Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/SOYrmQE5NB_EDb9ZBnyU-1k0NTE.roa
File: SOYrmQE5NB_EDb9ZBnyU-1k0NTE.roa (raw, json)
Hash identifier: Sp1oRt6aihO0VCdPI6V+d7xWQjysG17ZumsT+m3TVRg=
Subject key identifier: 48:E6:2B:99:01:39:34:1F:C4:0D:BF:59:06:7C:94:FB:59:34:35:31
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018F4EB8FBC7FD0DDF4BADF90D3ECC538A51
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/SOYrmQE5NB_EDb9ZBnyU-1k0NTE.roa
Signing time: Mon 06 May 2024 16:24:56 +0000
ROA not before: Mon 06 May 2024 16:24:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.146.184.0/22 maxlen: 24
45.156.157.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
93.115.254.0/23 maxlen: 24
178.239.205.0/24 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
185.255.39.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
188.214.208.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 23 Jun 2024 08:14:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4e:b8:fb:c7:fd:0d:df:4b:ad:f9:0d:3e:cc:53:8a:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 6 16:24:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=48e62b990139341fc40dbf59067c94fb59343531
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:cb:94:55:d9:66:66:8e:c6:21:1b:4b:a3:78:
78:d0:ff:6f:f2:23:10:1f:9f:de:85:8d:d8:e1:14:
34:00:f4:25:69:98:79:86:66:d5:62:de:cb:b8:35:
80:6a:e3:ab:54:b2:91:f3:df:f1:86:a1:45:8e:40:
6c:c4:5c:60:34:a7:05:8d:77:12:bb:2c:94:0a:ee:
7e:ea:d2:6d:87:b5:16:f9:bf:ca:4f:e8:09:21:f1:
5a:4d:9c:2f:68:7a:50:4d:d4:7d:02:2d:86:c0:06:
73:28:a6:ce:d2:48:ed:2b:50:67:a0:11:5f:d2:27:
35:88:ef:64:2e:e4:28:e3:da:d4:1b:3d:2d:68:63:
14:00:fb:6b:21:56:6b:b7:d5:f6:06:4b:fb:5c:a4:
48:4e:c5:ef:02:aa:3d:16:ef:54:fc:64:26:90:25:
ec:67:5f:35:f9:78:64:72:b6:53:8b:1b:13:d7:c2:
4f:eb:8e:e8:a1:f6:39:d6:56:22:04:75:d0:19:c2:
e3:ca:f7:16:23:c6:4a:73:48:f6:e8:e5:67:f2:f5:
ee:09:fe:9d:1f:15:90:b6:d6:83:11:18:a7:85:1d:
6d:04:b7:f2:22:74:ba:9d:96:ff:c1:9e:48:3e:cb:
ce:b6:b0:9d:ba:de:10:f0:28:19:57:c1:48:ed:ec:
87:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:E6:2B:99:01:39:34:1F:C4:0D:BF:59:06:7C:94:FB:59:34:35:31
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/SOYrmQE5NB_EDb9ZBnyU-1k0NTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
89.35.154.0/24
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
178.239.205.0/24
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
188.212.133.0/24
188.212.158.0/23
188.214.208.0/23
188.240.224.0/23
188.240.227.0/24
188.240.232.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:dc:a5:0e:52:68:96:fe:77:01:89:f9:23:ba:1c:5f:e2:74:
76:24:71:36:a3:50:e3:76:85:7e:70:08:72:66:c1:d7:09:ff:
cd:91:15:8d:2b:bd:af:71:e7:43:19:3d:7a:f5:81:05:aa:69:
ac:b5:48:b4:bc:6b:63:38:33:36:80:4d:b9:6c:80:04:60:7d:
46:8a:78:68:7f:e9:95:cb:31:06:44:84:3c:70:28:ff:f6:bb:
8e:12:fa:63:6a:ab:63:f0:a1:c2:62:f4:72:d6:ba:9d:39:8d:
76:64:1e:80:bc:cf:36:a1:99:e4:0b:41:14:16:be:4d:e1:37:
14:f4:ba:04:de:49:c7:a4:55:43:2e:e5:d1:55:8f:2a:3a:3c:
6d:a5:e6:a6:fe:32:97:28:58:d4:e8:89:04:74:e0:b7:50:a0:
80:d3:7b:fe:b9:08:09:14:5e:85:2c:5a:13:3d:e9:29:52:a1:
58:f9:d5:ca:5a:ae:ab:c6:0d:e9:e2:9b:3e:91:b8:85:4e:e5:
4e:08:f3:a3:2e:78:51:fd:f9:5f:b4:cd:1f:5a:e8:e3:3d:18:
03:1b:a5:5e:fd:27:47:ac:f9:00:0b:6c:67:55:e9:88:b7:d2:
b2:86:fa:28:53:6e:59:96:cd:c7:b5:91:e0:a9:92:99:2f:84:
73:ef:96:32
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAY9OuPvH/Q3fS635DT7MU4pRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwNTA2MTYyNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGU2MmI5OTAxMzkzNDFmYzQwZGJmNTkwNjdjOTRmYjU5MzQzNTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMuUVdlmZo7GIRtLo3h40P9v8iMQ
H5/ehY3Y4RQ0APQlaZh5hmbVYt7LuDWAauOrVLKR89/xhqFFjkBsxFxgNKcFjXcS
uyyUCu5+6tJth7UW+b/KT+gJIfFaTZwvaHpQTdR9Ai2GwAZzKKbO0kjtK1BnoBFf
0ic1iO9kLuQo49rUGz0taGMUAPtrIVZrt9X2Bkv7XKRITsXvAqo9Fu9U/GQmkCXs
Z181+XhkcrZTixsT18JP647oofY51lYiBHXQGcLjyvcWI8ZKc0j26OVn8vXuCf6d
HxWQttaDERinhR1tBLfyInS6nZb/wZ5IPsvOtrCdut4Q8CgZV8FI7eyHGQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFEjmK5kBOTQfxA2/WQZ8lPtZNDUxMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvU09Zcm1RRTVOQl9FRGI5WkJueVUtMWswTlRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAi2S
uAMEAC2cnQMEAFkjmgMEAFklPwMEAlu8zAMEAV1z/gMEALLvzQMEAbmHjAMEALmH
jwMEALnuCgMEAbnx0gMEALn/JwMEALzUhQMEAbzUngMEAbzW0AMEAbzw4AMEALzw
4wMEALzw6AMEALzx8wMEAcEXgAMEAtXoXDANBgkqhkiG9w0BAQsFAAOCAQEAXtyl
DlJolv53AYn5I7ocX+J0diRxNqNQ43aFfnAIcmbB1wn/zZEVjSu9r3HnQxk9evWB
BapprLVItLxrYzgzNoBNuWyABGB9Rop4aH/plcsxBkSEPHAo//a7jhL6Y2qrY/Ch
wmL0cta6nTmNdmQegLzPNqGZ5AtBFBa+TeE3FPS6BN5Jx6RVQy7l0VWPKjo8baXm
pv4ylyhY1OiJBHTgt1CggNN7/rkICRRehSxaEz3pKVKhWPnVylquq8YN6eKbPpG4
hU7lTgjzoy54Uf35X7TNH1ro4z0YAxulXv0nR6z5AAtsZ1XpiLfSsob6KFNuWZbN
x7WR4KmSmS+Ec++WMg==
-----END CERTIFICATE-----
Generated at Sun Jun 23 09:06:06 2024 by rpki-client on console-fra.rpki-client.org