Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VJyCeQezQIqKv1ZhVLbnRC1nDjc.roa
File: VJyCeQezQIqKv1ZhVLbnRC1nDjc.roa (raw, json)
Hash identifier: /bFE6Z+F3yYh4vMwCDq2jSimdvZsRifFx+VFPWEjRW4=
Subject key identifier: 54:9C:82:79:07:B3:40:8A:8A:BF:56:61:54:B6:E7:44:2D:67:0E:37
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018C6D19F406BD82E9131FA3D12BF4AB7162
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VJyCeQezQIqKv1ZhVLbnRC1nDjc.roa
Signing time: Fri 15 Dec 2023 10:51:06 +0000
ROA not before: Fri 15 Dec 2023 10:51:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8038
IP address blocks: 203.25.124.0/24 maxlen: 24
194.5.84.0/24 maxlen: 24
193.84.134.0/24 maxlen: 24
194.242.3.0/24 maxlen: 24
193.26.114.0/24 maxlen: 24
45.144.224.0/24 maxlen: 24
185.165.44.0/24 maxlen: 24
46.229.255.0/24 maxlen: 24
185.150.0.0/24 maxlen: 24
91.190.107.0/24 maxlen: 24
203.159.82.0/24 maxlen: 24
185.217.118.0/24 maxlen: 24
203.159.90.0/24 maxlen: 24
185.228.226.0/24 maxlen: 24
185.244.220.0/24 maxlen: 24
89.31.218.0/24 maxlen: 24
194.76.134.0/24 maxlen: 24
45.133.0.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6d:19:f4:06:bd:82:e9:13:1f:a3:d1:2b:f4:ab:71:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Dec 15 10:51:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=549c827907b3408a8abf566154b6e7442d670e37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:53:69:69:99:0a:d0:57:07:47:35:02:6c:01:
c7:fb:b7:b5:72:e5:60:cf:ef:f1:60:d2:50:8c:a3:
d5:e4:69:9d:dc:66:f9:3b:63:44:70:3f:0b:52:f7:
2c:75:3c:75:af:b0:2a:c8:6c:5a:b0:58:b7:d0:99:
da:fb:f6:a9:f0:23:64:04:b4:eb:09:9c:53:09:87:
43:28:f2:94:bb:5f:e7:aa:63:bc:62:e2:0a:0c:e9:
a0:0a:12:13:bf:a3:d7:67:56:38:96:6a:f0:f5:e7:
17:2a:ee:f2:0b:e8:16:15:46:8c:bd:2d:fd:5f:0d:
b4:6f:21:6f:ca:c5:1d:51:7f:7a:7e:ca:a8:52:84:
62:1e:72:d2:a5:bc:e3:ab:11:b2:f4:82:39:01:2e:
b8:02:40:07:08:8d:81:45:c8:08:03:3b:90:4c:cb:
c1:ca:6b:c8:51:39:27:ab:7b:da:4a:5b:93:dc:43:
e6:9f:40:00:ab:63:75:7e:0a:e4:f4:33:c9:dc:4f:
cb:98:a6:54:51:f5:85:ae:bf:5c:32:c6:26:2f:39:
c3:60:cd:e7:8d:f2:74:54:19:32:15:e6:67:e3:48:
4e:73:02:21:ed:e5:6b:fd:52:eb:d3:b8:6b:89:74:
4c:d0:04:fe:de:85:17:e9:fc:36:cd:ae:02:14:94:
88:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:9C:82:79:07:B3:40:8A:8A:BF:56:61:54:B6:E7:44:2D:67:0E:37
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VJyCeQezQIqKv1ZhVLbnRC1nDjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.0.0/24
45.144.224.0/24
46.229.255.0/24
89.31.218.0/24
91.190.107.0/24
185.150.0.0/24
