Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/XA9J3VtA6BJiNV5lZ-JP1vYXAmI.roa
File: XA9J3VtA6BJiNV5lZ-JP1vYXAmI.roa (raw, json)
Hash identifier: YC0/fs7+Vh/LsjBNhdCom3j3b3ONdbESDLV+S9Ph30A=
Subject key identifier: 5C:0F:49:DD:5B:40:E8:12:62:35:5E:65:67:E2:4F:D6:F6:17:02:62
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0188D71D083318C559B9A32B6C62F5FC2CD0
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/XA9J3VtA6BJiNV5lZ-JP1vYXAmI.roa
Signing time: Tue 20 Jun 2023 04:43:04 +0000
ROA not before: Tue 20 Jun 2023 04:43:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5511
IP address blocks: 45.92.2.0/24 maxlen: 24
45.89.38.0/24 maxlen: 24
45.89.36.0/24 maxlen: 24
87.247.148.0/22 maxlen: 24
91.190.96.0/24 maxlen: 24
91.190.99.0/24 maxlen: 24
45.88.22.0/24 maxlen: 24
45.88.20.0/24 maxlen: 24
91.190.104.0/24 maxlen: 24
2a0b:64c1::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d7:1d:08:33:18:c5:59:b9:a3:2b:6c:62:f5:fc:2c:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jun 20 04:43:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c0f49dd5b40e81262355e6567e24fd6f6170262
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0c:f9:d6:27:59:61:de:c3:d6:d4:f4:95:6d:
c8:aa:10:04:9b:1e:54:c6:22:8c:df:ed:c7:86:b8:
01:74:b5:49:27:2c:bd:ef:e2:66:a8:4c:de:ac:2b:
60:16:b6:7d:ae:9b:c6:84:e6:02:c9:14:a5:a4:24:
1e:bc:32:6b:d2:d0:6a:cd:f4:02:35:bc:1b:4f:15:
0c:42:98:af:5c:6d:95:81:4f:0b:3c:dc:0b:9b:d5:
c6:19:d3:08:72:00:97:ac:11:66:e3:b8:db:64:f2:
1b:af:81:0f:d2:6b:7b:cd:80:2a:a1:b6:b7:a3:c6:
03:d5:80:e8:3f:f2:52:ec:62:72:9b:c8:82:ce:58:
4e:7d:24:5d:fb:fb:ca:b8:90:d7:41:b3:7d:44:62:
ad:b1:26:01:1f:da:2f:5d:00:9a:c7:03:4b:db:bf:
eb:5d:a9:2c:61:bc:08:4d:2c:f0:b1:eb:05:c9:7e:
54:68:23:0b:e7:84:6b:cd:f2:b1:30:15:5a:1d:8b:
c0:71:ff:bf:15:a7:92:ec:24:0e:10:1f:d5:ac:bb:
8f:fd:c5:59:ea:dd:f7:3f:d2:47:3c:76:ac:e7:96:
0c:2e:04:c8:ef:84:bc:c5:74:79:6d:09:42:04:a6:
3b:91:a7:be:bb:a8:77:e1:c0:37:80:82:1a:35:cf:
ab:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:0F:49:DD:5B:40:E8:12:62:35:5E:65:67:E2:4F:D6:F6:17:02:62
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/XA9J3VtA6BJiNV5lZ-JP1vYXAmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.20.0/24
45.88.22.0/24
45.89.36.0/24
45.89.38.0/24
45.92.2.0/24
87.247.148.0/22
91.190.96.0/24
91.190.99.0/24
