Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/kRjriWrOO2sAkkTaMBuXuneOfN0.roa
File: kRjriWrOO2sAkkTaMBuXuneOfN0.roa (raw, json)
Hash identifier: D1FJ/ldHbLy/ZqwjxrUHoPPqLTL484ge52eAxcaM2gY=
Subject key identifier: 91:18:EB:89:6A:CE:3B:6B:00:92:44:DA:30:1B:97:BA:77:8E:7C:DD
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018D10F35CD7194C8DD9E631DEBFB1587588
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/kRjriWrOO2sAkkTaMBuXuneOfN0.roa
Signing time: Tue 16 Jan 2024 06:26:40 +0000
ROA not before: Tue 16 Jan 2024 06:26:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 142299
IP address blocks: 188.212.158.0/23 maxlen: 24
45.141.26.0/23 maxlen: 23
89.38.101.0/24 maxlen: 24
185.241.210.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jan 2024 05:47:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:10:f3:5c:d7:19:4c:8d:d9:e6:31:de:bf:b1:58:75:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 16 06:26:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9118eb896ace3b6b009244da301b97ba778e7cdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:74:c5:1d:a8:8d:3c:54:66:b8:fd:99:8e:61:
e0:c2:77:69:96:41:6e:6b:c4:94:0d:9f:53:cc:a3:
ad:16:50:5b:30:52:a7:85:94:82:44:cc:12:04:ee:
c5:5d:07:26:b8:fe:47:48:90:33:5b:4c:84:bb:af:
07:d7:72:f8:81:76:7c:d1:90:6f:16:95:03:c0:25:
9b:fe:6e:7b:3c:82:06:c7:05:35:b3:3e:78:e3:e9:
55:be:11:b4:cc:4e:c5:5b:2b:81:28:f7:7e:d5:25:
80:80:bf:27:9a:37:df:e1:a3:62:cd:d9:2b:8f:8d:
03:1c:8b:2e:10:c4:78:46:91:8a:10:eb:26:7d:d6:
09:ea:ae:9c:11:ea:dc:24:45:94:b4:90:08:46:e7:
c7:98:61:11:d6:ce:3b:28:87:77:3e:cd:5a:6e:c7:
41:ea:e5:b8:44:48:23:01:10:f9:50:39:77:41:dd:
ff:b7:19:b2:f5:21:60:6e:d0:12:95:1a:53:67:5a:
52:a2:6b:12:09:19:c5:6f:35:60:e1:8c:ca:62:3a:
08:cf:df:94:65:4b:83:6a:60:c7:c3:d6:ec:6d:ec:
de:2e:39:31:d6:77:83:2f:f7:d8:92:05:d6:64:a9:
18:7a:c1:63:7e:55:2d:25:cc:89:2e:fa:94:34:10:
da:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:18:EB:89:6A:CE:3B:6B:00:92:44:DA:30:1B:97:BA:77:8E:7C:DD
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/kRjriWrOO2sAkkTaMBuXuneOfN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.26.0/23
89.38.101.0/24
185.241.210.0/24
188.212.158.0/23
Signature Algorithm: sha256WithRSAEncryption
59:0d:d7:92:30:0b:d7:91:79:d1:34:48:62:54:31:8c:11:b8:
a4:69:3e:8e:5c:7a:d2:b1:e5:d6:a5:5f:b6:eb:29:9f:97:fe:
6a:ea:cd:d6:ba:76:52:0f:e5:72:50:eb:ea:15:91:88:3c:9c:
22:de:52:2e:ab:fb:da:bf:91:63:69:b0:59:68:77:fb:de:2e:
64:d0:e3:dd:0b:34:40:19:e4:d1:bd:a0:83:c3:20:4f:7a:be:
bd:f8:89:a6:cd:72:35:a9:af:0b:9a:b7:8d:45:dd:7b:ff:ab:
da:0f:0b:cb:bb:3c:6b:13:69:77:cf:66:c6:49:dc:41:8b:d2:
d5:e9:b8:d5:f5:b7:57:86:e0:21:f3:c9:a7:27:5d:04:f2:f6:
44:08:f3:13:b4:db:7f:64:99:4d:a1:b8:29:10:9b:b8:fd:83:
7b:f7:99:8b:2d:ae:d0:af:65:af:38:49:d3:4e:50:0c:07:e4:
7c:65:0b:a9:c6:a2:ba:1a:7c:02:ea:69:79:65:fe:b3:8d:60:
aa:22:36:81:82:3b:23:ee:1a:5e:d6:e3:35:ed:41:89:0a:00:
6d:95:9f:65:7f:98:6c:55:6e:be:40:22:36:f5:07:31:78:37:
41:25:4e:51:98:2a:5e:8f:0d:6b:40:bc:df:04:f1:e5:c6:de:
07:72:ed:05
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY0Q81zXGUyN2eYx3r+xWHWIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTE2MDYyNjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTE4ZWI4OTZhY2UzYjZiMDA5MjQ0ZGEzMDFiOTdiYTc3OGU3Y2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3TFHaiNPFRmuP2ZjmHgwndplkFu
a8SUDZ9TzKOtFlBbMFKnhZSCRMwSBO7FXQcmuP5HSJAzW0yEu68H13L4gXZ80ZBv
FpUDwCWb/m57PIIGxwU1sz544+lVvhG0zE7FWyuBKPd+1SWAgL8nmjff4aNizdkr
j40DHIsuEMR4RpGKEOsmfdYJ6q6cEercJEWUtJAIRufHmGER1s47KId3Ps1absdB
6uW4REgjARD5UDl3Qd3/txmy9SFgbtASlRpTZ1pSomsSCRnFbzVg4YzKYjoIz9+U
ZUuDamDHw9bsbezeLjkx1neDL/fYkgXWZKkYesFjflUtJcyJLvqUNBDagwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJEY64lqzjtrAJJE2jAbl7p3jnzdMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEva1JqcmlXck9PMnNBa2tUYU1CdVh1bmVPZk4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLY0aAwQA
WSZlAwQAufHSAwQBvNSeMA0GCSqGSIb3DQEBCwUAA4IBAQBZDdeSMAvXkXnRNEhi
VDGMEbikaT6OXHrSseXWpV+26ymfl/5q6s3WunZSD+VyUOvqFZGIPJwi3lIuq/va
v5FjabBZaHf73i5k0OPdCzRAGeTRvaCDwyBPer69+ImmzXI1qa8LmreNRd17/6va
DwvLuzxrE2l3z2bGSdxBi9LV6bjV9bdXhuAh88mnJ10E8vZECPMTtNt/ZJlNobgp
EJu4/YN795mLLa7Qr2WvOEnTTlAMB+R8ZQupxqK6GnwC6ml5Zf6zjWCqIjaBgjsj
7hpe1uM17UGJCgBtlZ9lf5hsVW6+QCI29QcxeDdBJU5RmCpejw1rQLzfBPHlxt4H
cu0F
-----END CERTIFICATE-----
Generated at Tue Jan 23 06:49:13 2024 by rpki-client on console-fra.rpki-client.org