Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/k-4u-br12dIDqs_djmGdgxWakdQ.roa
File: k-4u-br12dIDqs_djmGdgxWakdQ.roa (raw, json)
Hash identifier: PnkBPxu4mM9qtahT9Z1AzPW2VIBwoIC2dSRE/dehLco=
Subject key identifier: 93:EE:2E:F9:BA:F5:D9:D2:03:AA:CF:DD:8E:61:9D:83:15:9A:91:D4
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CCE000C2D314BDF1B51B66E6E11A7B5DE
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/k-4u-br12dIDqs_djmGdgxWakdQ.roa
Signing time: Wed 03 Jan 2024 06:25:58 +0000
ROA not before: Wed 03 Jan 2024 06:25:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.241.182.0/24 maxlen: 24
188.214.208.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.254.0/23 maxlen: 24
89.40.76.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 13:38:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ce:00:0c:2d:31:4b:df:1b:51:b6:6e:6e:11:a7:b5:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 3 06:25:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93ee2ef9baf5d9d203aacfdd8e619d83159a91d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b8:16:71:7e:ab:cd:34:3a:0e:b8:7f:c2:1f:
8b:00:cd:12:bf:e4:50:0b:15:e2:d9:80:c8:fe:d4:
44:f1:b7:37:54:0c:a8:a0:0b:0f:4d:25:c1:05:1e:
81:1a:60:1f:fa:58:48:56:4d:d1:4b:bf:7a:07:13:
eb:84:82:00:f9:2a:cc:e4:9d:97:9a:9f:d3:05:52:
bc:5e:5a:71:f8:48:ee:7b:dd:95:10:40:fc:5f:bf:
5f:d5:c3:c4:d0:b5:2f:95:b1:58:37:08:e0:b0:0e:
a4:af:b0:85:e7:ea:3f:35:e1:30:de:5e:47:3d:dc:
2e:3d:e9:dc:90:cc:37:0e:eb:b9:a0:d5:d2:d2:4f:
2d:2c:39:a7:fb:83:e9:67:aa:56:9c:96:3b:13:ed:
c3:f4:27:bf:fe:40:ec:fb:42:d7:30:b6:13:eb:f9:
ac:7a:39:0a:8c:fc:a5:6d:2f:fd:90:fd:0a:85:08:
3b:83:a7:31:63:b0:21:59:af:e7:6b:8a:96:61:4d:
6a:45:0a:48:77:73:94:c5:a3:35:0d:d7:f3:31:fd:
a9:aa:48:ac:ab:3d:c7:e2:c9:07:28:c3:aa:c9:4b:
81:0c:02:e9:06:24:cb:65:7a:c5:a7:d3:23:fc:b6:
0d:1e:05:92:98:31:80:0a:54:63:cd:c7:49:c8:b2:
75:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:EE:2E:F9:BA:F5:D9:D2:03:AA:CF:DD:8E:61:9D:83:15:9A:91:D4
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/k-4u-br12dIDqs_djmGdgxWakdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
87.247.148.0/22
89.33.84.0/23
89.35.154.0/24
89.37.62.0/23
89.40.76.0/24
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.168.0/22
188.212.133.0/24
188.212.158.0/23
188.214.208.0/23
188.240.224.0/23
188.240.227.0/24
188.241.110.0/24
188.241.182.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:5c:54:c5:fb:67:da:f7:e4:08:dc:04:11:0b:a3:d6:59:53:
46:23:db:27:09:64:69:09:90:c5:b6:1b:d0:62:9e:49:c1:ef:
9e:b8:ef:a5:2a:0a:91:dc:4d:2a:16:50:de:b8:25:04:26:b4:
2d:91:2e:69:d9:e9:51:0e:13:86:e1:bd:3d:1c:b5:bb:89:a0:
f7:7d:aa:d4:61:e9:9b:ce:5d:10:b8:24:96:66:df:c5:02:c6:
de:6b:e4:9f:61:af:05:3c:b0:36:80:e1:5d:9a:42:90:93:ee:
bf:f9:d5:60:91:4b:9f:5c:03:fc:d8:cd:92:e1:87:0c:42:70:
33:dd:22:01:bd:48:a1:4c:03:e4:5d:85:ba:d6:2d:46:33:dd:
ea:e5:a8:04:36:4b:d4:e5:7a:34:64:09:a8:00:06:14:6a:be:
3e:02:9d:40:76:e9:59:30:72:c1:25:b8:1a:02:60:ae:00:3e:
2d:9e:75:dc:96:5b:39:08:e0:c6:cc:a2:d1:7d:13:5c:07:7e:
b5:a0:5b:cd:c3:cf:b5:e3:bc:7d:96:f2:fb:dd:f9:25:61:7e:
e2:fe:38:12:aa:a2:da:bd:50:cc:bf:e7:bc:75:c0:35:79:0f:
b5:d0:34:2a:b0:fc:24:44:9d:53:b1:dd:ac:0b:a7:11:9f:1f:
f4:a9:84:9d
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYzOAAwtMUvfG1G2bm4Rp7XeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAzMDYyNTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2VlMmVmOWJhZjVkOWQyMDNhYWNmZGQ4ZTYxOWQ4MzE1OWE5MWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7gWcX6rzTQ6Drh/wh+LAM0Sv+RQ
CxXi2YDI/tRE8bc3VAyooAsPTSXBBR6BGmAf+lhIVk3RS796BxPrhIIA+SrM5J2X
mp/TBVK8Xlpx+Ejue92VEED8X79f1cPE0LUvlbFYNwjgsA6kr7CF5+o/NeEw3l5H
PdwuPenckMw3Duu5oNXS0k8tLDmn+4PpZ6pWnJY7E+3D9Ce//kDs+0LXMLYT6/ms
ejkKjPylbS/9kP0KhQg7g6cxY7AhWa/na4qWYU1qRQpId3OUxaM1DdfzMf2pqkis
qz3H4skHKMOqyUuBDALpBiTLZXrFp9Mj/LYNHgWSmDGAClRjzcdJyLJ16QIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFJPuLvm69dnSA6rP3Y5hnYMVmpHUMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvay00dS1icjEyZElEcXNfZGptR2RneFdha2RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBAIt
krgDBAAtnJ0DBAJX95QDBAFZIVQDBABZI5oDBAFZJT4DBABZKEwDBAJbvMwDBAFd
c/4DBAG5h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAK5/6gDBAC81IUDBAG8
1J4DBAG81tADBAG88OADBAC88OMDBAC88W4DBAC88bYDBAC88fMDBAHBF4ADBALV
6FwwDQYJKoZIhvcNAQELBQADggEBAEtcVMX7Z9r35AjcBBELo9ZZU0Yj2ycJZGkJ
kMW2G9BinknB756476UqCpHcTSoWUN64JQQmtC2RLmnZ6VEOE4bhvT0ctbuJoPd9
qtRh6ZvOXRC4JJZm38UCxt5r5J9hrwU8sDaA4V2aQpCT7r/51WCRS59cA/zYzZLh
hwxCcDPdIgG9SKFMA+RdhbrWLUYz3erlqAQ2S9TlejRkCagABhRqvj4CnUB26Vkw
csEluBoCYK4APi2eddyWWzkI4MbMotF9E1wHfrWgW83Dz7XjvH2W8vvd+SVhfuL+
OBKqotq9UMy/57x1wDV5D7XQNCqw/CREnVOx3awLpxGfH/SphJ0=
-----END CERTIFICATE-----
Generated at Wed Jan 10 16:51:22 2024 by rpki-client on console-ams.rpki-client.org