Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/S1Afk5_6Dei9PX2_Kk3VpuWpYlo.roa
File: S1Afk5_6Dei9PX2_Kk3VpuWpYlo.roa (raw, json)
Hash identifier: ACLFbf4sl2qnYWNInHKw0P88fM3LlrAyTm4DXDQOd/o=
Subject key identifier: 4B:50:1F:93:9F:FA:0D:E8:BD:3D:7D:BF:2A:4D:D5:A6:E5:A9:62:5A
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CC50107141BE0D7401C9316CC1F8ED621
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/S1Afk5_6Dei9PX2_Kk3VpuWpYlo.roa
Signing time: Mon 01 Jan 2024 12:30:28 +0000
ROA not before: Mon 01 Jan 2024 12:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8038
IP address blocks: 203.25.124.0/24 maxlen: 24
194.5.84.0/24 maxlen: 24
193.84.134.0/24 maxlen: 24
194.242.3.0/24 maxlen: 24
193.26.114.0/24 maxlen: 24
45.144.224.0/24 maxlen: 24
185.165.44.0/24 maxlen: 24
46.229.255.0/24 maxlen: 24
185.150.0.0/24 maxlen: 24
91.190.107.0/24 maxlen: 24
203.159.82.0/24 maxlen: 24
185.217.118.0/24 maxlen: 24
203.159.90.0/24 maxlen: 24
185.228.226.0/24 maxlen: 24
185.244.220.0/24 maxlen: 24
89.31.218.0/24 maxlen: 24
194.76.134.0/24 maxlen: 24
45.133.0.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:07:14:1b:e0:d7:40:1c:93:16:cc:1f:8e:d6:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 12:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b501f939ffa0de8bd3d7dbf2a4dd5a6e5a9625a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c8:92:c1:ed:87:55:e6:76:fe:ab:77:a1:04:
40:84:de:81:57:9d:ed:63:b2:f5:59:cf:9a:2d:75:
1b:6b:ba:0f:4b:f2:1f:dd:c4:29:15:f4:c4:43:47:
1b:c2:57:c1:9c:8c:48:a6:a0:f7:f5:99:ed:37:c5:
00:eb:26:b7:84:23:cc:2e:f6:20:03:7c:1c:03:de:
09:47:cc:0e:39:dc:ae:e5:bd:45:5b:69:eb:86:dd:
d1:5e:ea:48:a3:af:ff:ee:8f:eb:58:47:e0:23:19:
77:3f:bf:92:61:82:0d:29:3d:ed:3c:9e:ef:7c:1c:
4c:dc:c5:8c:6d:56:f5:67:56:9f:91:15:bc:c0:c1:
b0:41:99:bd:22:29:9b:4b:1f:fe:12:89:d5:19:32:
15:d1:8d:ec:c9:d3:f5:6f:7d:24:2d:c7:1b:3d:e3:
25:91:b3:b9:2d:aa:cb:9c:67:70:ed:14:ce:f1:8d:
50:07:45:df:30:42:f3:56:da:78:c2:50:02:49:03:
df:d1:1d:58:eb:7a:8c:b3:63:1e:fa:00:42:77:d4:
8a:1c:0b:93:da:46:c1:92:b7:05:f5:3e:b3:58:e1:
e8:b7:3e:06:84:49:94:51:49:45:d5:59:0a:cc:6c:
87:73:4c:35:c9:2f:c5:07:0e:88:ce:3c:9a:47:1b:
62:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:50:1F:93:9F:FA:0D:E8:BD:3D:7D:BF:2A:4D:D5:A6:E5:A9:62:5A
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/S1Afk5_6Dei9PX2_Kk3VpuWpYlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.0.0/24
45.144.224.0/24
46.229.255.0/24
89.31.218.0/24
91.190.107.0/24
