Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/b1oq1BHUp3rEtULafbHuJ4OueM8.roa
File: b1oq1BHUp3rEtULafbHuJ4OueM8.roa (raw, json)
Hash identifier: DkEvMHo/CRRVTldqaG9w+H9GpUHMRCm6Rd3xCLDXw3A=
Subject key identifier: 6F:5A:2A:D4:11:D4:A7:7A:C4:B5:42:DA:7D:B1:EE:27:83:AE:78:CF
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CC501057C8C5F32E4861EAA306B6C6722
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/b1oq1BHUp3rEtULafbHuJ4OueM8.roa
Signing time: Mon 01 Jan 2024 12:30:27 +0000
ROA not before: Mon 01 Jan 2024 12:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 45.92.2.0/24 maxlen: 24
45.146.187.0/24 maxlen: 24
87.247.148.0/22 maxlen: 24
91.190.96.0/24 maxlen: 24
91.190.99.0/24 maxlen: 24
91.190.104.0/24 maxlen: 24
91.217.250.0/24 maxlen: 24
45.89.38.0/24 maxlen: 24
45.89.36.0/24 maxlen: 24
217.74.16.0/24 maxlen: 24
45.88.22.0/24 maxlen: 24
45.88.20.0/24 maxlen: 24
45.83.29.0/24 maxlen: 24
2a0b:64c1::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 01 Mar 2024 08:36:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:05:7c:8c:5f:32:e4:86:1e:aa:30:6b:6c:67:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 12:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f5a2ad411d4a77ac4b542da7db1ee2783ae78cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:20:75:95:9b:83:0e:c6:73:93:27:5e:b5:aa:
49:17:8f:e1:a5:42:91:b2:9f:54:57:28:27:a0:59:
ce:b7:92:0b:92:13:6d:b7:70:1b:45:59:ea:3e:d1:
a3:49:d0:25:5a:33:55:b9:b1:1f:1a:0b:88:51:6a:
8d:aa:8e:82:5d:cc:bb:77:03:2d:28:b0:93:9f:63:
03:dc:87:6a:15:85:b5:b3:ce:00:8b:9b:47:be:41:
d2:af:87:5c:98:2b:fa:9f:78:20:6b:4d:d9:d9:15:
b3:4e:92:33:e6:b9:05:07:a6:bf:6e:8c:46:62:ee:
eb:ed:74:7a:04:50:f7:53:a6:e2:7f:07:d5:d1:cd:
4b:d9:27:de:f0:bc:72:51:cc:64:dc:23:ea:fc:08:
72:70:27:bb:cb:8d:29:55:c1:5e:6d:eb:9a:d4:81:
9c:6a:cb:c7:e7:70:ab:e8:c6:31:17:58:ac:79:90:
07:61:7f:fe:21:96:44:b4:74:4f:84:9d:5b:d1:45:
1c:0b:a4:11:73:17:08:7b:42:1c:b0:b5:50:fc:49:
1c:ce:b7:97:7b:8e:ef:61:05:63:b0:5b:a5:e5:e7:
0b:90:50:2c:ef:78:b9:40:90:e5:0b:42:6a:b7:3c:
65:fa:35:06:87:b2:5b:31:01:c3:21:0d:96:0f:5e:
71:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:5A:2A:D4:11:D4:A7:7A:C4:B5:42:DA:7D:B1:EE:27:83:AE:78:CF
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/b1oq1BHUp3rEtULafbHuJ4OueM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.29.0/24
45.88.20.0/24
45.88.22.0/24
45.89.36.0/24
45.89.38.0/24
