Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Z8B5gMg3KAezIsB-G0ER8UkMBLg.roa
File: Z8B5gMg3KAezIsB-G0ER8UkMBLg.roa (raw, json)
Hash identifier: 14XJJMjKuTJsnBLy+ANyH8H58DXxfL5xOdQUdqW5UdI=
Subject key identifier: 67:C0:79:80:C8:37:28:07:B3:22:C0:7E:1B:41:11:F1:49:0C:04:B8
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018AAC9EEB661AD3B05C7225A13DA67F22E1
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Z8B5gMg3KAezIsB-G0ER8UkMBLg.roa
Signing time: Tue 19 Sep 2023 08:46:50 +0000
ROA not before: Tue 19 Sep 2023 08:46:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137409
IP address blocks: 194.5.83.0/24 maxlen: 24
45.8.70.0/24 maxlen: 24
194.5.82.0/24 maxlen: 24
45.130.202.0/23 maxlen: 24
45.133.4.0/24 maxlen: 24
45.133.6.0/24 maxlen: 24
89.34.126.0/23 maxlen: 24
45.133.5.0/24 maxlen: 24
45.133.7.0/24 maxlen: 24
194.61.40.0/23 maxlen: 24
204.75.229.0/24 maxlen: 24
185.165.45.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ac:9e:eb:66:1a:d3:b0:5c:72:25:a1:3d:a6:7f:22:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Sep 19 08:46:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67c07980c8372807b322c07e1b4111f1490c04b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3c:5b:16:07:80:8d:96:0d:22:f0:c9:cb:a7:
a0:db:49:05:1f:d2:2c:12:b9:d8:0a:a1:53:03:85:
3b:b1:3d:d1:ee:bb:24:6c:36:05:81:df:45:af:17:
6b:0d:20:f6:a7:a4:8c:4f:b8:ac:5d:3d:54:b2:72:
4c:01:65:39:d6:c6:38:e7:9a:6e:0d:a4:23:ad:4b:
85:ad:3f:4d:5a:e5:94:1d:20:d6:a3:f9:45:c2:3a:
45:7d:b2:97:6b:e1:02:5f:af:95:0d:2c:94:1b:c0:
71:e7:f0:e3:b8:5f:06:e8:7e:f5:8a:b3:e4:29:fc:
41:85:0d:21:55:e1:95:e7:48:07:0f:c6:7e:81:ac:
7e:99:ec:a5:63:ba:41:b2:82:24:dd:f6:9b:f2:ce:
93:ac:79:de:50:90:ec:cb:3c:d3:f4:b4:dd:0e:f6:
77:79:bd:a7:77:79:7b:f5:78:a3:de:d7:63:61:44:
32:2e:2b:86:4d:e0:3f:91:46:57:bc:be:a5:e7:0b:
c7:13:d0:99:74:42:a7:25:35:de:3f:2a:e5:30:42:
eb:50:6a:d8:d2:ca:2a:62:ca:fd:7e:67:b4:1c:28:
3e:4f:71:0a:d4:7b:a6:68:50:6a:9e:4b:e6:01:fd:
b8:8b:af:12:ec:ad:7c:be:3f:cd:f7:53:70:77:1c:
8f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:C0:79:80:C8:37:28:07:B3:22:C0:7E:1B:41:11:F1:49:0C:04:B8
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Z8B5gMg3KAezIsB-G0ER8UkMBLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.70.0/24
45.130.202.0/23
45.133.4.0/22
89.34.126.0/23
185.165.45.0/24
194.5.82.0/23
194.61.40.0/23
204.75.229.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:83:51:8c:fb:4f:a3:36:2c:bb:f6:ff:1b:19:a5:fb:07:71:
bb:5d:0c:f2:d8:c3:af:e2:61:64:10:3e:02:f2:57:da:bb:06:
97:75:42:d4:85:2d:23:3f:0a:fc:13:e2:57:35:a9:7a:98:74:
fa:d3:38:5d:a7:19:d2:28:56:89:95:a4:b9:70:1e:30:ad:e8:
2f:3b:48:cc:fc:e2:c4:06:d8:e8:f3:67:e6:a4:29:60:d2:6a:
e8:ec:dd:18:0b:61:7f:09:12:93:ed:c6:ee:a0:ac:77:b6:a5:
50:81:f8:ae:49:2e:f4:5d:34:f1:11:5f:8e:cb:7f:41:78:98:
cb:f0:09:3d:15:d3:72:ed:74:d0:24:95:d1:07:48:26:13:34:
94:43:37:62:2c:24:78:c1:c0:a0:dc:62:b4:c2:93:ee:d1:28:
70:0d:fb:53:eb:21:7c:14:60:dd:1c:bc:6e:4b:c3:52:3a:ce:
43:25:c7:68:cd:57:47:44:12:19:79:cb:de:b0:76:f5:3f:b8:
25:dc:b0:0f:5c:82:1b:14:50:58:9d:59:1c:ed:db:c1:31:d6:
07:e4:a5:df:c6:89:1e:3a:6f:b4:7e:1a:bf:ea:21:00:87:08:
df:0a:a7:27:82:ae:c1:43:a5:27:fc:10:bf:9f:5d:33:0e:61:
44:2d:c4:cf
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYqsnutmGtOwXHIloT2mfyLhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwOTE5MDg0NjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2MwNzk4MGM4MzcyODA3YjMyMmMwN2UxYjQxMTFmMTQ5MGMwNGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDxbFgeAjZYNIvDJy6eg20kFH9Is
ErnYCqFTA4U7sT3R7rskbDYFgd9FrxdrDSD2p6SMT7isXT1UsnJMAWU51sY455pu
DaQjrUuFrT9NWuWUHSDWo/lFwjpFfbKXa+ECX6+VDSyUG8Bx5/DjuF8G6H71irPk
KfxBhQ0hVeGV50gHD8Z+gax+meylY7pBsoIk3fab8s6TrHneUJDsyzzT9LTdDvZ3
eb2nd3l79Xij3tdjYUQyLiuGTeA/kUZXvL6l5wvHE9CZdEKnJTXePyrlMELrUGrY
0soqYsr9fme0HCg+T3EK1HumaFBqnkvmAf24i68S7K18vj/N91NwdxyPTQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGfAeYDINygHsyLAfhtBEfFJDAS4MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWjhCNWdNZzNLQWV6SXNCLUcwRVI4VWtNQkxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALQhGAwQB
LYLKAwQCLYUEAwQBWSJ+AwQAuaUtAwQBwgVSAwQBwj0oAwQAzEvlMA0GCSqGSIb3
DQEBCwUAA4IBAQAvg1GM+0+jNiy79v8bGaX7B3G7XQzy2MOv4mFkED4C8lfauwaX
dULUhS0jPwr8E+JXNal6mHT60zhdpxnSKFaJlaS5cB4wregvO0jM/OLEBtjo82fm
pClg0mro7N0YC2F/CRKT7cbuoKx3tqVQgfiuSS70XTTxEV+Oy39BeJjL8Ak9FdNy
7XTQJJXRB0gmEzSUQzdiLCR4wcCg3GK0wpPu0ShwDftT6yF8FGDdHLxuS8NSOs5D
JcdozVdHRBIZecvesHb1P7gl3LAPXIIbFFBYnVkc7dvBMdYH5KXfxokeOm+0fhq/
6iEAhwjfCqcngq7BQ6Un/BC/n10zDmFELcTP
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:18 2024 by rpki-client on console-ams.rpki-client.org