Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/U20q79wGf192M__NTkTEQc_oMNI.roa
File: U20q79wGf192M__NTkTEQc_oMNI.roa (raw, json)
Hash identifier: 9arM7xjvVaN6claFfy7gyCJex5l/1Hd6CyENeNnLK90=
Subject key identifier: 53:6D:2A:EF:DC:06:7F:5F:76:33:FF:CD:4E:44:C4:41:CF:E8:30:D2
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0186CB0738A6C2B0032DC8224633A4428DF7
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/U20q79wGf192M__NTkTEQc_oMNI.roa
Signing time: Fri 10 Mar 2023 10:18:13 +0000
ROA not before: Fri 10 Mar 2023 10:18:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212477
IP address blocks: 45.141.203.0/24 maxlen: 24
45.141.200.0/23 maxlen: 24
185.35.138.0/23 maxlen: 24
185.35.136.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:cb:07:38:a6:c2:b0:03:2d:c8:22:46:33:a4:42:8d:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 10 10:18:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=536d2aefdc067f5f7633ffcd4e44c441cfe830d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:1a:9b:a4:7c:34:33:e5:f9:78:e0:71:e5:93:
a4:5e:79:ec:4f:4c:32:04:05:26:72:61:a5:f0:34:
51:d9:29:27:9f:00:31:9a:e1:3e:18:ed:a5:9e:64:
e1:b0:62:af:f2:cf:7b:c0:b8:4e:89:17:59:fa:15:
85:1f:fd:86:47:76:77:a6:8f:42:ae:4a:85:ce:a0:
50:7d:1a:8f:7e:7d:82:46:48:b2:87:09:1d:91:64:
9f:bc:f5:d2:ff:f4:e5:5f:08:da:92:b5:c2:be:6c:
cd:f4:62:25:2a:3b:cf:85:95:61:6d:51:99:1e:dd:
a8:94:04:7e:fe:2d:03:60:9f:fe:cf:a4:0d:82:b3:
f0:69:e2:79:d5:48:d6:f8:ae:a7:84:cb:a0:9a:b9:
82:68:ec:b0:6c:30:e3:5f:2b:5e:ae:bd:b9:e9:2c:
99:c8:01:20:e0:c9:45:c2:22:12:fd:91:62:77:96:
dc:a7:5b:a0:ad:fb:0a:fe:6e:3f:bc:2d:d0:6b:86:
2b:82:87:c5:47:72:82:c6:f4:f7:a3:a1:bf:f1:4a:
23:24:45:a9:64:b2:70:1b:bf:de:33:c9:f0:3b:c3:
75:aa:90:6f:56:60:c8:db:19:83:58:5a:a8:a9:22:
47:e2:27:88:cf:6e:15:c5:83:75:e3:f4:6a:a1:f6:
9e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:6D:2A:EF:DC:06:7F:5F:76:33:FF:CD:4E:44:C4:41:CF:E8:30:D2
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/U20q79wGf192M__NTkTEQc_oMNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.200.0/23
45.141.203.0/24
185.35.136.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:7f:96:c1:12:f8:25:40:f3:d7:f9:81:6c:62:ee:c2:e8:f6:
7f:29:0f:22:b0:07:57:53:fb:41:2a:cc:69:3a:91:7a:1a:ad:
3d:7d:b0:7c:ec:71:74:b5:7a:c9:94:3c:ec:e9:5d:83:96:67:
48:1a:57:19:f3:0d:54:32:5e:ee:1a:1d:87:15:c5:15:65:77:
2d:e7:b4:f9:84:6e:2f:bc:21:fb:23:ec:eb:ff:36:0f:87:9d:
b4:2d:84:0e:fc:1c:60:7f:90:99:8e:c9:d1:64:c8:5c:ba:8c:
48:b4:c1:9a:31:44:f0:6a:1c:52:17:3a:ae:c0:3e:b4:14:23:
4a:7b:70:6e:87:f8:f1:77:85:34:b4:94:6a:cb:83:67:f8:c9:
a4:25:c0:62:30:2e:2e:d6:8f:67:5b:32:95:15:f2:f5:c8:ea:
c1:00:43:b0:dd:6e:0a:ce:b4:fe:20:9b:48:ea:38:da:53:cc:
41:1c:62:54:06:ad:1b:ef:b0:3f:8d:49:b8:9d:21:32:eb:9a:
e7:f7:93:9d:b9:51:00:db:e0:b6:dd:91:a0:2d:45:27:c5:98:
7e:79:33:94:f1:90:30:40:34:3b:30:9b:f7:5f:3c:aa:6a:07:
b7:e3:e8:90:4a:42:cc:dc:8c:01:d3:8d:02:30:00:51:1b:ad:
d8:61:95:f8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYbLBzimwrADLcgiRjOkQo33MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzEwMTAxODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzZkMmFlZmRjMDY3ZjVmNzYzM2ZmY2Q0ZTQ0YzQ0MWNmZTgzMGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBqbpHw0M+X5eOBx5ZOkXnnsT0wy
BAUmcmGl8DRR2SknnwAxmuE+GO2lnmThsGKv8s97wLhOiRdZ+hWFH/2GR3Z3po9C
rkqFzqBQfRqPfn2CRkiyhwkdkWSfvPXS//TlXwjakrXCvmzN9GIlKjvPhZVhbVGZ
Ht2olAR+/i0DYJ/+z6QNgrPwaeJ51UjW+K6nhMugmrmCaOywbDDjXyterr256SyZ
yAEg4MlFwiIS/ZFid5bcp1ugrfsK/m4/vC3Qa4YrgofFR3KCxvT3o6G/8UojJEWp
ZLJwG7/eM8nwO8N1qpBvVmDI2xmDWFqoqSJH4ieIz24VxYN14/RqofaevwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFNtKu/cBn9fdjP/zU5ExEHP6DDSMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVTIwcTc5d0dmMTkyTV9fTlRrVEVRY19vTU5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLY3IAwQA
LY3LAwQCuSOIMA0GCSqGSIb3DQEBCwUAA4IBAQCKf5bBEvglQPPX+YFsYu7C6PZ/
KQ8isAdXU/tBKsxpOpF6Gq09fbB87HF0tXrJlDzs6V2DlmdIGlcZ8w1UMl7uGh2H
FcUVZXct57T5hG4vvCH7I+zr/zYPh520LYQO/Bxgf5CZjsnRZMhcuoxItMGaMUTw
ahxSFzquwD60FCNKe3Buh/jxd4U0tJRqy4Nn+MmkJcBiMC4u1o9nWzKVFfL1yOrB
AEOw3W4KzrT+IJtI6jjaU8xBHGJUBq0b77A/jUm4nSEy65rn95OduVEA2+C23ZGg
LUUnxZh+eTOU8ZAwQDQ7MJv3Xzyqage34+iQSkLM3IwB040CMABRG63YYZX4
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:01 2023 by rpki-client on console-fra.rpki-client.org