45.92.2.0/24
45.146.187.0/24
87.247.148.0/22
91.190.96.0/24
91.190.99.0/24
91.190.104.0/24
91.217.250.0/24
217.74.16.0/24
IPv6:
2a0b:64c1::/32
Signature Algorithm: sha256WithRSAEncryption
5d:23:5f:bb:4a:39:f5:56:cc:0b:5d:95:8b:ee:78:50:22:c6:
62:fa:80:37:83:6c:07:3c:5e:62:b9:2e:dd:0b:0c:c0:19:d3:
cd:47:ba:17:39:d2:b8:fc:78:01:82:dd:13:10:5c:6e:68:f3:
52:03:bc:7d:dc:c2:22:1b:51:1f:8b:e9:69:16:7e:aa:e3:ab:
0a:0c:b0:e3:6c:93:82:bc:e2:21:aa:d3:e0:68:f5:e2:3f:84:
94:0d:46:13:fb:25:b4:57:55:14:79:42:d1:04:81:5c:e0:99:
7c:2b:46:28:20:7d:3a:71:49:6b:7b:93:ff:2d:03:76:d8:70:
a4:4b:dd:43:14:2e:5d:d0:69:0e:b4:69:59:d0:2f:30:08:d3:
4f:75:4d:af:be:c5:0e:35:0a:a1:92:7b:14:7a:67:7f:10:34:
be:13:70:a4:83:93:39:d6:e2:1a:11:11:35:d7:fc:d1:a2:8f:
89:54:7b:46:13:a3:28:ab:ad:cd:80:04:b8:87:2a:66:fd:84:
02:b8:66:cb:eb:7b:f1:b4:21:2b:fa:49:bc:5c:0a:ef:6f:39:
54:63:06:aa:ba:30:24:f4:03:59:0f:14:cc:6b:35:09:7d:05:
75:60:b8:93:8d:4e:f1:d5:01:02:7d:59:64:b9:79:aa:59:ee:
32:35:46:46
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYzFAQV8jF8y5IYeqjBrbGciMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjVhMmFkNDExZDRhNzdhYzRiNTQyZGE3ZGIxZWUyNzgzYWU3OGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCB1lZuDDsZzkydetapJF4/hpUKR
sp9UVygnoFnOt5ILkhNtt3AbRVnqPtGjSdAlWjNVubEfGguIUWqNqo6CXcy7dwMt
KLCTn2MD3IdqFYW1s84Ai5tHvkHSr4dcmCv6n3gga03Z2RWzTpIz5rkFB6a/boxG
Yu7r7XR6BFD3U6bifwfV0c1L2Sfe8LxyUcxk3CPq/AhycCe7y40pVcFebeua1IGc
asvH53Cr6MYxF1iseZAHYX/+IZZEtHRPhJ1b0UUcC6QRcxcIe0IcsLVQ/EkczreX
e47vYQVjsFul5ecLkFAs73i5QJDlC0Jqtzxl+jUGh7JbMQHDIQ2WD15xgQIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFG9aKtQR1Kd6xLVC2n2x7ieDrnjPMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvYjFvcTFCSFVwM3JFdFVMYWZiSHVKNE91ZU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQALVMdAwQA
LVgUAwQALVgWAwQALVkkAwQALVkmAwQALVwCAwQALZK7AwQCV/eUAwQAW75gAwQA
W75jAwQAW75oAwQAW9n6AwQA2UoQMA0EAgACMAcDBQAqC2TBMA0GCSqGSIb3DQEB
CwUAA4IBAQBdI1+7Sjn1VswLXZWL7nhQIsZi+oA3g2wHPF5iuS7dCwzAGdPNR7oX
OdK4/HgBgt0TEFxuaPNSA7x93MIiG1Efi+lpFn6q46sKDLDjbJOCvOIhqtPgaPXi
P4SUDUYT+yW0V1UUeULRBIFc4Jl8K0YoIH06cUlre5P/LQN22HCkS91DFC5d0GkO
tGlZ0C8wCNNPdU2vvsUONQqhknsUemd/EDS+E3Ckg5M51uIaERE11/zRoo+JVHtG
E6Moq63NgAS4hypm/YQCuGbL63vxtCEr+km8XArvbzlUYwaqujAk9ANZDxTMazUJ
fQV1YLiTjU7x1QECfVlkuXmqWe4yNUZG
-----END CERTIFICATE-----
Generated at Fri Mar 1 11:11:46 2024 by rpki-client on console-ams.rpki-client.org