Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/cr1EoVtLng82_snUKOLp0CR_60Y.roa
File: cr1EoVtLng82_snUKOLp0CR_60Y.roa (raw, json)
Hash identifier: e6U7ARRHgm3pME66AQKzFWRg0sAl6Qti4f82Wa+kCr8=
Subject key identifier: 72:BD:44:A1:5B:4B:9E:0F:36:FE:C9:D4:28:E2:E9:D0:24:7F:EB:46
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0185A5112D8298B96DAD6FE16D3B8B50696E
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/cr1EoVtLng82_snUKOLp0CR_60Y.roa
Signing time: Thu 12 Jan 2023 08:20:44 +0000
ROA not before: Thu 12 Jan 2023 08:20:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 45.8.71.0/24 maxlen: 24
194.242.2.0/24 maxlen: 24
45.85.104.0/24 maxlen: 24
185.192.16.0/24 maxlen: 24
193.19.108.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a5:11:2d:82:98:b9:6d:ad:6f:e1:6d:3b:8b:50:69:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 12 08:20:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72bd44a15b4b9e0f36fec9d428e2e9d0247feb46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:a0:06:e8:dc:61:34:57:5d:04:4f:a5:8f:e0:
c3:83:af:d5:72:3d:28:45:f5:0a:10:ef:3d:e7:47:
1c:2a:3b:5f:31:a9:3a:77:16:2f:7f:2a:3b:d7:2c:
6d:3b:e5:b2:51:bc:be:5c:bf:53:2a:dd:4a:c5:60:
f8:89:ad:8a:40:d8:49:f7:aa:69:9a:7d:85:03:aa:
80:56:45:ff:43:03:26:8b:40:4a:91:3f:fd:ff:a8:
02:8c:11:3e:e4:9f:a5:d5:18:33:5c:68:3b:32:0f:
92:0a:e8:e4:84:88:cb:02:44:5c:19:fa:2a:c7:fd:
ff:49:e5:0f:98:51:88:23:1d:e9:e5:84:39:a3:1f:
df:a5:0b:8c:c0:29:dd:6d:04:a0:4b:76:bd:db:0b:
7a:9c:5d:45:b2:f1:e8:85:51:7e:39:d7:4a:1f:68:
32:d7:93:a5:0b:90:13:41:c9:39:0d:ee:fe:92:28:
2f:ca:57:11:0a:0d:08:07:63:29:93:97:2a:8b:62:
ed:31:3e:10:d3:73:42:30:1d:15:ce:14:67:09:e9:
e4:0d:f0:ba:54:0b:bd:b6:13:ba:d2:14:32:64:23:
9a:92:f3:48:5b:3a:29:31:c9:45:46:3f:6f:af:fe:
a2:70:d0:5d:65:97:1e:de:fb:79:21:af:60:d4:d7:
43:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:BD:44:A1:5B:4B:9E:0F:36:FE:C9:D4:28:E2:E9:D0:24:7F:EB:46
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/cr1EoVtLng82_snUKOLp0CR_60Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.71.0/24
45.85.104.0/24
185.192.16.0/24
193.19.108.0/24
194.242.2.0/24
Signature Algorithm: sha256WithRSAEncryption
68:92:67:79:cc:de:37:9a:f6:c8:55:c3:76:07:00:33:c5:94:
fa:6c:1a:76:98:a0:09:c8:c6:b2:a4:55:bb:a6:6a:b6:da:ee:
e8:12:80:6d:6c:43:97:96:e4:4a:00:cd:86:db:c3:39:c5:24:
1d:d0:0d:3b:ae:79:8a:7c:ff:6e:45:4e:af:ae:11:42:8a:dc:
c7:2f:cf:de:dd:9b:a4:e6:10:2c:6b:9e:3b:6b:97:a9:2e:e3:
e3:df:9a:4b:d4:2e:b3:30:dd:ac:db:6d:35:58:bd:8f:83:59:
92:84:c8:25:5a:24:71:aa:d8:c4:cd:53:31:d2:7f:b4:2b:dd:
87:79:b0:88:ca:55:f8:81:d8:cf:96:b1:53:b2:7b:56:72:e8:
ac:f3:46:6c:af:03:71:eb:9b:b8:21:25:23:98:97:68:76:c7:
83:a9:50:59:91:f2:f0:9b:72:83:3a:34:2f:a5:08:71:c2:96:
79:dd:bc:0a:01:11:55:04:6d:fc:89:51:6c:9d:b0:49:10:e5:
02:15:2f:5c:36:6f:c7:60:a1:7e:84:1f:fd:2a:19:ae:dd:01:
c2:20:ff:b2:97:67:38:63:9f:71:1c:31:8d:4e:91:05:a5:75:
83:01:ca:a3:56:8e:ad:38:5d:2b:bb:34:88:1d:21:01:33:5a:
62:8c:dd:99
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYWlES2CmLltrW/hbTuLUGluMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTEyMDgyMDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmJkNDRhMTViNGI5ZTBmMzZmZWM5ZDQyOGUyZTlkMDI0N2ZlYjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgaAG6NxhNFddBE+lj+DDg6/Vcj0o
RfUKEO8950ccKjtfMak6dxYvfyo71yxtO+WyUby+XL9TKt1KxWD4ia2KQNhJ96pp
mn2FA6qAVkX/QwMmi0BKkT/9/6gCjBE+5J+l1RgzXGg7Mg+SCujkhIjLAkRcGfoq
x/3/SeUPmFGIIx3p5YQ5ox/fpQuMwCndbQSgS3a92wt6nF1FsvHohVF+OddKH2gy
15OlC5ATQck5De7+kigvylcRCg0IB2Mpk5cqi2LtMT4Q03NCMB0VzhRnCenkDfC6
VAu9thO60hQyZCOakvNIWzopMclFRj9vr/6icNBdZZce3vt5Ia9g1NdDSwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHK9RKFbS54PNv7J1Cji6dAkf+tGMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvY3IxRW9WdExuZzgyX3NuVUtPTHAwQ1JfNjBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQhHAwQA
LVVoAwQAucAQAwQAwRNsAwQAwvICMA0GCSqGSIb3DQEBCwUAA4IBAQBokmd5zN43
mvbIVcN2BwAzxZT6bBp2mKAJyMaypFW7pmq22u7oEoBtbEOXluRKAM2G28M5xSQd
0A07rnmKfP9uRU6vrhFCitzHL8/e3Zuk5hAsa547a5epLuPj35pL1C6zMN2s2201
WL2Pg1mShMglWiRxqtjEzVMx0n+0K92HebCIylX4gdjPlrFTsntWcuis80ZsrwNx
65u4ISUjmJdodseDqVBZkfLwm3KDOjQvpQhxwpZ53bwKARFVBG38iVFsnbBJEOUC
FS9cNm/HYKF+hB/9Khmu3QHCIP+yl2c4Y59xHDGNTpEFpXWDAcqjVo6tOF0ruzSI
HSEBM1pijN2Z
-----END CERTIFICATE-----
Generated at Tue Aug 22 05:37:10 2023 by rpki-client on console-fra.rpki-client.org