Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/fVaW-Z_c7FbiWGprX5HqdObimt4.roa
File: fVaW-Z_c7FbiWGprX5HqdObimt4.roa (raw, json)
Hash identifier: xLyZ93WGZ+kx+WGUvA09COZtFJuIKsHcXlEVRF09Bs8=
Subject key identifier: 7D:56:96:F9:9F:DC:EC:56:E2:58:6A:6B:5F:91:EA:74:E6:E2:9A:DE
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0192B53190B410864DCBB6E4F1577C58176F
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/fVaW-Z_c7FbiWGprX5HqdObimt4.roa
Signing time: Tue 22 Oct 2024 17:06:17 +0000
ROA not before: Tue 22 Oct 2024 17:06:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 2.58.148.0/22 maxlen: 24
45.91.149.0/24 maxlen: 24
45.135.187.0/24 maxlen: 24
45.143.53.0/24 maxlen: 24
45.145.44.0/23 maxlen: 24
45.145.47.0/24 maxlen: 24
62.197.144.0/24 maxlen: 24
62.197.147.0/24 maxlen: 24
62.197.148.0/24 maxlen: 24
62.197.150.0/24 maxlen: 24
62.197.151.0/24 maxlen: 24
62.197.152.0/24 maxlen: 24
62.197.159.0/24 maxlen: 24
84.247.25.0/24 maxlen: 24
84.247.26.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
89.36.22.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
89.43.199.0/24 maxlen: 24
92.62.121.0/24 maxlen: 24
93.115.255.0/24 maxlen: 24
94.103.249.0/24 maxlen: 24
94.103.250.0/24 maxlen: 24
185.121.121.0/24 maxlen: 24
185.121.122.0/24 maxlen: 24
185.121.123.0/24 maxlen: 24
185.184.134.0/24 maxlen: 24
185.205.190.0/24 maxlen: 24
185.239.241.0/24 maxlen: 24
185.239.243.0/24 maxlen: 24
185.244.137.0/24 maxlen: 24
185.245.5.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.240.68.0/24 maxlen: 24
188.240.74.0/24 maxlen: 24
193.19.108.0/24 maxlen: 24
193.218.32.0/24 maxlen: 24
193.239.164.0/23 maxlen: 24
194.169.169.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Oct 2024 06:10:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b5:31:90:b4:10:86:4d:cb:b6:e4:f1:57:7c:58:17:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 22 17:06:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d5696f99fdcec56e2586a6b5f91ea74e6e29ade
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:88:39:75:ac:ec:be:45:02:55:ae:04:bd:4b:
5e:d2:82:63:64:e0:0e:85:08:7e:cd:74:f8:b1:44:
d4:ca:7e:7a:70:5a:99:fd:9b:50:87:0b:b1:d3:f0:
70:0b:17:4e:9b:90:9e:66:f0:b9:05:49:5c:67:b4:
fe:74:83:0b:be:fc:53:d8:70:85:b9:30:97:c4:4a:
3c:34:48:57:a1:4a:bb:a2:36:1c:68:2b:c2:27:fc:
90:a4:e5:4f:41:ed:1e:2e:7b:e1:9b:75:3d:b3:30:
a4:8c:83:0b:17:82:68:87:2c:5f:3b:c3:de:39:f3:
c6:b2:ec:bf:e7:de:fb:97:aa:d4:f1:7e:2d:37:a8:
f7:39:8a:82:79:c3:55:05:f1:ae:81:f7:76:e6:2c:
34:05:75:b5:eb:d2:8a:f4:37:a7:2d:d4:8d:b6:fc:
18:b1:58:a3:b4:10:2f:5a:14:39:6f:ae:d6:96:25:
e4:ae:8e:12:8f:78:45:4f:53:4f:fc:f8:8f:9d:27:
c6:97:8c:17:99:e5:58:ee:96:d2:de:9e:81:16:17:
8a:df:78:a5:9d:28:a7:f0:ea:0f:b7:ad:4d:92:e2:
57:51:3f:f8:de:05:f1:d4:db:a0:f8:30:fb:fa:3f:
2e:9b:08:7a:92:30:0a:5e:1d:c3:ff:87:55:f6:2a:
8f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:56:96:F9:9F:DC:EC:56:E2:58:6A:6B:5F:91:EA:74:E6:E2:9A:DE
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/fVaW-Z_c7FbiWGprX5HqdObimt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.148.0/22