91.190.104.0/24
IPv6:
2a0b:64c1::/32
Signature Algorithm: sha256WithRSAEncryption
1e:04:01:db:51:91:5b:6d:81:b9:96:7f:b3:10:e5:ce:c2:26:
27:07:7a:c0:fa:22:68:3f:36:81:46:e1:a4:9b:c3:ca:3d:ee:
b1:d2:0d:7c:10:d1:71:75:bc:9f:54:4b:d4:a3:f5:cb:25:37:
38:15:ac:93:7f:a6:cb:89:95:4d:78:a4:6d:e9:15:43:b4:87:
a1:20:d5:87:e2:c3:dd:f2:f5:1f:75:95:e6:d7:92:90:f8:0c:
20:ab:b3:28:3b:6d:10:ca:a5:34:81:2b:c2:b3:48:cb:08:75:
e6:88:88:a9:59:05:a5:8c:3d:a2:4d:68:a4:00:73:af:0a:13:
5b:33:84:00:03:17:08:4c:48:cf:68:5e:9b:3f:07:bf:55:9d:
b9:a1:1d:da:66:8f:44:41:6d:32:ad:33:c7:26:d4:c5:a1:29:
c0:e7:27:17:3d:43:f7:19:18:44:25:98:db:d7:27:74:51:f2:
43:52:ad:67:b1:e6:c3:14:fa:fc:f3:bd:0b:f3:f1:b3:a9:f2:
fc:6a:e2:8a:94:eb:ab:62:df:e1:0b:e7:bc:c3:33:fd:a0:d6:
87:71:28:c9:7a:78:d1:59:95:37:ac:b3:fd:cc:68:65:23:5d:
cc:6b:c8:23:c1:00:49:ff:a5:85:7a:d1:c2:ac:66:c3:29:78:
a2:d8:ca:08
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYjXHQgzGMVZuaMrbGL1/CzQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNjIwMDQ0MzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzBmNDlkZDViNDBlODEyNjIzNTVlNjU2N2UyNGZkNmY2MTcwMjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQz51idZYd7D1tT0lW3IqhAEmx5U
xiKM3+3HhrgBdLVJJyy97+JmqEzerCtgFrZ9rpvGhOYCyRSlpCQevDJr0tBqzfQC
NbwbTxUMQpivXG2VgU8LPNwLm9XGGdMIcgCXrBFm47jbZPIbr4EP0mt7zYAqoba3
o8YD1YDoP/JS7GJym8iCzlhOfSRd+/vKuJDXQbN9RGKtsSYBH9ovXQCaxwNL27/r
XaksYbwITSzwsesFyX5UaCML54RrzfKxMBVaHYvAcf+/FaeS7CQOEB/VrLuP/cVZ
6t33P9JHPHas55YMLgTI74S8xXR5bQlCBKY7kae+u6h34cA3gIIaNc+rQQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFFwPSd1bQOgSYjVeZWfiT9b2FwJiMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWEE5SjNWdEE2QkppTlY1bFotSlAxdllYQW1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQALVgUAwQA
LVgWAwQALVkkAwQALVkmAwQALVwCAwQCV/eUAwQAW75gAwQAW75jAwQAW75oMA0E
AgACMAcDBQAqC2TBMA0GCSqGSIb3DQEBCwUAA4IBAQAeBAHbUZFbbYG5ln+zEOXO
wiYnB3rA+iJoPzaBRuGkm8PKPe6x0g18ENFxdbyfVEvUo/XLJTc4FayTf6bLiZVN
eKRt6RVDtIehINWH4sPd8vUfdZXm15KQ+Awgq7MoO20QyqU0gSvCs0jLCHXmiIip
WQWljD2iTWikAHOvChNbM4QAAxcITEjPaF6bPwe/VZ25oR3aZo9EQW0yrTPHJtTF
oSnA5ycXPUP3GRhEJZjb1yd0UfJDUq1nsebDFPr8870L8/GzqfL8auKKlOurYt/h
C+e8wzP9oNaHcSjJenjRWZU3rLP9zGhlI13Ma8gjwQBJ/6WFetHCrGbDKXii2MoI
-----END CERTIFICATE-----
Generated at Wed Oct 11 10:27:42 2023 by rpki-client on console-fra.rpki-client.org