Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/TpHqU9w6a3b4eNS4mkDCYRhPMnQ.roa
File: TpHqU9w6a3b4eNS4mkDCYRhPMnQ.roa (raw, json)
Hash identifier: uq62GtarZrFCC7nPRn35JoP8GDPJQevFa+0DiorG7hU=
Subject key identifier: 4E:91:EA:53:DC:3A:6B:76:F8:78:D4:B8:9A:40:C2:61:18:4F:32:74
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B1E2A13CE9F37278306A9CD7621710514
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/TpHqU9w6a3b4eNS4mkDCYRhPMnQ.roa
Signing time: Wed 11 Oct 2023 09:55:55 +0000
ROA not before: Wed 11 Oct 2023 09:55:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5511
IP address blocks: 45.92.2.0/24 maxlen: 24
45.146.187.0/24 maxlen: 24
87.247.148.0/22 maxlen: 24
91.190.96.0/24 maxlen: 24
91.190.99.0/24 maxlen: 24
91.190.104.0/24 maxlen: 24
91.217.250.0/24 maxlen: 24
45.89.38.0/24 maxlen: 24
45.89.36.0/24 maxlen: 24
217.74.16.0/24 maxlen: 24
45.88.22.0/24 maxlen: 24
45.88.20.0/24 maxlen: 24
45.83.29.0/24 maxlen: 24
2a0b:64c1::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1e:2a:13:ce:9f:37:27:83:06:a9:cd:76:21:71:05:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 11 09:55:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e91ea53dc3a6b76f878d4b89a40c261184f3274
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:7f:de:a6:64:d3:9b:85:92:56:9a:cc:65:75:
8d:d9:a2:e1:be:49:1c:83:ee:31:9d:26:03:da:87:
7f:fe:d8:d9:9f:4e:97:d7:5e:22:82:24:2a:d6:69:
82:23:39:c5:36:c6:09:13:bc:ba:6f:25:a3:79:e4:
fb:ad:97:ff:d2:06:33:15:c3:63:84:85:03:6e:d2:
ed:53:d9:82:54:44:0a:56:a4:72:0c:22:d3:29:f2:
0c:aa:04:5c:7e:d7:7c:0e:50:ba:38:6f:47:2a:36:
d5:10:d8:7e:f7:8a:73:c1:8b:a5:87:b6:2b:af:8f:
9c:15:2e:0c:d7:3a:23:07:47:f2:70:1c:2c:33:d5:
66:cb:5c:89:3a:29:f6:fb:e8:8e:b3:23:bc:6f:2a:
47:ac:41:c5:d9:bc:49:53:d8:5f:d0:09:22:f5:7f:
93:46:9f:58:41:19:47:b5:01:ed:1e:6e:de:64:f4:
65:0c:d8:34:2d:36:94:6b:aa:e5:a4:4a:a3:a6:97:
13:aa:83:6b:e5:54:67:62:a9:e7:dd:7e:e4:13:b8:
ff:59:67:b9:92:bd:33:f6:92:0e:4d:3c:8f:e9:3b:
29:82:ce:27:03:8d:5a:d3:14:3b:63:de:95:ef:9e:
ff:6e:d2:4e:82:27:30:28:c1:49:b0:c4:90:b0:a2:
69:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:91:EA:53:DC:3A:6B:76:F8:78:D4:B8:9A:40:C2:61:18:4F:32:74
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/TpHqU9w6a3b4eNS4mkDCYRhPMnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.29.0/24
45.88.20.0/24
45.88.22.0/24
45.89.36.0/24
45.89.38.0/24
45.92.2.0/24
45.146.187.0/24
87.247.148.0/22
