Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/fb18KDffBFokwQggwgnLBpuPLmU.roa
File: fb18KDffBFokwQggwgnLBpuPLmU.roa (raw, json)
Hash identifier: YJyVzNHCveS9g7wjNLh0bW39HHSpJ9pQMnW8dLF+V74=
Subject key identifier: 7D:BD:7C:28:37:DF:04:5A:24:C1:08:20:C2:09:CB:06:9B:8F:2E:65
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018DF928AB8A5D9C4F3D3FE194CD75A70367
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/fb18KDffBFokwQggwgnLBpuPLmU.roa
Signing time: Fri 01 Mar 2024 08:36:48 +0000
ROA not before: Fri 01 Mar 2024 08:36:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 45.83.29.0/24 maxlen: 24
45.88.20.0/24 maxlen: 24
45.88.22.0/24 maxlen: 24
45.89.36.0/24 maxlen: 24
45.89.38.0/24 maxlen: 24
45.92.2.0/24 maxlen: 24
45.146.187.0/24 maxlen: 24
87.247.148.0/22 maxlen: 24
89.31.216.0/24 maxlen: 24
91.190.96.0/24 maxlen: 24
91.190.99.0/24 maxlen: 24
91.190.104.0/24 maxlen: 24
91.217.236.0/24 maxlen: 24
91.217.250.0/24 maxlen: 24
185.239.241.0/24 maxlen: 24
185.244.137.0/24 maxlen: 24
185.245.5.0/24 maxlen: 24
185.245.7.0/24 maxlen: 24
217.74.16.0/24 maxlen: 24
2a0b:64c1::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 11 Mar 2024 07:58:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f9:28:ab:8a:5d:9c:4f:3d:3f:e1:94:cd:75:a7:03:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 1 08:36:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7dbd7c2837df045a24c10820c209cb069b8f2e65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:fb:73:cd:68:26:e4:67:fa:35:c3:73:63:42:
47:9d:31:c5:65:d2:f8:3d:b2:b9:53:f5:46:6a:82:
d3:cd:a5:97:0e:f9:1a:2a:b3:1c:39:57:c5:62:de:
1c:4c:f8:86:e4:6d:ff:40:1f:43:95:2b:77:94:d6:
5d:e5:47:93:b4:b2:cc:13:88:d8:ba:fe:60:68:9e:
98:2d:92:77:88:e2:ac:1e:4b:f8:c2:3f:bf:34:6e:
0a:65:30:61:1f:a4:f3:8c:0f:c4:d2:c2:6e:0d:63:
d7:ba:6c:58:47:fb:5f:84:b8:8c:cd:11:c8:d4:43:
aa:46:62:2b:0f:de:d4:47:a8:d5:3c:e5:cd:7a:d6:
c1:05:55:07:58:4b:bf:72:a7:dd:52:bd:61:e2:72:
a5:9b:0e:fe:93:98:1c:ad:46:19:02:d0:d9:dc:aa:
7b:cc:07:64:27:52:ac:bf:37:08:d8:2d:f7:15:cd:
a1:bf:d2:9f:5b:3f:e9:c0:bb:1e:86:4a:88:a1:da:
c6:07:3b:a5:0b:7a:d9:2c:7e:fc:47:a2:05:3b:98:
90:17:7f:87:72:c0:39:e5:e0:89:01:d3:91:04:7b:
48:c7:d8:30:67:f3:d2:bd:bc:22:ab:b3:ef:45:4f:
d0:e7:26:47:5c:13:6f:ed:2b:fa:cd:9d:ab:f9:ae:
c7:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:BD:7C:28:37:DF:04:5A:24:C1:08:20:C2:09:CB:06:9B:8F:2E:65
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/fb18KDffBFokwQggwgnLBpuPLmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.29.0/24
45.88.20.0/24
45.88.22.0/24
45.89.36.0/24
45.89.38.0/24
45.92.2.0/24
