Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/h3zgbUW_WftzEFehDw0LahEkano.roa
File: h3zgbUW_WftzEFehDw0LahEkano.roa (raw, json)
Hash identifier: U5FU5ar/VV4oUl/9l0VgtfvmZLaQlXowr63SSd+WcyA=
Subject key identifier: 87:7C:E0:6D:45:BF:59:FB:73:10:57:A1:0F:0D:0B:6A:11:24:6A:7A
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B191AEC163526C751EA491EE55ED9AC4B
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/h3zgbUW_WftzEFehDw0LahEkano.roa
Signing time: Tue 10 Oct 2023 10:21:16 +0000
ROA not before: Tue 10 Oct 2023 10:21:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212477
IP address blocks: 45.123.41.0/24 maxlen: 24
45.123.42.0/23 maxlen: 24
45.141.203.0/24 maxlen: 24
45.141.200.0/23 maxlen: 24
45.141.202.0/24 maxlen: 24
185.35.138.0/24 maxlen: 24
185.35.136.0/23 maxlen: 24
2a0b:64c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 01 Dec 2023 05:36:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:19:1a:ec:16:35:26:c7:51:ea:49:1e:e5:5e:d9:ac:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 10 10:21:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=877ce06d45bf59fb731057a10f0d0b6a11246a7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d8:10:51:f9:cc:55:a1:12:73:52:06:46:ef:
4d:87:1a:ee:2a:b3:db:40:53:0d:58:28:af:6c:08:
3f:50:f6:18:56:9b:b4:f5:2a:04:aa:d1:96:d2:7d:
41:5d:ce:e3:9b:e6:b6:3c:40:9f:77:69:b7:ca:f7:
66:d3:77:69:45:a1:f5:b4:71:82:1e:29:3f:24:67:
f8:1a:e6:81:09:69:56:f0:e9:52:8b:42:18:c1:f1:
5d:60:94:8a:cf:52:c8:55:ad:d4:dc:f0:17:d4:91:
34:69:65:37:c4:f8:2d:40:dd:21:ce:36:60:2f:bc:
26:0f:07:75:f1:c9:b8:6a:70:49:13:03:1f:66:81:
49:2e:4b:29:09:0f:25:e3:25:0f:cc:ad:30:52:fd:
1f:9a:6d:3a:a9:3a:52:d1:3c:d3:78:33:41:b1:53:
f8:e8:df:43:64:c6:ab:c6:27:ee:0c:86:d4:9f:f8:
13:29:2f:b8:86:10:67:f5:7f:df:55:32:3f:4b:24:
3e:55:76:a5:e6:e8:26:9e:d4:0e:ff:58:73:f9:57:
35:16:f5:5c:3b:5e:7f:d7:80:13:e4:c0:7e:4a:0f:
f4:99:48:03:0d:57:98:8b:95:08:0f:a9:eb:11:2d:
16:75:74:aa:20:31:11:c0:e9:bb:58:17:50:81:df:
f3:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:7C:E0:6D:45:BF:59:FB:73:10:57:A1:0F:0D:0B:6A:11:24:6A:7A
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/h3zgbUW_WftzEFehDw0LahEkano.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.123.41.0-45.123.43.255
45.141.200.0/22
185.35.136.0-185.35.138.255
IPv6:
2a0b:64c0::/32
Signature Algorithm: sha256WithRSAEncryption
82:51:d6:83:2b:5f:7b:0f:7e:08:e9:50:e9:16:4e:e6:f0:1a:
0a:42:ed:67:6e:c8:32:9a:7d:a2:40:e3:bb:4c:8d:bd:d2:96:
52:74:76:59:0e:d9:d9:0f:ba:8c:29:b6:ca:3e:c5:b0:c4:4c:
07:b0:77:1c:66:52:07:f2:c4:bf:d1:9a:9a:06:0d:ce:c6:78:
28:8e:0b:32:6a:4a:2c:f0:43:55:5b:00:9a:1e:08:9b:e9:fa:
ab:5e:ce:4d:cb:e4:ca:1b:cf:68:91:60:24:23:9b:58:d2:bc:
46:1f:a5:d8:78:92:fc:93:da:ac:9d:e7:8e:ba:1c:47:94:fe:
1c:61:95:06:ab:9b:5e:49:b7:1b:35:2d:35:10:a8:9d:94:f9:
9d:83:b2:47:71:ee:bf:52:df:17:c8:9b:ca:46:c2:cf:7a:9a:
e7:27:ba:47:1a:68:6c:87:53:68:ac:ac:2d:94:02:16:93:4e:
71:7f:54:29:6c:4a:d3:bf:1a:d8:e2:26:9b:51:ec:dd:1c:98:
3a:f7:aa:4b:89:14:ce:fc:3c:6d:57:dd:bc:56:72:39:da:ff:
31:86:e7:75:90:a8:a0:30:ef:49:f8:ca:ac:ed:a3:18:d8:c1:
d1:80:6e:54:25:20:95:8d:64:89:66:07:4e:f4:cc:59:1c:0c:
02:5a:bb:94
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYsZGuwWNSbHUepJHuVe2axLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDEwMTAyMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzdjZTA2ZDQ1YmY1OWZiNzMxMDU3YTEwZjBkMGI2YTExMjQ2YTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldgQUfnMVaESc1IGRu9NhxruKrPb
QFMNWCivbAg/UPYYVpu09SoEqtGW0n1BXc7jm+a2PECfd2m3yvdm03dpRaH1tHGC
Hik/JGf4GuaBCWlW8OlSi0IYwfFdYJSKz1LIVa3U3PAX1JE0aWU3xPgtQN0hzjZg
L7wmDwd18cm4anBJEwMfZoFJLkspCQ8l4yUPzK0wUv0fmm06qTpS0TzTeDNBsVP4
6N9DZMarxifuDIbUn/gTKS+4hhBn9X/fVTI/SyQ+VXal5ugmntQO/1hz+Vc1FvVc
O15/14AT5MB+Sg/0mUgDDVeYi5UID6nrES0WdXSqIDERwOm7WBdQgd/z5wIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFId84G1Fv1n7cxBXoQ8NC2oRJGp6MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvaDN6Z2JVV19XZnR6RUZlaER3MExhaEVrYW5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAoBAIAATAiMAwDBAAteykD
BAIteygDBAItjcgwDAMEA7kjiAMEALkjijANBAIAAjAHAwUAKgtkwDANBgkqhkiG
9w0BAQsFAAOCAQEAglHWgytfew9+COlQ6RZO5vAaCkLtZ27IMpp9okDju0yNvdKW
UnR2WQ7Z2Q+6jCm2yj7FsMRMB7B3HGZSB/LEv9GamgYNzsZ4KI4LMmpKLPBDVVsA
mh4Im+n6q17OTcvkyhvPaJFgJCObWNK8Rh+l2HiS/JParJ3njrocR5T+HGGVBqub
Xkm3GzUtNRConZT5nYOyR3Huv1LfF8ibykbCz3qa5ye6RxpobIdTaKysLZQCFpNO
cX9UKWxK078a2OImm1Hs3RyYOveqS4kUzvw8bVfdvFZyOdr/MYbndZCooDDvSfjK
rO2jGNjB0YBuVCUglY1kiWYHTvTMWRwMAlq7lA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:12 2024 by rpki-client on console-ams.rpki-client.org