91.190.96.0/24
91.190.99.0/24
91.190.104.0/24
91.217.250.0/24
217.74.16.0/24
IPv6:
2a0b:64c1::/32
Signature Algorithm: sha256WithRSAEncryption
54:d3:d9:09:e4:1f:ba:f6:c6:d6:42:1d:d4:02:dd:0b:5f:47:
f6:26:d0:32:7e:7c:70:3f:f3:71:2f:aa:e3:5a:8c:98:11:76:
3f:35:ad:b6:5a:1e:5e:49:ee:f3:df:d1:86:8a:4e:ac:e9:3a:
9a:ad:39:83:c3:9f:78:0c:cd:93:87:41:a6:8e:3d:fc:a6:c2:
45:30:23:e6:24:e9:8e:5b:e9:29:8a:e7:9a:69:5d:70:8c:6b:
8e:43:72:3d:e5:53:93:b6:cc:c4:b6:a1:28:23:45:c5:d7:70:
3b:66:05:88:dc:22:c6:03:8a:53:76:68:71:d3:02:55:64:ae:
5e:de:2f:ee:c1:62:58:4d:c1:d2:09:16:7e:a0:2c:ad:0b:8a:
1d:f8:14:e2:a0:69:b8:af:1e:d3:bd:2b:15:b3:08:ba:50:35:
a7:97:d1:d5:15:f9:b2:48:2d:7e:b4:41:3a:5e:41:de:e8:70:
5f:a0:80:95:73:e8:55:7f:d6:23:da:f1:0d:61:30:da:b1:be:
74:aa:e7:91:d4:c3:a5:cd:85:02:41:6b:8d:68:e2:17:90:9e:
c0:71:a7:dd:f9:d8:9f:b6:cc:33:6d:57:eb:c7:77:d2:80:f9:
df:80:18:0b:ec:c2:99:29:84:47:0d:a7:90:89:7d:fb:bd:32:
88:2e:c2:a8
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYseKhPOnzcngwapzXYhcQUUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDExMDk1NTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTkxZWE1M2RjM2E2Yjc2Zjg3OGQ0Yjg5YTQwYzI2MTE4NGYzMjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3/epmTTm4WSVprMZXWN2aLhvkkc
g+4xnSYD2od//tjZn06X114igiQq1mmCIznFNsYJE7y6byWjeeT7rZf/0gYzFcNj
hIUDbtLtU9mCVEQKVqRyDCLTKfIMqgRcftd8DlC6OG9HKjbVENh+94pzwYulh7Yr
r4+cFS4M1zojB0fycBwsM9Vmy1yJOin2++iOsyO8bypHrEHF2bxJU9hf0Aki9X+T
Rp9YQRlHtQHtHm7eZPRlDNg0LTaUa6rlpEqjppcTqoNr5VRnYqnn3X7kE7j/WWe5
kr0z9pIOTTyP6Tspgs4nA41a0xQ7Y96V757/btJOgicwKMFJsMSQsKJpjQIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFE6R6lPcOmt2+HjUuJpAwmEYTzJ0MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVHBIcVU5dzZhM2I0ZU5TNG1rRENZUmhQTW5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQALVMdAwQA
LVgUAwQALVgWAwQALVkkAwQALVkmAwQALVwCAwQALZK7AwQCV/eUAwQAW75gAwQA
W75jAwQAW75oAwQAW9n6AwQA2UoQMA0EAgACMAcDBQAqC2TBMA0GCSqGSIb3DQEB
CwUAA4IBAQBU09kJ5B+69sbWQh3UAt0LX0f2JtAyfnxwP/NxL6rjWoyYEXY/Na22
Wh5eSe7z39GGik6s6TqarTmDw594DM2Th0Gmjj38psJFMCPmJOmOW+kpiueaaV1w
jGuOQ3I95VOTtszEtqEoI0XF13A7ZgWI3CLGA4pTdmhx0wJVZK5e3i/uwWJYTcHS
CRZ+oCytC4od+BTioGm4rx7TvSsVswi6UDWnl9HVFfmySC1+tEE6XkHe6HBfoICV
c+hVf9Yj2vENYTDasb50queR1MOlzYUCQWuNaOIXkJ7Acafd+diftswzbVfrx3fS
gPnfgBgL7MKZKYRHDaeQiX37vTKILsKo
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:18 2024 by rpki-client on console-ams.rpki-client.org