Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/bKHuD9KnuoarB5jtRmGtwTPC7yg.roa
File: bKHuD9KnuoarB5jtRmGtwTPC7yg.roa (raw, json)
Hash identifier: gJ9DyEjPY5d9XZPUAh8jJgH0oEhupNK+BzKGYnstBg8=
Subject key identifier: 6C:A1:EE:0F:D2:A7:BA:86:AB:07:98:ED:46:61:AD:C1:33:C2:EF:28
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018E9B3D3BB8FF0AA6A764ECB3BD9E071590
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/bKHuD9KnuoarB5jtRmGtwTPC7yg.roa
Signing time: Mon 01 Apr 2024 19:57:45 +0000
ROA not before: Mon 01 Apr 2024 19:57:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.146.184.0/22 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
89.36.23.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
93.115.254.0/23 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
185.255.39.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
188.214.208.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Apr 2024 09:34:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9b:3d:3b:b8:ff:0a:a6:a7:64:ec:b3:bd:9e:07:15:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 1 19:57:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ca1ee0fd2a7ba86ab0798ed4661adc133c2ef28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:fc:87:3e:95:8b:2e:bf:55:0f:00:5e:91:cd:
66:a0:fa:08:bf:ff:78:a2:5c:40:68:11:12:39:51:
08:16:fc:83:d0:85:66:b4:d6:fd:8e:c0:15:08:1e:
e1:ea:b4:b7:bb:e7:11:64:2a:ca:72:94:2c:02:31:
04:cf:a5:5e:31:71:93:a9:63:61:73:e1:de:5d:8c:
ce:c9:77:56:dd:f1:60:44:1d:c5:e9:b5:fb:04:99:
e7:00:a9:af:d2:59:9d:a0:b0:45:ff:99:15:9c:13:
7d:73:0a:f7:4f:aa:5b:e4:85:45:c9:9c:d8:b2:79:
7c:79:29:75:89:a9:d5:38:61:4d:07:c8:35:e0:f8:
cb:99:ba:fd:95:ea:e2:df:d7:ea:e1:dc:64:e4:56:
a7:6d:1f:b7:35:7f:96:92:e8:16:fe:55:96:97:8f:
67:0a:64:23:e8:41:b3:0e:d6:03:a4:a6:5b:7c:67:
77:8c:7d:7c:98:da:f1:26:0c:64:e0:68:72:28:76:
53:3c:2f:3c:0a:6d:3a:48:5c:4d:1c:61:d8:2f:15:
09:da:b3:ff:87:f2:f5:08:b7:ea:a6:48:c5:f3:de:
c4:28:18:35:3b:99:04:52:ec:6b:6d:51:53:96:ff:
a6:58:73:13:c9:3c:c4:d1:0c:94:d2:1b:19:13:1c:
15:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:A1:EE:0F:D2:A7:BA:86:AB:07:98:ED:46:61:AD:C1:33:C2:EF:28
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/bKHuD9KnuoarB5jtRmGtwTPC7yg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
89.33.84.0/24
89.35.154.0/24
89.36.23.0/24
89.37.62.0/23
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
188.212.133.0/24
188.212.158.0/23
188.214.208.0/23
188.240.224.0/23
188.240.227.0/24
188.240.232.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
92:3d:c4:cb:64:55:96:52:e0:cf:e7:d1:35:5f:c7:e2:5e:0a:
bc:69:a0:9c:82:06:1a:c8:10:ec:9b:8c:d9:53:1b:1a:84:bd:
af:90:27:0f:0a:4c:67:09:b6:f8:c9:44:cd:2b:6f:23:11:f7:
c3:33:0b:48:54:cc:4a:6c:ac:78:20:92:5f:59:aa:42:ae:82:
41:37:16:76:8a:ae:c2:ef:b2:5d:70:a8:cf:07:95:c3:c2:8b:
62:50:04:f7:4c:98:c9:14:26:b3:83:90:c9:b6:88:54:7e:1c:
d3:c0:e0:c4:bc:fa:48:12:9a:61:1a:a0:74:20:87:0d:ad:1d:
0d:9b:d6:a8:1e:56:2a:56:b2:1f:3c:90:59:f2:4a:99:18:61:
db:b5:ad:e8:1d:d2:57:59:a0:6b:18:cb:c2:9c:b5:60:fa:f8:
c7:a3:34:5e:68:39:5b:49:ac:8c:2c:c1:81:16:2b:80:13:d3:
fe:ac:34:81:3f:eb:1c:c5:0d:2d:85:d6:b2:b8:3c:a4:5f:58:
0f:a2:09:86:3c:fb:a9:cc:1d:b2:6e:89:2b:ad:ea:18:b7:51:
de:b5:d8:dc:ff:f0:9a:be:3f:24:e1:02:e1:08:52:ef:70:7c:
30:99:1f:05:fd:66:7b:87:36:f2:64:0d:6d:1a:c2:e1:ee:c4:
33:93:ae:43
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAY6bPTu4/wqmp2Tss72eBxWQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwNDAxMTk1NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2ExZWUwZmQyYTdiYTg2YWIwNzk4ZWQ0NjYxYWRjMTMzYzJlZjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPyHPpWLLr9VDwBekc1moPoIv/94
olxAaBESOVEIFvyD0IVmtNb9jsAVCB7h6rS3u+cRZCrKcpQsAjEEz6VeMXGTqWNh
c+HeXYzOyXdW3fFgRB3F6bX7BJnnAKmv0lmdoLBF/5kVnBN9cwr3T6pb5IVFyZzY
snl8eSl1ianVOGFNB8g14PjLmbr9leri39fq4dxk5FanbR+3NX+WkugW/lWWl49n
CmQj6EGzDtYDpKZbfGd3jH18mNrxJgxk4GhyKHZTPC88Cm06SFxNHGHYLxUJ2rP/
h/L1CLfqpkjF897EKBg1O5kEUuxrbVFTlv+mWHMTyTzE0QyU0hsZExwVhwIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFGyh7g/Sp7qGqweY7UZhrcEzwu8oMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvYktIdUQ5S251b2FyQjVqdFJtR3R3VFBDN3lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAIt
krgDBAAtnJ0DBABZIVQDBABZI5oDBABZJBcDBAFZJT4DBAJbvMwDBAFdc/4DBAG5
h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAC81IUDBAG81J4DBAG81tADBAG8
8OADBAC88OMDBAC88OgDBAC88fMDBAHBF4ADBALV6FwwDQYJKoZIhvcNAQELBQAD
ggEBAJI9xMtkVZZS4M/n0TVfx+JeCrxpoJyCBhrIEOybjNlTGxqEva+QJw8KTGcJ
tvjJRM0rbyMR98MzC0hUzEpsrHggkl9ZqkKugkE3FnaKrsLvsl1wqM8HlcPCi2JQ
BPdMmMkUJrODkMm2iFR+HNPA4MS8+kgSmmEaoHQghw2tHQ2b1qgeVipWsh88kFny
SpkYYdu1regd0ldZoGsYy8KctWD6+MejNF5oOVtJrIwswYEWK4AT0/6sNIE/6xzF
DS2F1rK4PKRfWA+iCYY8+6nMHbJuiSut6hi3Ud612Nz/8Jq+PyThAuEIUu9wfDCZ
HwX9ZnuHNvJkDW0awuHuxDOTrkM=
-----END CERTIFICATE-----
Generated at Tue Apr 2 14:25:20 2024 by rpki-client on console-fra.rpki-client.org