45.146.187.0/24
87.247.148.0/22
89.31.216.0/24
91.190.96.0/24
91.190.99.0/24
91.190.104.0/24
91.217.236.0/24
91.217.250.0/24
185.239.241.0/24
185.244.137.0/24
185.245.5.0/24
185.245.7.0/24
217.74.16.0/24
IPv6:
2a0b:64c1::/32
Signature Algorithm: sha256WithRSAEncryption
35:bd:a1:58:da:91:3f:c6:11:d5:af:b5:a8:c8:98:0b:21:5a:
c1:05:e9:1f:36:93:80:11:6a:64:dc:fb:40:83:9d:56:2f:fe:
ad:1f:f1:3a:b6:7a:f2:9f:ef:59:ee:c3:cd:48:54:c6:25:af:
ca:09:f3:23:37:25:ec:7e:5b:61:9c:0d:de:1a:6f:0c:78:63:
97:ac:f1:06:40:4f:08:aa:80:08:b5:d1:9e:0a:03:0e:38:cc:
2e:72:e1:64:dd:28:ea:9f:08:fa:af:3e:28:3b:51:6b:ad:13:
79:0e:b0:1a:d9:c0:f3:9b:ed:c4:3a:ed:92:44:50:56:18:c0:
d2:bd:92:9d:8e:f1:b5:48:95:18:11:28:e1:c1:34:b3:83:e7:
eb:b4:4a:d3:62:51:b1:b5:5d:81:58:4f:44:95:87:f8:29:a1:
31:7d:70:22:e4:bb:30:11:dc:57:7e:14:88:98:d2:8f:ce:a5:
75:48:4e:13:86:e6:92:0c:de:bc:ad:23:d5:e5:88:02:df:76:
0b:38:9e:9e:08:ea:96:f9:07:2c:4a:ff:85:d6:30:63:3a:6d:
12:8f:0c:43:57:39:77:63:da:2a:b2:02:52:f8:1a:44:77:43:
c3:c6:0f:01:4d:53:7f:6e:87:81:2c:84:d7:62:81:3f:c5:52:
0c:37:c6:fd
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAY35KKuKXZxPPT/hlM11pwNnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMzAxMDgzNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGJkN2MyODM3ZGYwNDVhMjRjMTA4MjBjMjA5Y2IwNjliOGYyZTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/tzzWgm5Gf6NcNzY0JHnTHFZdL4
PbK5U/VGaoLTzaWXDvkaKrMcOVfFYt4cTPiG5G3/QB9DlSt3lNZd5UeTtLLME4jY
uv5gaJ6YLZJ3iOKsHkv4wj+/NG4KZTBhH6TzjA/E0sJuDWPXumxYR/tfhLiMzRHI
1EOqRmIrD97UR6jVPOXNetbBBVUHWEu/cqfdUr1h4nKlmw7+k5gcrUYZAtDZ3Kp7
zAdkJ1KsvzcI2C33Fc2hv9KfWz/pwLsehkqIodrGBzulC3rZLH78R6IFO5iQF3+H
csA55eCJAdORBHtIx9gwZ/PSvbwiq7PvRU/Q5yZHXBNv7Sv6zZ2r+a7HcQIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFH29fCg33wRaJMEIIMIJywabjy5lMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvZmIxOEtEZmZCRm9rd1FnZ3dnbkxCcHVQTG1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTB4BAIAATByAwQALVMd
AwQALVgUAwQALVgWAwQALVkkAwQALVkmAwQALVwCAwQALZK7AwQCV/eUAwQAWR/Y
AwQAW75gAwQAW75jAwQAW75oAwQAW9nsAwQAW9n6AwQAue/xAwQAufSJAwQAufUF
AwQAufUHAwQA2UoQMA0EAgACMAcDBQAqC2TBMA0GCSqGSIb3DQEBCwUAA4IBAQA1
vaFY2pE/xhHVr7WoyJgLIVrBBekfNpOAEWpk3PtAg51WL/6tH/E6tnryn+9Z7sPN
SFTGJa/KCfMjNyXsflthnA3eGm8MeGOXrPEGQE8IqoAItdGeCgMOOMwucuFk3Sjq
nwj6rz4oO1FrrRN5DrAa2cDzm+3EOu2SRFBWGMDSvZKdjvG1SJUYESjhwTSzg+fr
tErTYlGxtV2BWE9ElYf4KaExfXAi5LswEdxXfhSImNKPzqV1SE4ThuaSDN68rSPV
5YgC33YLOJ6eCOqW+QcsSv+F1jBjOm0SjwxDVzl3Y9oqsgJS+BpEd0PDxg8BTVN/
boeBLITXYoE/xVIMN8b9
-----END CERTIFICATE-----
Generated at Mon Mar 11 12:10:48 2024 by rpki-client on console-ams.rpki-client.org