Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/c0n23KyMAWD067U2mACKndDBMEI.roa
File: c0n23KyMAWD067U2mACKndDBMEI.roa (raw, json)
Hash identifier: H4xX2XBHcJj2ieml9yAgNVk+enS70P1iqLw7j14rW9s=
Subject key identifier: 73:49:F6:DC:AC:8C:01:60:F4:EB:B5:36:98:00:8A:9D:D0:C1:30:42
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CD9E9831A6EDE3C3F2A4F36632F84A847
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/c0n23KyMAWD067U2mACKndDBMEI.roa
Signing time: Fri 05 Jan 2024 13:56:48 +0000
ROA not before: Fri 05 Jan 2024 13:56:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8038
IP address blocks: 203.25.124.0/24 maxlen: 24
194.5.84.0/24 maxlen: 24
194.242.3.0/24 maxlen: 24
193.26.114.0/24 maxlen: 24
45.144.224.0/24 maxlen: 24
185.165.44.0/24 maxlen: 24
46.229.255.0/24 maxlen: 24
185.150.0.0/24 maxlen: 24
91.190.107.0/24 maxlen: 24
203.159.82.0/24 maxlen: 24
185.217.118.0/24 maxlen: 24
203.159.90.0/24 maxlen: 24
194.76.134.0/24 maxlen: 24
45.133.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 04:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d9:e9:83:1a:6e:de:3c:3f:2a:4f:36:63:2f:84:a8:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 5 13:56:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7349f6dcac8c0160f4ebb53698008a9dd0c13042
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b1:d1:a5:8e:7a:83:79:c6:91:f5:7a:4c:cd:
84:05:20:ea:13:8e:3c:0d:d1:d3:58:e8:81:53:f1:
5e:a7:5e:29:74:cb:c1:a5:b7:9a:3b:d3:26:7f:0a:
12:16:59:9f:dd:82:39:66:ce:7f:89:23:d0:a0:04:
c6:f8:7e:12:ca:27:6d:a2:26:0f:e6:57:00:9f:c7:
8b:ae:c7:95:da:c2:c4:f1:49:e1:e2:4c:02:43:43:
f7:18:06:92:6a:ba:03:ec:ab:a8:42:de:88:cc:f4:
a2:ba:95:fc:82:3b:3a:5b:d6:06:75:e5:aa:21:f1:
fe:c7:6f:28:6f:68:b7:1a:6f:42:6c:77:0c:94:c4:
7a:cd:83:8d:ac:1c:47:74:9f:f9:aa:e5:71:c9:e6:
27:9a:84:81:71:18:57:4e:d1:b2:69:41:7c:c8:0b:
46:81:7b:ce:77:8d:45:60:8d:c5:a2:46:4c:4b:f8:
f0:30:34:4d:c5:4e:7a:6a:20:f5:26:64:16:34:3a:
14:68:a9:f3:bb:a9:b0:fb:5a:ce:5e:3b:62:7a:e5:
0e:02:95:97:04:15:af:04:8a:8e:2e:24:af:db:e5:
14:bf:2a:a6:39:b1:e5:f3:36:b2:92:78:42:20:31:
84:53:94:f0:7a:13:97:d3:cd:9d:ce:bc:92:1e:3b:
c0:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:49:F6:DC:AC:8C:01:60:F4:EB:B5:36:98:00:8A:9D:D0:C1:30:42
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/c0n23KyMAWD067U2mACKndDBMEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.0.0/24
45.144.224.0/24
46.229.255.0/24
91.190.107.0/24
185.150.0.0/24
