Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VCtxwcX0uRsd7vn-1IXvFtAYBVk.roa
File: VCtxwcX0uRsd7vn-1IXvFtAYBVk.roa (raw, json)
Hash identifier: AoXqHiLiBXhoLpCh0FEEJc+kdakpYpGW8ErbiDQ1oYo=
Subject key identifier: 54:2B:71:C1:C5:F4:B9:1B:1D:EE:F9:FE:D4:85:EF:16:D0:18:05:59
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01861D6E8CD3D15F42AEE2E7FA9EF9B7CE5B
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VCtxwcX0uRsd7vn-1IXvFtAYBVk.roa
Signing time: Sat 04 Feb 2023 17:17:09 +0000
ROA not before: Sat 04 Feb 2023 17:17:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3507
IP address blocks: 93.114.192.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
45.156.158.0/24 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
93.115.109.0/24 maxlen: 24
188.241.214.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Feb 2023 05:15:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:1d:6e:8c:d3:d1:5f:42:ae:e2:e7:fa:9e:f9:b7:ce:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 4 17:17:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=542b71c1c5f4b91b1deef9fed485ef16d0180559
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:42:3a:8c:c3:b5:5d:61:7e:b4:47:71:ba:53:
6c:f2:a1:d8:a0:ed:8d:ac:fb:69:47:d5:74:dd:63:
85:3f:45:54:f7:35:84:02:41:f3:ea:f0:c1:f0:c1:
7a:b7:a7:41:17:29:f4:1b:0d:e8:b8:16:05:18:7a:
72:a3:33:b3:8e:8e:29:b0:b3:04:9e:13:bb:93:45:
dc:53:73:05:04:50:42:71:a6:20:68:b4:48:e0:01:
b4:41:56:40:b3:27:85:8b:64:dc:bf:2c:29:31:b7:
56:bf:29:93:20:1f:59:b7:fe:0c:73:cc:4c:6f:e4:
c4:e3:c0:8d:6d:cd:bb:69:bf:6d:38:5a:00:a2:38:
6c:85:f2:3c:e2:6c:03:58:ad:09:f0:0d:d7:77:70:
b9:5d:e6:07:ed:fe:27:87:3e:9e:f9:35:26:d2:36:
3e:9d:58:09:94:56:f5:14:87:d2:78:b2:55:d8:b3:
6e:57:3d:46:27:4f:fa:9b:41:1c:49:a7:84:3f:e2:
f0:11:d0:4e:4c:07:9f:cd:67:eb:17:16:e8:d9:43:
3f:2a:58:dc:5e:a0:53:db:23:9c:4c:a7:ac:8a:fc:
bc:44:85:0b:a3:09:64:00:4f:cf:32:2d:f7:2a:50:
a9:01:8f:50:4a:34:1e:4e:32:b3:21:d5:53:6e:53:
0a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:2B:71:C1:C5:F4:B9:1B:1D:EE:F9:FE:D4:85:EF:16:D0:18:05:59
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VCtxwcX0uRsd7vn-1IXvFtAYBVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.157.0-45.156.158.255
89.33.84.0/24
89.35.154.0/24
89.37.62.0/24
93.114.192.0/24
93.115.109.0/24
188.241.214.0/24
Signature Algorithm: sha256WithRSAEncryption
19:24:6a:94:46:af:b1:73:96:1c:47:d9:90:cb:c6:8c:e6:97:
85:ed:9d:1f:ec:32:69:3b:07:f3:54:a1:23:4d:13:e0:61:27:
fb:24:c9:f2:35:88:a9:66:65:22:4f:0c:71:a5:2b:85:c2:72:
e3:b0:44:11:f8:f8:54:2d:79:88:c9:72:25:16:82:07:66:c3:
18:8a:3d:90:92:34:ed:5a:10:68:61:b2:e0:80:62:82:d2:95:
ac:40:41:10:87:f6:05:d1:78:fe:33:00:a7:59:95:e0:27:1f:
98:02:0f:fe:73:d8:60:a8:61:b0:95:d4:e1:d6:af:bd:93:71:
47:13:52:51:7c:ed:58:e4:18:62:69:6c:52:dc:26:d0:eb:e0:
bd:87:9f:e6:74:1c:e6:a5:ae:2f:4e:22:09:6b:bf:68:a4:fe:
58:1a:9e:df:9c:f9:61:70:82:2f:fc:46:20:16:cb:18:d9:9c:
0d:84:a7:13:91:e0:ab:b2:f7:49:1e:36:81:c0:95:a9:27:69:
5b:27:be:31:73:38:fe:bd:ed:ab:54:7f:ea:0a:87:36:cd:2b:
0c:f3:83:fe:92:5d:c6:cd:a4:2c:97:e8:db:5f:3f:3e:51:43:
e7:19:0a:99:f9:2b:62:ca:40:fe:7b:c2:b9:6d:8a:11:45:90:
a2:7f:64:b0
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYYdbozT0V9CruLn+p75t85bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjA0MTcxNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDJiNzFjMWM1ZjRiOTFiMWRlZWY5ZmVkNDg1ZWYxNmQwMTgwNTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEI6jMO1XWF+tEdxulNs8qHYoO2N
rPtpR9V03WOFP0VU9zWEAkHz6vDB8MF6t6dBFyn0Gw3ouBYFGHpyozOzjo4psLME
nhO7k0XcU3MFBFBCcaYgaLRI4AG0QVZAsyeFi2TcvywpMbdWvymTIB9Zt/4Mc8xM
b+TE48CNbc27ab9tOFoAojhshfI84mwDWK0J8A3Xd3C5XeYH7f4nhz6e+TUm0jY+
nVgJlFb1FIfSeLJV2LNuVz1GJ0/6m0EcSaeEP+LwEdBOTAefzWfrFxbo2UM/Kljc
XqBT2yOcTKesivy8RIULowlkAE/PMi33KlCpAY9QSjQeTjKzIdVTblMKvwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFFQrccHF9LkbHe75/tSF7xbQGAVZMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVkN0eHdjWDB1UnNkN3ZuLTFJWHZGdEFZQlZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBAAtnJ0D
BAAtnJ4DBABZIVQDBABZI5oDBABZJT4DBABdcsADBABdc20DBAC88dYwDQYJKoZI
hvcNAQELBQADggEBABkkapRGr7FzlhxH2ZDLxozml4XtnR/sMmk7B/NUoSNNE+Bh
J/skyfI1iKlmZSJPDHGlK4XCcuOwRBH4+FQteYjJciUWggdmwxiKPZCSNO1aEGhh
suCAYoLSlaxAQRCH9gXReP4zAKdZleAnH5gCD/5z2GCoYbCV1OHWr72TcUcTUlF8
7VjkGGJpbFLcJtDr4L2Hn+Z0HOalri9OIglrv2ik/lgant+c+WFwgi/8RiAWyxjZ
nA2EpxOR4Kuy90keNoHAlaknaVsnvjFzOP697atUf+oKhzbNKwzzg/6SXcbNpCyX
6NtfPz5RQ+cZCpn5K2LKQP57wrltihFFkKJ/ZLA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:46 2024 by rpki-client on console-fra.rpki-client.org