185.150.0.0/24
185.165.44.0/24
185.217.118.0/24
185.228.226.0/24
185.244.220.0/24
193.26.114.0/24
193.84.134.0/24
194.5.84.0/24
194.76.134.0/24
194.242.3.0/24
203.25.124.0/24
203.159.82.0/24
203.159.90.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:86:78:fe:2e:13:7c:74:a0:91:a6:5f:0d:33:12:c9:92:b1:
2c:70:09:89:10:63:8c:34:94:16:98:36:61:1b:aa:a7:22:e4:
07:fc:e0:a3:28:7a:f6:82:2c:2f:be:57:68:9b:de:89:d1:dd:
9b:22:86:35:6e:ca:c1:ac:44:54:d5:2e:79:77:7e:b4:e5:0d:
a8:80:ea:d4:e7:75:d8:70:9d:3d:45:31:67:d0:84:23:1f:9b:
d0:88:07:4b:3b:cf:6f:ce:80:61:13:60:e2:00:8c:c2:0f:64:
0a:5d:87:a8:bf:5f:d3:83:56:89:8e:43:22:b4:ad:4c:1f:4c:
45:db:ee:77:48:68:04:f0:a7:57:0c:38:c0:1b:bf:f5:60:72:
fe:61:a5:a2:29:5c:30:87:b4:78:43:de:49:9b:0b:78:48:af:
0f:19:c8:42:ca:96:cf:b7:74:f9:d5:28:63:87:57:48:9e:52:
e2:90:6c:8d:fb:a0:f6:5f:e3:b7:4b:e5:2f:c9:c3:09:c1:b7:
ff:5f:4f:d5:b1:44:8d:20:a2:ac:dd:78:95:3f:56:60:f1:b9:
44:0d:9e:77:77:22:23:f2:8b:6e:d3:c2:ae:c5:93:7f:f9:f6:
71:9f:1a:71:8b:a5:bd:a0:3e:5a:16:51:0e:1b:ea:8e:6a:4e:
22:d3:7a:eb
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYzFAQcUG+DXQByTFswfjtYhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjUwMWY5MzlmZmEwZGU4YmQzZDdkYmYyYTRkZDVhNmU1YTk2MjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsiSwe2HVeZ2/qt3oQRAhN6BV53t
Y7L1Wc+aLXUba7oPS/If3cQpFfTEQ0cbwlfBnIxIpqD39ZntN8UA6ya3hCPMLvYg
A3wcA94JR8wOOdyu5b1FW2nrht3RXupIo6//7o/rWEfgIxl3P7+SYYINKT3tPJ7v
fBxM3MWMbVb1Z1afkRW8wMGwQZm9IimbSx/+EonVGTIV0Y3sydP1b30kLccbPeMl
kbO5LarLnGdw7RTO8Y1QB0XfMELzVtp4wlACSQPf0R1Y63qMs2Me+gBCd9SKHAuT
2kbBkrcF9T6zWOHotz4GhEmUUUlF1VkKzGyHc0w1yS/FBw6IzjyaRxtiHwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFEtQH5Of+g3ovT19vypN1ablqWJaMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUzFBZms1XzZEZWk5UFgyX0trM1ZwdVdwWWxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAC2FAAME
AC2Q4AMEAC7l/wMEAFkf2gMEAFu+awMEALmWAAMEALmlLAMEALnZdgMEALnk4gME
ALn03AMEAMEacgMEAMFUhgMEAMIFVAMEAMJMhgMEAMLyAwMEAMsZfAMEAMufUgME
AMufWjANBgkqhkiG9w0BAQsFAAOCAQEAOoZ4/i4TfHSgkaZfDTMSyZKxLHAJiRBj
jDSUFpg2YRuqpyLkB/zgoyh69oIsL75XaJveidHdmyKGNW7KwaxEVNUueXd+tOUN
qIDq1Od12HCdPUUxZ9CEIx+b0IgHSzvPb86AYRNg4gCMwg9kCl2HqL9f04NWiY5D
IrStTB9MRdvud0hoBPCnVww4wBu/9WBy/mGloilcMIe0eEPeSZsLeEivDxnIQsqW
z7d0+dUoY4dXSJ5S4pBsjfug9l/jt0vlL8nDCcG3/19P1bFEjSCirN14lT9WYPG5
RA2ed3ciI/KLbtPCrsWTf/n2cZ8acYulvaA+WhZRDhvqjmpOItN66w==
-----END CERTIFICATE-----
Generated at Wed Jan 3 13:03:15 2024 by rpki-client on console-ams.rpki-client.org