185.165.44.0/24
185.217.118.0/24
185.228.226.0/24
185.244.220.0/24
193.26.114.0/24
193.84.134.0/24
194.5.84.0/24
194.76.134.0/24
194.242.3.0/24
203.25.124.0/24
203.159.82.0/24
203.159.90.0/24
Signature Algorithm: sha256WithRSAEncryption
71:39:8f:53:99:8b:d6:84:0f:11:f0:c0:1b:41:f3:cc:19:a3:
a2:41:a4:d4:21:b2:07:9b:a1:5d:90:70:01:ec:f7:a9:a3:ef:
51:ec:0c:54:98:72:5b:01:40:20:14:54:78:de:95:96:ff:15:
95:5e:28:4b:4c:5f:e7:b7:a7:d1:16:5a:62:2a:e9:79:17:46:
80:8c:a7:c1:f5:b2:f2:06:f8:2e:e1:d8:16:b3:e2:64:8d:96:
2c:19:bf:b5:c6:5a:55:10:fc:3d:a2:da:23:cc:47:67:73:b4:
8f:f5:a9:08:4d:ff:35:95:6c:3f:00:1f:57:8f:27:a2:24:9c:
fe:7a:07:c9:64:88:c5:37:8a:b0:24:2e:c0:71:35:9f:bb:28:
7e:a2:83:b7:b8:39:6f:2c:f8:21:e6:9e:cf:cb:bd:18:f9:52:
38:26:bb:ab:27:2c:d5:71:5d:4f:c8:3c:4c:4c:02:cc:73:6a:
3b:3d:33:8a:50:80:e8:8c:82:7e:50:57:5d:0d:f6:9c:68:dc:
b0:a5:5c:0f:f2:ce:9c:31:51:e4:29:8c:b2:ba:a8:eb:5e:ae:
12:21:8c:3d:e4:46:76:59:5b:87:5e:01:7a:32:61:4f:42:4c:
64:24:7a:eb:23:9e:36:b8:e8:d6:ef:cc:e4:10:9c:27:5f:a5:
1d:a5:27:c3
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYxtGfQGvYLpEx+j0Sv0q3FiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMjE1MTA1MTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDljODI3OTA3YjM0MDhhOGFiZjU2NjE1NGI2ZTc0NDJkNjcwZTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVNpaZkK0FcHRzUCbAHH+7e1cuVg
z+/xYNJQjKPV5Gmd3Gb5O2NEcD8LUvcsdTx1r7AqyGxasFi30Jna+/ap8CNkBLTr
CZxTCYdDKPKUu1/nqmO8YuIKDOmgChITv6PXZ1Y4lmrw9ecXKu7yC+gWFUaMvS39
Xw20byFvysUdUX96fsqoUoRiHnLSpbzjqxGy9II5AS64AkAHCI2BRcgIAzuQTMvB
ymvIUTknq3vaSluT3EPmn0AAq2N1fgrk9DPJ3E/LmKZUUfWFrr9cMsYmLznDYM3n
jfJ0VBkyFeZn40hOcwIh7eVr/VLr07hriXRM0AT+3oUX6fw2za4CFJSIfQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFFScgnkHs0CKir9WYVS250QtZw43MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVkp5Q2VRZXpRSXFLdjFaaFZMYm5SQzFuRGpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAC2FAAME
AC2Q4AMEAC7l/wMEAFkf2gMEAFu+awMEALmWAAMEALmlLAMEALnZdgMEALnk4gME
ALn03AMEAMEacgMEAMFUhgMEAMIFVAMEAMJMhgMEAMLyAwMEAMsZfAMEAMufUgME
AMufWjANBgkqhkiG9w0BAQsFAAOCAQEAcTmPU5mL1oQPEfDAG0HzzBmjokGk1CGy
B5uhXZBwAez3qaPvUewMVJhyWwFAIBRUeN6Vlv8VlV4oS0xf57en0RZaYirpeRdG
gIynwfWy8gb4LuHYFrPiZI2WLBm/tcZaVRD8PaLaI8xHZ3O0j/WpCE3/NZVsPwAf
V48noiSc/noHyWSIxTeKsCQuwHE1n7sofqKDt7g5byz4Ieaez8u9GPlSOCa7qycs
1XFdT8g8TEwCzHNqOz0zilCA6IyCflBXXQ32nGjcsKVcD/LOnDFR5CmMsrqo616u
EiGMPeRGdllbh14BejJhT0JMZCR66yOeNrjo1u/M5BCcJ1+lHaUnww==
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:28 2024 by rpki-client on console-fra.rpki-client.org