Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mZDzGqeQ9DI0uBG3uaApMzpbjHg.roa
File: mZDzGqeQ9DI0uBG3uaApMzpbjHg.roa (raw, json)
Hash identifier: N8gv4OMFQL/Ka7MHiDp+jVbzSWCC5M2ZuG22tWK7GNQ=
Subject key identifier: 99:90:F3:1A:A7:90:F4:32:34:B8:11:B7:B9:A0:29:33:3A:5B:8C:78
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01862BE41986AF3E3428BC8C69ED4030210C
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mZDzGqeQ9DI0uBG3uaApMzpbjHg.roa
Signing time: Tue 07 Feb 2023 12:40:14 +0000
ROA not before: Tue 07 Feb 2023 12:40:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 185.198.243.0/24 maxlen: 24
185.192.69.0/24 maxlen: 24
185.165.45.0/24 maxlen: 24
185.217.117.0/24 maxlen: 24
185.198.240.0/24 maxlen: 24
45.80.157.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2b:e4:19:86:af:3e:34:28:bc:8c:69:ed:40:30:21:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 7 12:40:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9990f31aa790f43234b811b7b9a029333a5b8c78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:bb:38:b9:bb:56:de:89:da:e1:3b:fb:5c:dc:
c9:30:f0:b3:03:a4:55:95:d4:f3:6e:aa:ed:7d:b2:
7b:66:40:94:40:2c:40:f3:e7:36:18:ab:ef:6f:4e:
48:ed:fc:69:99:ca:7e:dd:e6:63:01:26:cd:54:24:
69:54:7e:d9:60:c1:33:a2:1b:19:35:04:19:be:eb:
ff:e5:19:86:c7:97:d2:24:dd:5d:d9:7a:84:a8:82:
51:5b:af:b8:b6:ba:11:28:5b:88:46:30:a1:20:9a:
0d:6d:b6:c1:46:61:06:3f:9a:d4:0c:ee:59:04:96:
9a:17:fb:0d:3e:50:3d:8f:c4:5f:b5:a6:56:c9:75:
f6:4e:6c:da:18:4d:c9:5b:34:b6:98:87:d9:58:67:
17:da:be:80:3b:ea:25:95:8e:d6:11:6c:b7:0b:0a:
06:55:b4:70:5a:42:29:1b:7a:85:2f:04:7d:7d:2d:
88:99:20:17:fa:b7:90:34:5b:8c:30:a6:b1:a5:5f:
d1:ce:90:74:0c:1f:c2:a3:84:30:2c:69:21:9d:e2:
40:9b:34:f9:3b:75:59:ce:75:70:93:82:c3:d9:99:
56:a2:c8:69:6a:a4:73:a1:80:16:60:4f:84:5c:8a:
7d:60:61:85:d6:b4:04:22:d5:c2:e4:e4:21:6a:61:
0f:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:90:F3:1A:A7:90:F4:32:34:B8:11:B7:B9:A0:29:33:3A:5B:8C:78
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mZDzGqeQ9DI0uBG3uaApMzpbjHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.157.0/24
185.165.45.0/24
185.192.69.0/24
185.198.240.0/24
185.198.243.0/24
185.217.117.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:26:76:1e:f2:d6:69:29:3b:88:c9:63:5a:c0:8c:b1:b2:1e:
26:8a:a1:8a:21:5e:38:ee:a6:2d:01:5b:28:ef:f4:83:96:ff:
96:8d:ab:4a:46:b7:fb:1c:04:13:c6:8c:8a:db:8e:2a:ad:2c:
a3:11:e8:8b:16:e2:79:9f:8b:42:58:cf:0d:d9:77:29:b5:85:
2c:d8:7a:dc:69:28:6c:9b:7b:9a:23:10:5d:c8:c7:05:d5:75:
1e:fa:aa:0c:23:3d:07:ac:87:62:2f:9c:d0:3f:6b:59:15:34:
74:84:6f:e8:a3:60:b2:96:39:a9:bf:ff:25:63:38:96:a1:c5:
26:77:93:d8:34:69:51:b2:97:71:3e:6a:a1:30:57:a5:8c:09:
28:c2:86:a8:29:c6:d5:90:cd:be:98:0e:74:ae:79:af:b2:f6:
13:61:00:9e:9c:7b:58:2d:c4:34:a5:da:78:24:75:1e:9e:74:
3c:43:eb:32:b4:08:5e:a2:85:d6:5f:cd:f4:f2:29:b5:32:1c:
14:5c:2c:0b:f6:92:9f:48:b2:74:18:0b:cf:1f:b2:9f:be:c1:
99:71:28:1a:d6:f7:5a:92:30:a3:73:af:a9:46:34:31:21:70:
f6:83:88:13:2a:da:4e:a8:0d:63:ff:9f:9b:7a:7b:1d:9b:ad:
de:d1:7e:97
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYYr5BmGrz40KLyMae1AMCEMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjA3MTI0MDE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTkwZjMxYWE3OTBmNDMyMzRiODExYjdiOWEwMjkzMzNhNWI4Yzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7s4ubtW3ona4Tv7XNzJMPCzA6RV
ldTzbqrtfbJ7ZkCUQCxA8+c2GKvvb05I7fxpmcp+3eZjASbNVCRpVH7ZYMEzohsZ
NQQZvuv/5RmGx5fSJN1d2XqEqIJRW6+4troRKFuIRjChIJoNbbbBRmEGP5rUDO5Z
BJaaF/sNPlA9j8RftaZWyXX2TmzaGE3JWzS2mIfZWGcX2r6AO+ollY7WEWy3CwoG
VbRwWkIpG3qFLwR9fS2ImSAX+reQNFuMMKaxpV/RzpB0DB/Co4QwLGkhneJAmzT5
O3VZznVwk4LD2ZlWoshpaqRzoYAWYE+EXIp9YGGF1rQEItXC5OQhamEPVwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJmQ8xqnkPQyNLgRt7mgKTM6W4x4MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbVpEekdxZVE5REkwdUJHM3VhQXBNenBiakhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALVCdAwQA
uaUtAwQAucBFAwQAucbwAwQAucbzAwQAudl1MA0GCSqGSIb3DQEBCwUAA4IBAQBM
JnYe8tZpKTuIyWNawIyxsh4miqGKIV447qYtAVso7/SDlv+WjatKRrf7HAQTxoyK
244qrSyjEeiLFuJ5n4tCWM8N2XcptYUs2HrcaShsm3uaIxBdyMcF1XUe+qoMIz0H
rIdiL5zQP2tZFTR0hG/oo2Cyljmpv/8lYziWocUmd5PYNGlRspdxPmqhMFeljAko
woaoKcbVkM2+mA50rnmvsvYTYQCenHtYLcQ0pdp4JHUennQ8Q+sytAheooXWX830
8im1MhwUXCwL9pKfSLJ0GAvPH7KfvsGZcSga1vdakjCjc6+pRjQxIXD2g4gTKtpO
qA1j/5+bensdm63e0X6X
-----END CERTIFICATE-----
Generated at Tue Sep 19 09:34:02 2023 by rpki-client on console-ams.rpki-client.org