185.165.44.0/24
185.217.118.0/24
193.26.114.0/24
194.5.84.0/24
194.76.134.0/24
194.242.3.0/24
203.25.124.0/24
203.159.82.0/24
203.159.90.0/24
Signature Algorithm: sha256WithRSAEncryption
24:ce:6b:6b:6a:f7:7d:6b:34:09:5a:3b:37:0f:96:64:d2:aa:
ee:9a:ca:32:46:57:61:bf:d4:3b:f3:ac:4e:d8:40:6e:2f:13:
63:0d:09:b4:35:62:18:15:be:4a:03:20:4f:c3:a8:c4:e8:7c:
a0:2a:b2:2e:ce:b5:61:8d:ae:ab:f2:0e:26:9e:e6:23:81:e4:
b3:17:06:d6:b6:7b:5d:aa:dc:7c:10:c9:0c:8a:7a:05:ab:fa:
66:30:64:29:46:37:f7:f6:24:a4:45:c0:88:a9:49:d5:f1:fa:
97:bb:ae:9b:59:81:85:9c:58:3f:9c:0b:87:e4:36:d7:fd:bb:
be:42:fa:8c:e7:9b:63:78:6a:be:44:07:a9:7a:d1:61:4c:42:
11:92:7c:cb:b9:fb:a0:3b:01:45:fd:75:e4:9c:55:8c:19:83:
48:02:16:8c:00:57:ca:6a:d6:41:9c:80:c8:13:fc:2d:ac:f5:
c9:84:5e:d4:6f:70:78:db:fb:a5:4b:9f:9c:b2:6a:da:f2:45:
91:9d:1e:b2:a8:88:1d:21:3a:07:b5:50:d1:10:a8:71:a4:87:
0b:bc:1b:ec:15:9a:bc:04:09:9a:be:76:ad:45:0f:a6:72:cd:
d6:ae:df:ae:99:7d:4c:16:4a:55:5b:ff:53:90:1a:a7:5c:ee:
b6:15:71:36
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYzZ6YMabt48PypPNmMvhKhHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTA1MTM1NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzQ5ZjZkY2FjOGMwMTYwZjRlYmI1MzY5ODAwOGE5ZGQwYzEzMDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLHRpY56g3nGkfV6TM2EBSDqE448
DdHTWOiBU/Fep14pdMvBpbeaO9MmfwoSFlmf3YI5Zs5/iSPQoATG+H4SyidtoiYP
5lcAn8eLrseV2sLE8Unh4kwCQ0P3GAaSaroD7KuoQt6IzPSiupX8gjs6W9YGdeWq
IfH+x28ob2i3Gm9CbHcMlMR6zYONrBxHdJ/5quVxyeYnmoSBcRhXTtGyaUF8yAtG
gXvOd41FYI3FokZMS/jwMDRNxU56aiD1JmQWNDoUaKnzu6mw+1rOXjtieuUOApWX
BBWvBIqOLiSv2+UUvyqmObHl8zayknhCIDGEU5TwehOX082dzrySHjvAbQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFHNJ9tysjAFg9Ou1NpgAip3QwTBCMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvYzBuMjNLeU1BV0QwNjdVMm1BQ0tuZERCTUVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQALYUAAwQA
LZDgAwQALuX/AwQAW75rAwQAuZYAAwQAuaUsAwQAudl2AwQAwRpyAwQAwgVUAwQA
wkyGAwQAwvIDAwQAyxl8AwQAy59SAwQAy59aMA0GCSqGSIb3DQEBCwUAA4IBAQAk
zmtravd9azQJWjs3D5Zk0qrumsoyRldhv9Q786xO2EBuLxNjDQm0NWIYFb5KAyBP
w6jE6HygKrIuzrVhja6r8g4mnuYjgeSzFwbWtntdqtx8EMkMinoFq/pmMGQpRjf3
9iSkRcCIqUnV8fqXu66bWYGFnFg/nAuH5DbX/bu+QvqM55tjeGq+RAepetFhTEIR
knzLufugOwFF/XXknFWMGYNIAhaMAFfKatZBnIDIE/wtrPXJhF7Ub3B42/ulS5+c
smra8kWRnR6yqIgdIToHtVDREKhxpIcLvBvsFZq8BAmavnatRQ+mcs3Wrt+umX1M
FkpVW/9TkBqnXO62FXE2
-----END CERTIFICATE-----
Generated at Wed Jan 31 05:26:00 2024 by rpki-client on console-ams.rpki-client.org