Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/S40wxqScnvgNVKLd3UAEMsN2bRw.roa
File: S40wxqScnvgNVKLd3UAEMsN2bRw.roa (raw, json)
Hash identifier: gILA/1FYlDTDs977GYBxRNMv9VF8R77NFgC6yvLdBx8=
Subject key identifier: 4B:8D:30:C6:A4:9C:9E:F8:0D:54:A2:DD:DD:40:04:32:C3:76:6D:1C
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018AFE320ED75FE1A3BAFDF30740D917A160
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/S40wxqScnvgNVKLd3UAEMsN2bRw.roa
Signing time: Thu 05 Oct 2023 04:56:48 +0000
ROA not before: Thu 05 Oct 2023 04:56:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13213
IP address blocks: 185.192.68.0/24 maxlen: 24
45.85.107.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fe:32:0e:d7:5f:e1:a3:ba:fd:f3:07:40:d9:17:a1:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 5 04:56:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b8d30c6a49c9ef80d54a2dddd400432c3766d1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a5:b1:31:6c:5c:be:68:77:e7:0b:6a:ea:48:
4a:08:34:65:d7:3a:0d:ff:45:e8:04:e8:91:fc:4f:
5c:66:58:5e:0d:95:cd:9a:a5:97:95:cf:79:66:04:
2f:87:91:62:64:90:3e:62:fa:ac:23:cd:a0:ee:71:
da:74:6f:4c:82:fe:d7:df:4c:85:85:0a:3a:f3:28:
27:77:6f:97:5f:07:45:68:25:c1:e9:3f:cd:d7:65:
a1:e9:36:4f:da:34:f9:fb:7a:f9:42:d3:d3:b2:27:
98:f9:d3:e8:2b:7e:ea:66:21:cc:85:07:ac:62:95:
3a:03:81:b5:df:cc:1a:28:88:fd:49:62:16:74:cc:
c7:ec:bf:c8:f8:2a:a8:21:40:1b:04:85:ac:97:e5:
96:d9:ae:a0:ec:fb:04:8f:80:ab:53:40:78:e5:2d:
15:03:0e:ed:19:6f:a7:a8:b5:bc:b4:d3:fb:54:30:
74:d0:12:bb:87:8e:1b:78:fe:08:e7:c8:bf:c5:77:
7e:cb:1e:60:85:94:7e:8c:41:8d:84:80:86:de:18:
34:5d:cb:ba:de:71:d0:71:fa:38:21:e5:87:ce:8a:
eb:ea:56:7c:71:99:5f:0e:c3:58:ca:d7:f4:8c:8b:
23:c0:14:6c:aa:81:17:de:7b:b7:cb:8a:47:8c:15:
a4:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:8D:30:C6:A4:9C:9E:F8:0D:54:A2:DD:DD:40:04:32:C3:76:6D:1C
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/S40wxqScnvgNVKLd3UAEMsN2bRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.107.0/24
185.192.68.0/24
Signature Algorithm: sha256WithRSAEncryption
70:bd:3f:e0:e5:b4:66:05:5b:48:94:cd:a9:22:66:04:ee:44:
07:9b:03:1d:93:28:bc:e5:d8:8a:06:b0:10:f7:35:fa:85:62:
1e:45:36:2f:cc:7d:78:ff:26:19:86:23:5e:ab:3f:72:73:fa:
e5:58:04:95:53:71:d2:9c:97:f6:08:cc:2b:a6:72:5c:eb:e4:
79:5a:94:d5:42:0f:5d:16:f5:75:54:7f:b3:37:6e:95:e9:73:
cf:8b:e5:97:43:05:f8:9f:72:54:d0:55:11:bc:37:18:a7:0a:
35:a0:30:da:bd:86:82:f3:78:53:ff:9c:0e:28:36:5e:73:69:
94:57:eb:96:b2:32:5e:f4:80:68:3a:e8:e7:bb:e8:9f:3d:af:
36:c3:05:ea:4d:1d:a1:32:e3:e1:8a:10:ee:83:09:d0:26:ba:
89:b4:6f:9a:d6:a2:d8:c6:61:73:76:37:36:dd:a6:fa:a2:76:
d3:ec:e2:1f:f1:b6:44:b9:bb:ba:ae:34:84:2e:05:50:1c:7e:
99:0b:7b:3a:25:3d:cf:2e:8a:fc:1e:07:42:93:40:4b:a0:b6:
fc:2b:d1:e4:44:13:54:a6:ab:0a:ab:93:03:36:ca:c0:6a:ad:
4b:62:1c:47:93:b0:05:d6:7e:48:e1:81:d0:78:58:30:b5:1f:
bd:2d:c9:52
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYr+Mg7XX+Gjuv3zB0DZF6FgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDA1MDQ1NjQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjhkMzBjNmE0OWM5ZWY4MGQ1NGEyZGRkZDQwMDQzMmMzNzY2ZDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKWxMWxcvmh35wtq6khKCDRl1zoN
/0XoBOiR/E9cZlheDZXNmqWXlc95ZgQvh5FiZJA+YvqsI82g7nHadG9Mgv7X30yF
hQo68ygnd2+XXwdFaCXB6T/N12Wh6TZP2jT5+3r5QtPTsieY+dPoK37qZiHMhQes
YpU6A4G138waKIj9SWIWdMzH7L/I+CqoIUAbBIWsl+WW2a6g7PsEj4CrU0B45S0V
Aw7tGW+nqLW8tNP7VDB00BK7h44beP4I58i/xXd+yx5ghZR+jEGNhICG3hg0Xcu6
3nHQcfo4IeWHzorr6lZ8cZlfDsNYytf0jIsjwBRsqoEX3nu3y4pHjBWkZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEuNMMaknJ74DVSi3d1ABDLDdm0cMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUzQwd3hxU2NudmdOVktMZDNVQUVNc04yYlJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVVrAwQA
ucBEMA0GCSqGSIb3DQEBCwUAA4IBAQBwvT/g5bRmBVtIlM2pImYE7kQHmwMdkyi8
5diKBrAQ9zX6hWIeRTYvzH14/yYZhiNeqz9yc/rlWASVU3HSnJf2CMwrpnJc6+R5
WpTVQg9dFvV1VH+zN26V6XPPi+WXQwX4n3JU0FURvDcYpwo1oDDavYaC83hT/5wO
KDZec2mUV+uWsjJe9IBoOujnu+ifPa82wwXqTR2hMuPhihDugwnQJrqJtG+a1qLY
xmFzdjc23ab6onbT7OIf8bZEubu6rjSELgVQHH6ZC3s6JT3PLor8HgdCk0BLoLb8
K9HkRBNUpqsKq5MDNsrAaq1LYhxHk7AF1n5I4YHQeFgwtR+9LclS
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:18 2024 by rpki-client on console-ams.rpki-client.org