Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/_oUR29xsnGr5sjcN-QdjFhTNbJM.roa
File: _oUR29xsnGr5sjcN-QdjFhTNbJM.roa (raw, json)
Hash identifier: m5Ki7xpRJ7+iYbpO2PCoY19vwbiweX8znzriGUnCFAk=
Subject key identifier: FE:85:11:DB:DC:6C:9C:6A:F9:B2:37:0D:F9:07:63:16:14:CD:6C:93
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018944FC98F5766856BB5177E46150BA2A54
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/_oUR29xsnGr5sjcN-QdjFhTNbJM.roa
Signing time: Tue 11 Jul 2023 12:45:52 +0000
ROA not before: Tue 11 Jul 2023 12:45:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213035
IP address blocks: 185.121.122.0/23 maxlen: 24
185.121.121.0/24 maxlen: 24
185.239.243.0/24 maxlen: 24
220.158.198.0/24 maxlen: 24
45.144.226.0/24 maxlen: 24
220.158.196.0/23 maxlen: 24
62.197.138.0/23 maxlen: 24
193.239.164.0/23 maxlen: 24
62.197.137.0/24 maxlen: 24
62.197.140.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:44:fc:98:f5:76:68:56:bb:51:77:e4:61:50:ba:2a:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 11 12:45:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe8511dbdc6c9c6af9b2370df907631614cd6c93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:72:d2:1b:03:0e:e0:a1:14:48:56:f4:35:ef:
60:d2:96:22:0f:4a:4b:6a:da:d3:94:cb:a3:62:d6:
f2:06:79:b8:6b:7a:1c:4b:08:a0:71:d9:82:22:55:
b9:a4:7b:91:7a:6d:28:7c:29:49:8e:de:27:bb:6f:
04:bb:42:9d:ce:00:e6:6f:91:b1:76:12:34:ff:15:
8d:04:9a:b4:75:3e:45:9a:d9:01:d0:58:a2:b4:06:
44:c2:dd:14:85:a8:09:ab:5e:71:29:5a:5a:fc:44:
7a:2f:78:e4:19:97:cc:67:fb:52:68:61:05:14:f5:
b7:28:b1:19:92:9c:4f:2d:b0:41:fa:a1:b9:75:46:
4a:1c:ba:90:a0:e9:39:0d:5d:1a:1b:89:56:c0:38:
58:a2:9e:82:ce:74:aa:2a:df:cf:cf:67:ee:77:6f:
91:e6:03:7b:b4:21:b2:8d:ed:1f:27:5d:60:5c:4f:
e4:7f:6a:05:b9:3e:5e:7c:44:99:34:39:91:a5:e7:
c2:54:12:a6:8a:a8:d8:6b:6f:13:eb:77:ff:cc:f9:
52:36:73:a1:e1:da:12:bd:07:fe:42:22:85:3f:f5:
a6:67:7d:e8:11:82:e0:0a:c3:ae:9e:71:1c:ae:06:
c5:a3:f3:dc:93:06:28:38:f6:5b:76:00:0d:f7:fa:
d5:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:85:11:DB:DC:6C:9C:6A:F9:B2:37:0D:F9:07:63:16:14:CD:6C:93
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/_oUR29xsnGr5sjcN-QdjFhTNbJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.226.0/24
62.197.137.0-62.197.143.255
185.121.121.0-185.121.123.255
185.239.243.0/24
193.239.164.0/23
220.158.196.0-220.158.198.255
Signature Algorithm: sha256WithRSAEncryption
94:a2:96:70:b4:91:69:06:d1:3d:5d:b1:8c:56:9b:30:69:6f:
7b:eb:cb:99:d8:13:04:24:3e:ea:d9:ba:88:c2:7c:53:1f:f2:
ba:a2:24:3c:dd:8a:a9:fc:71:c8:3d:08:10:e0:04:8c:58:5b:
03:a9:66:02:51:ad:8a:ec:6a:6b:4c:e3:60:c3:9c:4d:3e:ee:
2b:c1:b9:ab:f5:89:53:14:96:ab:c4:49:0d:49:81:78:73:6d:
85:8e:10:88:7d:06:b9:5e:b5:2c:2a:ed:19:91:62:f6:d1:d5:
65:d5:a8:14:bd:f3:dd:3d:27:95:a3:6e:51:88:58:37:8a:08:
cd:a3:13:05:be:61:93:22:9c:0c:51:48:fd:ba:a5:2b:b7:b3:
69:3d:19:f4:c0:bc:a7:97:f9:ed:b7:3d:e2:e9:d6:5e:16:30:
49:03:82:78:c0:a2:3d:a5:c4:39:e0:8b:38:2b:2a:5d:f2:15:
07:e1:7d:5e:13:a9:a5:10:d9:c4:6d:78:6c:0f:1c:41:67:67:
56:0a:a3:d4:a6:ed:80:d3:23:df:14:fd:0b:cb:96:f1:11:d7:
fd:f0:e4:fe:b4:4d:a9:59:01:0d:a1:57:46:b2:03:8e:5b:ed:
6b:f4:67:78:2e:8f:9a:b1:ba:da:43:bf:a5:b7:cb:1b:cd:59:
38:91:3c:58
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYlE/Jj1dmhWu1F35GFQuipUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzExMTI0NTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTg1MTFkYmRjNmM5YzZhZjliMjM3MGRmOTA3NjMxNjE0Y2Q2YzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXLSGwMO4KEUSFb0Ne9g0pYiD0pL
atrTlMujYtbyBnm4a3ocSwigcdmCIlW5pHuRem0ofClJjt4nu28Eu0KdzgDmb5Gx
dhI0/xWNBJq0dT5FmtkB0FiitAZEwt0UhagJq15xKVpa/ER6L3jkGZfMZ/tSaGEF
FPW3KLEZkpxPLbBB+qG5dUZKHLqQoOk5DV0aG4lWwDhYop6CznSqKt/Pz2fud2+R
5gN7tCGyje0fJ11gXE/kf2oFuT5efESZNDmRpefCVBKmiqjYa28T63f/zPlSNnOh
4doSvQf+QiKFP/WmZ33oEYLgCsOunnEcrgbFo/PckwYoOPZbdgAN9/rVXQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFP6FEdvcbJxq+bI3DfkHYxYUzWyTMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvX29VUjI5eHNuR3I1c2pjTi1RZGpGaFROYkpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALZDiMAwD
BAA+xYkDBAQ+xYAwDAMEALl5eQMEArl5eAMEALnv8wMEAcHvpDAMAwQC3J7EAwQA
3J7GMA0GCSqGSIb3DQEBCwUAA4IBAQCUopZwtJFpBtE9XbGMVpswaW9768uZ2BME
JD7q2bqIwnxTH/K6oiQ83Yqp/HHIPQgQ4ASMWFsDqWYCUa2K7GprTONgw5xNPu4r
wbmr9YlTFJarxEkNSYF4c22FjhCIfQa5XrUsKu0ZkWL20dVl1agUvfPdPSeVo25R
iFg3igjNoxMFvmGTIpwMUUj9uqUrt7NpPRn0wLynl/nttz3i6dZeFjBJA4J4wKI9
pcQ54Is4Kypd8hUH4X1eE6mlENnEbXhsDxxBZ2dWCqPUpu2A0yPfFP0Ly5bxEdf9
8OT+tE2pWQENoVdGsgOOW+1r9Gd4Lo+asbraQ7+lt8sbzVk4kTxY
-----END CERTIFICATE-----
Generated at Wed Sep 6 09:06:49 2023 by rpki-client on console-ams.rpki-client.org