Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/U3d0ERWm4RTvRg8rpziJW8PK3qw.roa
File: U3d0ERWm4RTvRg8rpziJW8PK3qw.roa (raw, json)
Hash identifier: wNc10QRQDN2KCXdoySxO95pPWOwU1TXQO1PVPm/dCe8=
Subject key identifier: 53:77:74:11:15:A6:E1:14:EF:46:0F:2B:A7:38:89:5B:C3:CA:DE:AC
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018C454CCBF384A263781CBDFE21413E0C9B
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/U3d0ERWm4RTvRg8rpziJW8PK3qw.roa
Signing time: Thu 07 Dec 2023 17:21:50 +0000
ROA not before: Thu 07 Dec 2023 17:21:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213035
IP address blocks: 185.121.122.0/23 maxlen: 24
185.121.121.0/24 maxlen: 24
185.239.243.0/24 maxlen: 24
220.158.198.0/24 maxlen: 24
45.144.226.0/24 maxlen: 24
220.158.196.0/23 maxlen: 24
193.239.164.0/23 maxlen: 24
62.197.140.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:45:4c:cb:f3:84:a2:63:78:1c:bd:fe:21:41:3e:0c:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Dec 7 17:21:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5377741115a6e114ef460f2ba738895bc3cadeac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c9:93:21:6f:ea:97:00:5d:17:94:ca:b3:af:
33:90:ff:87:47:4d:c8:13:51:48:3b:2d:c4:ff:98:
87:63:e2:16:b3:90:55:7b:c5:3e:48:0a:29:22:9a:
55:fa:33:49:c9:1a:87:88:6c:a3:21:c5:2f:64:16:
94:38:f2:9c:85:17:76:b3:49:10:96:48:4b:61:c1:
89:92:48:b0:eb:f5:a0:48:57:0b:78:af:72:14:3c:
4f:0e:09:f9:77:7d:6c:63:26:d8:0b:31:0c:fd:db:
98:48:ce:ad:34:d8:30:49:a9:ef:30:49:d1:35:84:
e7:c7:9d:99:d1:ca:7d:52:52:f2:78:10:77:e2:b2:
c9:a3:fc:3d:59:46:c2:be:18:ba:2c:3e:3f:cf:6f:
24:6d:e2:bb:35:99:46:c6:01:35:66:fd:22:c1:15:
d4:31:9c:42:b2:39:66:e6:9c:d7:32:8f:fb:0b:ff:
26:83:61:c5:8c:fc:e6:06:a9:71:41:fd:c1:e0:af:
86:61:4a:ea:f2:cd:58:5a:df:1c:05:2b:56:bf:1d:
f0:d8:4f:fe:b5:f3:46:56:ad:d1:82:d8:8e:72:93:
b6:bc:92:b2:7f:2f:49:81:42:88:9c:ed:3a:7b:5e:
e2:e9:ed:fb:72:19:db:d8:07:29:a5:9f:1c:9f:f0:
a0:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:77:74:11:15:A6:E1:14:EF:46:0F:2B:A7:38:89:5B:C3:CA:DE:AC
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/U3d0ERWm4RTvRg8rpziJW8PK3qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.226.0/24
62.197.140.0/22
185.121.121.0-185.121.123.255
185.239.243.0/24
193.239.164.0/23
220.158.196.0-220.158.198.255
Signature Algorithm: sha256WithRSAEncryption
24:22:c4:95:81:df:c9:49:95:17:ee:f4:2b:30:f3:8f:ab:90:
e0:1e:14:61:e6:7c:22:0e:60:ad:b1:a6:41:c2:b3:c9:7c:d9:
c1:e2:f0:2e:fd:73:1f:c9:84:5c:dc:13:0c:7c:0f:12:b3:06:
7d:b2:c6:bf:3e:2a:0a:ae:e5:d6:5f:c8:9d:09:98:ad:a9:2f:
40:78:ec:b7:c7:a0:b0:57:4d:3d:9a:22:cf:21:05:c6:49:1c:
8a:de:c6:cb:20:be:15:90:71:e5:07:98:e3:d0:b1:62:a6:3e:
35:6f:a6:3f:89:ba:5a:53:6b:1b:3b:5b:85:6a:20:bd:80:12:
1f:fb:18:38:c7:a1:bf:11:a0:9b:ef:83:9e:0d:00:0e:c1:dc:
7a:c1:32:91:a3:30:35:00:16:f5:22:19:05:f4:20:16:01:69:
33:44:ee:cd:49:c7:0b:cf:65:52:39:7b:94:8f:de:85:a6:8e:
7f:68:7a:e8:c7:37:e7:7a:06:76:64:4f:1f:6f:e2:ca:fa:31:
58:4f:fa:32:38:42:7f:9f:17:b7:c6:41:93:62:3d:25:be:c5:
c5:91:88:b7:70:2c:cb:22:10:f5:18:d8:2f:bd:b7:b4:c6:ca:
95:73:bf:6f:19:f3:c4:2e:e0:81:50:88:5a:f3:53:65:54:a7:
49:a9:61:d7
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYxFTMvzhKJjeBy9/iFBPgybMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMjA3MTcyMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mzc3NzQxMTE1YTZlMTE0ZWY0NjBmMmJhNzM4ODk1YmMzY2FkZWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMmTIW/qlwBdF5TKs68zkP+HR03I
E1FIOy3E/5iHY+IWs5BVe8U+SAopIppV+jNJyRqHiGyjIcUvZBaUOPKchRd2s0kQ
lkhLYcGJkkiw6/WgSFcLeK9yFDxPDgn5d31sYybYCzEM/duYSM6tNNgwSanvMEnR
NYTnx52Z0cp9UlLyeBB34rLJo/w9WUbCvhi6LD4/z28kbeK7NZlGxgE1Zv0iwRXU
MZxCsjlm5pzXMo/7C/8mg2HFjPzmBqlxQf3B4K+GYUrq8s1YWt8cBStWvx3w2E/+
tfNGVq3RgtiOcpO2vJKyfy9JgUKInO06e17i6e37chnb2AcppZ8cn/Cg4QIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFFN3dBEVpuEU70YPK6c4iVvDyt6sMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVTNkMEVSV200UlR2Umc4cnB6aUpXOFBLM3F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQALZDiAwQC
PsWMMAwDBAC5eXkDBAK5eXgDBAC57/MDBAHB76QwDAMEAtyexAMEANyexjANBgkq
hkiG9w0BAQsFAAOCAQEAJCLElYHfyUmVF+70KzDzj6uQ4B4UYeZ8Ig5grbGmQcKz
yXzZweLwLv1zH8mEXNwTDHwPErMGfbLGvz4qCq7l1l/InQmYrakvQHjst8egsFdN
PZoizyEFxkkcit7GyyC+FZBx5QeY49CxYqY+NW+mP4m6WlNrGztbhWogvYASH/sY
OMehvxGgm++Dng0ADsHcesEykaMwNQAW9SIZBfQgFgFpM0TuzUnHC89lUjl7lI/e
haaOf2h66Mc353oGdmRPH2/iyvoxWE/6MjhCf58Xt8ZBk2I9Jb7FxZGIt3AsyyIQ
9RjYL723tMbKlXO/bxnzxC7ggVCIWvNTZVSnSalh1w==
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:28 2024 by rpki-client on console-fra.rpki-client.org