7:fe:f3:c1:2a:
b6:87:42:6d:df:a1:13:72:87:e7:f1:f5:92:9c:a2:
5d:87:b4:f1:e9:5d:75:7d:19:56:64:63:2a:3c:bc:
78:23:52:91:f5:9e:73:bf:5b:e6:98:55:22:55:9d:
1e:21:4b:90:11:f5:e4:64:84:71:2a:a0:e0:c5:bf:
21:33:62:2b:8a:ea:3b:7e:c5:d8:23:a7:56:44:dc:
e7:dc:5e:90:b4:54:83:f7:85:b9:fa:c3:e2:62:e9:
1f:d1:15:3b:21:3d:d6:6a:0f:e5:3b:35:00:87:82:
cf:97:71:7f:ff:72:2f:d8:d5:ae:b5:b0:2a:0d:7d:
5b:e8:b5:f7:4a:63:9c:de:28:37:f7:56:58:50:cd:
67:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:21:7C:32:B4:79:B8:28:4B:07:10:88:A9:27:4A:35:7D:A7:CF:0F
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/RSF8MrR5uChLBxCIqSdKNX2nzw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.56.0/22
2.58.148.0/22
89.37.63.0/24
185.121.120.0/24
185.239.243.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:47:e3:df:97:b8:88:71:fe:0d:fc:0b:10:fc:6e:a2:6d:00:
b2:6b:8b:c4:41:0c:53:f6:be:d4:07:96:80:d3:2d:d7:f4:e0:
52:76:9e:a7:14:86:11:32:4f:e3:3c:e2:46:3d:d1:de:90:a3:
03:b4:d0:b4:2b:04:37:79:0d:3e:d6:ea:52:0b:65:a4:dd:58:
02:67:03:ac:f8:13:c3:b0:e6:8c:6e:e2:b6:bc:2f:ad:b9:18:
ed:3a:75:90:7e:c7:da:a5:44:39:06:44:c0:9d:cd:8a:5b:76:
4f:d6:9f:11:57:18:58:58:48:9a:6f:7e:2a:4d:85:7d:02:6d:
ad:de:d0:55:63:45:67:01:b1:58:58:ef:45:45:85:79:b3:7d:
8e:5a:ef:1e:2b:9a:99:32:d0:c8:76:3b:c8:40:9d:96:f4:c9:
20:81:5b:81:ec:87:41:0b:f3:0c:7d:c6:dc:4a:57:a7:fc:be:
2b:ee:86:7b:63:d2:9c:9d:9c:8a:c7:99:96:91:af:9b:74:fb:
8b:55:82:31:12:25:c4:42:9a:69:34:9d:9f:27:40:38:bc:ba:
45:e1:cf:99:1a:56:e6:dd:d1:8b:7a:c7:1b:43:ee:c9:9e:40:
23:fb:61:b3:5a:a7:82:52:c0:bf:0d:f5:d4:2a:41:60:92:d0:
83:a5:ed:0d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzFATJILtLmyJMd49jo4YEIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTIxN2MzMmI0NzliODI4NGIwNzEwODhhOTI3NGEzNTdkYTdjZjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuHbpptZi1SVT6/crlwPOeBWDlID
A+quiZI8N039ZVK6jflvmVDvUbFERJyCihcIIciVVlGpImo1MumRt+oI7tsArztu
m21NESHkLTTuLoLmi9Klv8mt4kG9p8ErDv/Tb9KbM2bkzF/QzT4YRLFkNCRa1/7z
wSq2h0Jt36ETcofn8fWSnKJdh7Tx6V11fRlWZGMqPLx4I1KR9Z5zv1vmmFUiVZ0e
IUuQEfXkZIRxKqDgxb8hM2Iriuo7fsXYI6dWRNzn3F6QtFSD94W5+sPiYukf0RU7
IT3Wag/lOzUAh4LPl3F//3Iv2NWutbAqDX1b6LX3SmOc3ig391ZYUM1nRwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEUhfDK0ebgoSwcQiKknSjV9p88PMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUlNGOE1yUjV1Q2hMQnhDSXFTZEtOWDJuenc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCAjg4AwQC
AjqUAwQAWSU/AwQAuXl4AwQAue/zMA0GCSqGSIb3DQEBCwUAA4IBAQB9R+Pfl7iI
cf4N/AsQ/G6ibQCya4vEQQxT9r7UB5aA0y3X9OBSdp6nFIYRMk/jPOJGPdHekKMD
tNC0KwQ3eQ0+1upSC2Wk3VgCZwOs+BPDsOaMbuK2vC+tuRjtOnWQfsfapUQ5BkTA
nc2KW3ZP1p8RVxhYWEiab34qTYV9Am2t3tBVY0VnAbFYWO9FRYV5s32OWu8eK5qZ
MtDIdjvIQJ2W9MkggVuB7IdBC/MMfcbcSlen/L4r7oZ7Y9KcnZyKx5mWka+bdPuL
VYIxEiXEQpppNJ2fJ0A4vLpF4c+ZGlbm3dGLescbQ+7JnkAj+2GzWqeCUsC/DfXU
KkFgktCDpe0N
-----END CERTIFICATE-----
Generated at Thu May 2 16:58:45 2024 by rpki-client on console-fra.rpki-client.org