Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/giCSlJd3fymR-WsnIjzF94QSmgY.roa
File: giCSlJd3fymR-WsnIjzF94QSmgY.roa (raw, json)
Hash identifier: hVh1wpV5siazkTR/vsM0tSbokkaGXBgswxM8CtqeEsE=
Subject key identifier: 82:20:92:94:97:77:7F:29:91:F9:6B:27:22:3C:C5:F7:84:12:9A:06
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018AD7D6B6B3DECF05368BA9BB60EAE9A9D3
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/giCSlJd3fymR-WsnIjzF94QSmgY.roa
Signing time: Wed 27 Sep 2023 18:11:27 +0000
ROA not before: Wed 27 Sep 2023 18:11:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 45.91.50.0/24 maxlen: 24
45.8.68.0/24 maxlen: 24
45.67.97.0/24 maxlen: 24
45.67.99.0/24 maxlen: 24
188.214.208.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Nov 2023 08:13:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d7:d6:b6:b3:de:cf:05:36:8b:a9:bb:60:ea:e9:a9:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Sep 27 18:11:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8220929497777f2991f96b27223cc5f784129a06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:2a:5e:fc:69:fd:d8:de:98:70:df:8d:58:0a:
df:8f:c3:39:ab:4b:6c:6a:99:5b:89:a3:43:e8:84:
96:a4:5a:5b:38:f5:05:d3:d0:ab:d7:f2:0a:af:44:
16:13:6f:b2:ae:95:7b:7c:27:d2:a7:68:5f:c8:fc:
7e:a6:a7:40:73:08:f1:74:ff:3b:98:f5:d4:95:8c:
16:e7:4a:4d:81:d5:dc:6b:62:b1:d0:ac:5f:39:90:
76:ee:8c:dc:78:ce:4a:39:17:1a:80:a1:a3:7e:b8:
70:f5:67:0d:bd:ce:dc:fd:05:9c:3b:ed:99:be:58:
fb:d3:82:0b:dd:c3:42:db:b1:67:24:87:2d:5c:f0:
ab:2d:0b:3f:fd:7d:f9:ee:93:c1:11:39:90:7a:e1:
5a:a6:6e:3e:20:c9:29:f4:fd:e6:9c:94:d0:a7:ee:
b5:49:b2:72:21:52:42:b9:ff:c9:75:d1:d5:a1:33:
78:07:db:ae:00:a1:2b:f3:c9:86:30:e7:c6:0d:b8:
9b:1a:a3:e7:9e:1b:2c:03:71:61:35:d2:29:58:66:
a5:e1:85:8d:09:7d:cc:ad:72:14:51:5b:a6:a8:5a:
8d:f4:84:7e:4e:d2:df:d5:cc:b5:5e:ea:90:05:6d:
cd:47:b0:2e:20:9f:13:eb:3b:28:65:0e:18:70:5c:
7f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:20:92:94:97:77:7F:29:91:F9:6B:27:22:3C:C5:F7:84:12:9A:06
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/giCSlJd3fymR-WsnIjzF94QSmgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.68.0/24
45.67.97.0/24
45.67.99.0/24
45.91.50.0/24
188.214.208.0/24
188.241.110.0/24
Signature Algorithm: sha256WithRSAEncryption
94:d0:02:d5:60:d1:89:95:98:b2:25:11:b4:59:25:da:15:94:
b3:81:3c:f6:72:28:62:9b:36:bc:ce:0b:2b:df:ab:55:2e:3b:
f3:83:0e:60:dd:96:13:08:09:74:fa:a9:dc:48:2d:6b:64:13:
dd:fd:3a:40:15:60:af:3e:7f:2e:ab:e4:82:8c:c3:c1:1e:e5:
8f:d9:d0:2d:56:e8:54:f2:c5:78:49:8c:e9:d3:6f:de:d0:72:
c9:34:b8:14:a6:fa:1c:4a:45:16:70:92:19:c0:ec:3f:58:b6:
67:07:99:25:85:9a:75:8a:98:ef:ec:09:45:53:dd:83:db:47:
be:03:8d:9e:43:cb:4f:fd:4a:39:54:88:68:6b:b8:77:e3:a9:
dc:17:44:4c:72:37:44:7f:d7:5a:ea:ec:07:7d:13:31:39:95:
d2:84:f0:22:cf:ec:40:9a:b1:74:42:87:f8:a2:cf:40:38:89:
d5:26:05:9a:1b:aa:4c:0f:48:19:69:d5:49:93:c2:93:03:63:
84:7c:1e:b6:36:ce:72:1d:8a:35:2a:cd:ce:32:a0:0b:c7:3f:
ad:47:e5:f3:97:7f:1e:3c:af:4f:82:de:45:65:20:0d:01:04:
9c:81:93:ea:ec:0d:c8:05:01:d2:85:7a:9c:c4:a1:c9:45:18:
33:3b:96:47
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYrX1raz3s8FNoupu2Dq6anTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwOTI3MTgxMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjIwOTI5NDk3Nzc3ZjI5OTFmOTZiMjcyMjNjYzVmNzg0MTI5YTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCpe/Gn92N6YcN+NWArfj8M5q0ts
aplbiaND6ISWpFpbOPUF09Cr1/IKr0QWE2+yrpV7fCfSp2hfyPx+pqdAcwjxdP87
mPXUlYwW50pNgdXca2Kx0KxfOZB27ozceM5KORcagKGjfrhw9WcNvc7c/QWcO+2Z
vlj704IL3cNC27FnJIctXPCrLQs//X357pPBETmQeuFapm4+IMkp9P3mnJTQp+61
SbJyIVJCuf/JddHVoTN4B9uuAKEr88mGMOfGDbibGqPnnhssA3FhNdIpWGal4YWN
CX3MrXIUUVumqFqN9IR+TtLf1cy1XuqQBW3NR7AuIJ8T6zsoZQ4YcFx/hwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIIgkpSXd38pkflrJyI8xfeEEpoGMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvZ2lDU2xKZDNmeW1SLVdzbklqekY5NFFTbWdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALQhEAwQA
LUNhAwQALUNjAwQALVsyAwQAvNbQAwQAvPFuMA0GCSqGSIb3DQEBCwUAA4IBAQCU
0ALVYNGJlZiyJRG0WSXaFZSzgTz2cihimza8zgsr36tVLjvzgw5g3ZYTCAl0+qnc
SC1rZBPd/TpAFWCvPn8uq+SCjMPBHuWP2dAtVuhU8sV4SYzp02/e0HLJNLgUpvoc
SkUWcJIZwOw/WLZnB5klhZp1ipjv7AlFU92D20e+A42eQ8tP/Uo5VIhoa7h346nc
F0RMcjdEf9da6uwHfRMxOZXShPAiz+xAmrF0Qof4os9AOInVJgWaG6pMD0gZadVJ
k8KTA2OEfB62Ns5yHYo1Ks3OMqALxz+tR+Xzl38ePK9Pgt5FZSANAQScgZPq7A3I
BQHShXqcxKHJRRgzO5ZH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:47 2024 by rpki-client on console-fra.rpki-client.org