Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/iAVtjxSrMMatJVqRk5eVZZrrlXM.roa
File: iAVtjxSrMMatJVqRk5eVZZrrlXM.roa (raw, json)
Hash identifier: vB29tueE6nlaAHsymWF/cp/T+I5N9XIsGEMMZ0JL7f4=
Subject key identifier: 88:05:6D:8F:14:AB:30:C6:AD:25:5A:91:93:97:95:65:9A:EB:95:73
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018857BA4370284E894357FC9D6BECBED335
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/iAVtjxSrMMatJVqRk5eVZZrrlXM.roa
Signing time: Fri 26 May 2023 11:03:24 +0000
ROA not before: Fri 26 May 2023 11:03:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212411
IP address blocks: 45.129.133.0/24 maxlen: 24
188.241.242.0/24 maxlen: 24
62.197.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Jul 2023 04:28:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:57:ba:43:70:28:4e:89:43:57:fc:9d:6b:ec:be:d3:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 26 11:03:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88056d8f14ab30c6ad255a91939795659aeb9573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d8:82:db:bc:21:82:90:ec:b8:bb:be:ac:ef:
ce:a3:f4:c8:cc:58:f5:eb:4c:bb:6b:97:76:b1:97:
a6:85:9f:58:e0:55:35:ba:6c:20:97:27:72:15:36:
e8:69:7a:17:45:63:da:23:64:e0:f2:1a:b6:98:5c:
db:35:da:2d:90:e8:49:54:0e:2c:bb:e7:6b:23:84:
0a:76:cd:01:ea:f3:9c:10:2e:4a:d4:e7:d4:dc:67:
07:9f:c7:2e:c8:00:d8:e1:d7:24:db:56:24:e3:94:
e2:67:47:c3:02:45:77:e5:0e:1c:b8:38:00:7a:4b:
ae:ae:00:d8:93:3f:70:15:13:c5:9c:35:13:4e:bc:
c5:cc:49:75:50:89:c5:76:c4:30:d7:72:89:c7:22:
88:44:aa:24:07:37:6b:83:e9:b5:8a:b8:ad:9e:9b:
24:43:3c:46:d2:a6:52:d5:1f:68:1b:dc:96:fe:62:
7b:75:76:7c:4e:94:f0:8f:d4:09:27:d5:ce:a2:1c:
18:b6:dd:8e:8f:e2:4a:3a:7f:66:c9:bc:61:b1:27:
da:75:d8:8a:a0:62:48:7d:6a:84:a8:0f:15:4f:82:
01:31:ed:d0:57:80:79:7e:51:ca:95:75:7f:e1:fc:
b7:50:a6:95:05:90:1e:3c:9c:de:d2:85:60:e6:1e:
c2:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:05:6D:8F:14:AB:30:C6:AD:25:5A:91:93:97:95:65:9A:EB:95:73
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/iAVtjxSrMMatJVqRk5eVZZrrlXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.133.0/24
62.197.129.0/24
188.241.242.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:e6:b1:2a:b8:29:f5:1d:d0:67:7d:15:be:b4:65:5d:75:80:
9a:48:e1:f8:6e:ab:28:0e:37:cf:52:41:0d:de:97:9f:63:ec:
a7:d2:3d:fb:64:ad:01:ce:8c:f0:69:e0:70:57:b7:a1:e3:76:
a6:54:23:6e:a9:98:cb:33:5f:41:11:16:bc:7b:68:aa:3a:e1:
ed:68:14:94:55:1f:4f:dc:f0:e7:82:67:ed:1f:b0:bd:ed:2a:
47:8d:05:f0:9e:7e:cb:97:d9:c8:1e:8f:0a:f6:eb:4e:1c:06:
3a:b6:5a:d8:46:56:9d:75:c9:21:54:d9:df:b7:7f:9e:d7:61:
ea:08:e9:0a:7b:fd:d9:33:cc:53:71:41:1a:3b:93:ca:aa:c8:
67:24:ce:2e:34:65:e2:38:92:b7:72:15:59:df:e0:25:f0:46:
dd:e6:6d:76:b9:b6:d8:3b:60:44:58:1b:88:ba:82:07:75:d2:
36:e5:4f:08:72:02:1b:0a:32:12:c4:34:9b:ce:4a:e9:5c:ac:
67:9b:bf:e1:90:82:34:a1:7b:9f:4e:53:e5:0c:47:b4:63:57:
f7:f9:ef:80:7b:a3:e3:da:54:cb:ee:1b:45:45:f4:86:c1:c0:
07:2f:ef:8f:26:4b:c4:24:b0:74:7b:a4:95:05:e8:1d:7c:1c:
27:4f:0e:ee
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYhXukNwKE6JQ1f8nWvsvtM1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTI2MTEwMzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODA1NmQ4ZjE0YWIzMGM2YWQyNTVhOTE5Mzk3OTU2NTlhZWI5NTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdiC27whgpDsuLu+rO/Oo/TIzFj1
60y7a5d2sZemhZ9Y4FU1umwglydyFTboaXoXRWPaI2Tg8hq2mFzbNdotkOhJVA4s
u+drI4QKds0B6vOcEC5K1OfU3GcHn8cuyADY4dck21Yk45TiZ0fDAkV35Q4cuDgA
ekuurgDYkz9wFRPFnDUTTrzFzEl1UInFdsQw13KJxyKIRKokBzdrg+m1iritnpsk
QzxG0qZS1R9oG9yW/mJ7dXZ8TpTwj9QJJ9XOohwYtt2Oj+JKOn9mybxhsSfaddiK
oGJIfWqEqA8VT4IBMe3QV4B5flHKlXV/4fy3UKaVBZAePJze0oVg5h7CDwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIgFbY8UqzDGrSVakZOXlWWa65VzMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvaUFWdGp4U3JNTWF0SlZxUms1ZVZaWnJybFhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYGFAwQA
PsWBAwQAvPHyMA0GCSqGSIb3DQEBCwUAA4IBAQA95rEquCn1HdBnfRW+tGVddYCa
SOH4bqsoDjfPUkEN3pefY+yn0j37ZK0BzozwaeBwV7eh43amVCNuqZjLM19BERa8
e2iqOuHtaBSUVR9P3PDngmftH7C97SpHjQXwnn7Ll9nIHo8K9utOHAY6tlrYRlad
dckhVNnft3+e12HqCOkKe/3ZM8xTcUEaO5PKqshnJM4uNGXiOJK3chVZ3+Al8Ebd
5m12ubbYO2BEWBuIuoIHddI25U8IcgIbCjISxDSbzkrpXKxnm7/hkII0oXufTlPl
DEe0Y1f3+e+Ae6Pj2lTL7htFRfSGwcAHL++PJkvEJLB0e6SVBegdfBwnTw7u
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:12 2024 by rpki-client on console-ams.rpki-client.org