45.91.149.0/24
45.135.187.0/24
45.143.53.0/24
45.145.44.0/23
45.145.47.0/24
62.197.144.0/24
62.197.147.0-62.197.148.255
62.197.150.0-62.197.152.255
62.197.159.0/24
84.247.25.0-84.247.26.255
89.33.84.0/24
89.36.22.0/24
89.37.62.0/24
89.43.199.0/24
92.62.121.0/24
93.115.255.0/24
94.103.249.0-94.103.250.255
185.121.121.0-185.121.123.255
185.184.134.0/24
185.205.190.0/24
185.239.241.0/24
185.239.243.0/24
185.244.137.0/24
185.245.5.0/24
188.212.132.0/24
188.240.68.0/24
188.240.74.0/24
193.19.108.0/24
193.218.32.0/24
193.239.164.0/23
194.169.169.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:74:a7:e1:14:3d:d6:2c:39:ad:5a:f2:de:bb:75:be:f3:b0:
0a:8b:56:a1:73:4a:c5:1d:d9:f5:f3:a5:86:8e:14:43:ea:02:
0d:e1:64:28:ab:ce:0c:b4:29:f6:39:9c:80:84:48:ed:d2:5d:
29:4f:ca:cc:ff:ef:a2:08:b9:a8:e0:fd:27:51:39:aa:72:28:
33:a9:7d:c9:30:be:5d:31:c2:95:b5:e5:7c:02:9e:e7:b2:c5:
ae:da:e7:f7:0d:6b:15:16:96:0e:b0:3f:8f:ea:db:64:a6:0a:
83:d2:f3:49:21:a9:77:11:c8:a6:b2:b0:2e:4a:8d:68:ba:cf:
08:c3:c9:6c:7b:fd:f6:3f:60:6b:03:2b:dc:c9:95:b3:7a:c8:
d4:31:3b:94:7b:2c:b6:28:b2:d6:24:c8:8f:c4:dc:a5:c5:f9:
78:4d:9d:b2:38:10:eb:6b:e1:fc:21:77:37:d0:e7:43:94:18:
b9:48:0f:32:4c:99:86:d5:88:3e:e7:f3:56:32:b9:9f:b8:b5:
79:9d:ca:d2:46:c6:5e:02:72:17:9d:af:59:75:70:95:74:61:
b8:20:bb:1e:a3:e7:54:a3:8c:4f:cc:43:39:96:f1:db:4b:be:
26:28:39:17:5a:40:e2:15:cf:b0:51:c4:b5:dc:57:e7:96:61:
51:e2:1f:ac
-----BEGIN CERTIFICATE-----
MIIF5TCCBM2gAwIBAgISAZK1MZC0EIZNy7bk8Vd8WBdvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQxMDIyMTcwNjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDU2OTZmOTlmZGNlYzU2ZTI1ODZhNmI1ZjkxZWE3NGU2ZTI5YWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqog5dazsvkUCVa4EvUte0oJjZOAO
hQh+zXT4sUTUyn56cFqZ/ZtQhwux0/BwCxdOm5CeZvC5BUlcZ7T+dIMLvvxT2HCF
uTCXxEo8NEhXoUq7ojYcaCvCJ/yQpOVPQe0eLnvhm3U9szCkjIMLF4JohyxfO8Pe
OfPGsuy/5977l6rU8X4tN6j3OYqCecNVBfGugfd25iw0BXW169KK9DenLdSNtvwY
sVijtBAvWhQ5b67WliXkro4Sj3hFT1NP/PiPnSfGl4wXmeVY7pbS3p6BFheK33il
nSin8OoPt61NkuJXUT/43gXx1Nug+DD7+j8umwh6kjAKXh3D/4dV9iqPZQIDAQAB
o4IC8TCCAu0wHQYDVR0OBBYEFH1Wlvmf3OxW4lhqa1+R6nTm4preMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvZlZhVy1aX2M3RmJpV0dwclg1SHFkT2JpbXQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBQYIKwYBBQUHAQcBAf8EgfUwgfIwge8EAgABMIHoAwQC
AjqUAwQALVuVAwQALYe7AwQALY81AwQBLZEsAwQALZEvAwQAPsWQMAwDBAA+xZMD
BAA+xZQwDAMEAT7FlgMEAD7FmAMEAD7FnzAMAwQAVPcZAwQAVPcaAwQAWSFUAwQA
WSQWAwQAWSU+AwQAWSvHAwQAXD55AwQAXXP/MAwDBABeZ/kDBABeZ/owDAMEALl5
eQMEArl5eAMEALm4hgMEALnNvgMEALnv8QMEALnv8wMEALn0iQMEALn1BQMEALzU
hAMEALzwRAMEALzwSgMEAMETbAMEAMHaIAMEAcHvpAMEAMKpqTANBgkqhkiG9w0B
AQsFAAOCAQEAbXSn4RQ91iw5rVry3rt1vvOwCotWoXNKxR3Z9fOlho4UQ+oCDeFk
KKvODLQp9jmcgIRI7dJdKU/KzP/vogi5qOD9J1E5qnIoM6l9yTC+XTHClbXlfAKe
57LFrtrn9w1rFRaWDrA/j+rbZKYKg9LzSSGpdxHIprKwLkqNaLrPCMPJbHv99j9g
awMr3MmVs3rI1DE7lHsstiiy1iTIj8TcpcX5eE2dsjgQ62vh/CF3N9DnQ5QYuUgP
MkyZhtWIPufzVjK5n7i1eZ3K0kbGXgJyF52vWXVwlXRhuCC7HqPnVKOMT8xDOZbx
20u+Jig5F1pA4hXPsFHEtdxX55ZhUeIfrA==
-----END CERTIFICATE-----
Generated at Thu Oct 24 07:23:05 2024 by rpki-client on console-fra.rpki-client.org