Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/imwlk6TOc39mu0kUTdPmuAE0tYg.roa
File: imwlk6TOc39mu0kUTdPmuAE0tYg.roa (raw, json)
Hash identifier: K406uKhercaHGn+LK1rrOkzbu+frr7QthBunoM6Z62c=
Subject key identifier: 8A:6C:25:93:A4:CE:73:7F:66:BB:49:14:4D:D3:E6:B8:01:34:B5:88
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01861D6E8D9C10398CAA4B2C50BD6042544B
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/imwlk6TOc39mu0kUTdPmuAE0tYg.roa
Signing time: Sat 04 Feb 2023 17:17:09 +0000
ROA not before: Sat 04 Feb 2023 17:17:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38337
IP address blocks: 92.114.85.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.94.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
45.156.159.0/24 maxlen: 24
185.255.37.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Feb 2023 08:42:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:1d:6e:8d:9c:10:39:8c:aa:4b:2c:50:bd:60:42:54:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 4 17:17:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a6c2593a4ce737f66bb49144dd3e6b80134b588
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:69:db:8f:27:d4:71:29:a0:d8:66:1e:6c:06:
8b:94:d3:df:86:5e:55:eb:64:69:89:9c:d9:e8:d3:
75:17:2c:10:33:93:da:24:5f:35:28:ce:ed:78:6c:
1b:ae:ba:36:d5:16:b4:88:8e:e6:3b:32:92:f1:be:
fb:06:b2:a5:0e:d1:6d:54:ef:23:8b:38:51:47:9b:
4c:63:4c:b5:a0:97:35:06:89:a7:e5:73:6d:bc:cb:
6b:db:0d:72:27:58:a8:da:67:b0:d4:c3:01:39:88:
e5:3d:2a:10:d4:bc:74:04:8a:6c:7b:74:d1:fa:b3:
96:de:fa:89:52:93:ae:e4:95:ae:67:d6:95:5c:73:
04:3f:fb:21:2a:3f:97:50:74:4c:f2:61:79:85:b4:
02:1d:91:b2:68:1f:9f:81:d1:eb:84:11:16:8c:70:
f2:c3:90:61:5a:e5:de:69:36:79:2e:05:99:3d:43:
68:82:ff:df:2a:ff:3b:d5:4b:56:2d:6f:17:5c:ee:
ac:22:49:01:18:82:8f:ae:c0:b2:1a:0b:bc:5b:a1:
39:05:3b:a9:a0:5c:fc:a8:99:fa:34:6c:38:82:43:
5e:ff:89:43:67:01:68:f3:d3:99:63:55:99:0b:0d:
66:2f:a9:0e:a6:fe:12:74:a1:91:eb:fc:fc:e7:8c:
e1:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:6C:25:93:A4:CE:73:7F:66:BB:49:14:4D:D3:E6:B8:01:34:B5:88
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/imwlk6TOc39mu0kUTdPmuAE0tYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.159.0/24
92.114.85.0/24
185.135.143.0/24
185.255.37.0/24
188.240.225.0/24
193.23.128.0/23
213.232.94.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:b1:6b:68:89:ac:5f:94:bf:9c:82:4d:89:4a:c6:a1:63:21:
b1:8f:de:ba:87:6a:04:8b:a7:39:d1:d3:67:14:ca:f5:dd:30:
11:20:a4:ac:5f:0b:64:e8:55:09:f7:f2:83:f7:57:c4:a3:9d:
9b:0d:8a:89:4c:83:26:e4:11:88:7d:23:d4:1e:cb:49:2f:14:
00:81:65:ae:d9:71:6a:f7:89:6b:10:05:e5:e3:e7:c7:97:c6:
d2:c5:75:68:4e:eb:83:4e:af:1d:4c:02:40:10:91:50:6c:e1:
99:a9:70:a4:44:24:ec:16:85:3e:1a:ba:f5:f2:72:11:bb:0b:
a6:4e:72:e2:1c:33:a5:d9:10:3d:86:e7:a4:08:21:9b:cc:a1:
66:da:12:2e:53:7e:98:7d:91:ba:70:a0:d6:d3:97:20:e4:9e:
c2:15:63:1a:83:90:a3:3e:9b:5f:ba:be:a8:d8:82:d0:1b:c5:
79:62:6e:5f:01:6f:63:c0:db:ce:6d:a9:1a:fe:05:72:af:14:
3b:cb:f3:c2:bd:38:df:c2:6c:59:d8:cd:83:73:6d:cc:83:80:
65:eb:2d:41:6c:80:2e:e6:df:d1:69:22:0a:a4:09:29:36:b2:
e2:71:cf:b3:b0:1a:0e:7a:4a:1b:09:29:cc:fb:cf:63:3c:54:
e7:22:6d:5d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYYdbo2cEDmMqkssUL1gQlRLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjA0MTcxNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTZjMjU5M2E0Y2U3MzdmNjZiYjQ5MTQ0ZGQzZTZiODAxMzRiNTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2nbjyfUcSmg2GYebAaLlNPfhl5V
62RpiZzZ6NN1FywQM5PaJF81KM7teGwbrro21Ra0iI7mOzKS8b77BrKlDtFtVO8j
izhRR5tMY0y1oJc1Bomn5XNtvMtr2w1yJ1io2mew1MMBOYjlPSoQ1Lx0BIpse3TR
+rOW3vqJUpOu5JWuZ9aVXHMEP/shKj+XUHRM8mF5hbQCHZGyaB+fgdHrhBEWjHDy
w5BhWuXeaTZ5LgWZPUNogv/fKv871UtWLW8XXO6sIkkBGIKPrsCyGgu8W6E5BTup
oFz8qJn6NGw4gkNe/4lDZwFo89OZY1WZCw1mL6kOpv4SdKGR6/z854zhrQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIpsJZOkznN/ZrtJFE3T5rgBNLWIMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvaW13bGs2VE9jMzltdTBrVVRkUG11QUUwdFlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALZyfAwQA
XHJVAwQAuYePAwQAuf8lAwQAvPDhAwQBwReAAwQA1eheMA0GCSqGSIb3DQEBCwUA
A4IBAQBrsWtoiaxflL+cgk2JSsahYyGxj966h2oEi6c50dNnFMr13TARIKSsXwtk
6FUJ9/KD91fEo52bDYqJTIMm5BGIfSPUHstJLxQAgWWu2XFq94lrEAXl4+fHl8bS
xXVoTuuDTq8dTAJAEJFQbOGZqXCkRCTsFoU+Grr18nIRuwumTnLiHDOl2RA9huek
CCGbzKFm2hIuU36YfZG6cKDW05cg5J7CFWMag5CjPptfur6o2ILQG8V5Ym5fAW9j
wNvObaka/gVyrxQ7y/PCvTjfwmxZ2M2Dc23Mg4Bl6y1BbIAu5t/RaSIKpAkpNrLi
cc+zsBoOekobCSnM+89jPFTnIm1d
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:13 2024 by rpki-client on console-ams.rpki-client.org