Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/nBcOoHOJc3Pt4x_76uBVlUSBhCw.roa
File: nBcOoHOJc3Pt4x_76uBVlUSBhCw.roa (raw, json)
Hash identifier: JXyKKUhwfOGea2IX7RwO4q8QCwY2dUn5LC7E0qVQras=
Subject key identifier: 9C:17:0E:A0:73:89:73:73:ED:E3:1F:FB:EA:E0:55:95:44:81:84:2C
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018C1ED6C8EEAA6B3C8096363B8C7E224AA1
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/nBcOoHOJc3Pt4x_76uBVlUSBhCw.roa
Signing time: Thu 30 Nov 2023 06:07:21 +0000
ROA not before: Thu 30 Nov 2023 06:07:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 45.91.50.0/24 maxlen: 24
45.8.68.0/24 maxlen: 24
45.67.97.0/24 maxlen: 24
45.67.99.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Dec 2023 12:12:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1e:d6:c8:ee:aa:6b:3c:80:96:36:3b:8c:7e:22:4a:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 30 06:07:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c170ea073897373ede31ffbeae055954481842c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:98:64:db:cf:c8:c2:e5:f5:c7:b3:06:3a:58:
97:69:7c:6b:87:70:f2:d2:28:76:c2:64:04:94:95:
4e:28:2a:db:8b:ee:44:92:9d:af:ee:67:fd:e0:24:
19:4f:f9:55:15:76:20:b8:da:1d:a9:26:07:e0:f3:
e3:86:83:7f:50:6a:2b:97:9a:e2:b1:89:d7:86:05:
97:b5:a6:86:3d:73:dd:35:8c:cc:96:de:41:06:58:
f8:2f:76:93:6a:63:01:a7:9c:0d:fe:94:86:54:87:
a9:b0:09:9f:93:4c:a1:22:cb:b5:8c:60:6e:60:a4:
6a:35:57:b4:82:42:20:17:33:ac:e9:7d:0e:25:80:
8e:7b:bc:eb:65:60:36:91:29:c7:a2:49:40:35:60:
b6:53:d3:31:cc:77:5d:fb:ea:7d:ff:e4:e4:96:df:
d0:c8:c3:51:12:3f:54:0c:45:2a:11:88:fe:c6:78:
77:da:bf:86:56:b0:2d:0b:04:67:fb:2f:2c:9a:c2:
1e:e2:7e:4a:08:21:df:9c:15:3c:72:0c:3c:3d:bf:
48:75:b0:75:fa:ff:66:13:0c:d7:93:fe:05:40:65:
c7:64:50:d8:3d:15:c8:57:83:ae:6a:68:2e:9d:19:
da:cb:b2:e8:33:65:35:03:2b:d1:88:5e:4c:96:9c:
dc:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:17:0E:A0:73:89:73:73:ED:E3:1F:FB:EA:E0:55:95:44:81:84:2C
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/nBcOoHOJc3Pt4x_76uBVlUSBhCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.68.0/24
45.67.97.0/24
45.67.99.0/24
45.91.50.0/24
188.241.110.0/24
Signature Algorithm: sha256WithRSAEncryption
88:4a:c7:e0:a5:58:c2:37:f8:08:a0:98:a8:22:65:4a:75:8d:
43:6a:59:6f:d1:ba:bc:15:c0:bf:be:13:96:27:35:8c:90:af:
17:24:15:9e:30:ed:fa:a6:24:2b:9b:6d:85:2c:a3:05:0b:35:
b4:60:50:7c:5b:ba:e3:9a:2f:1b:7f:ad:7e:89:08:ea:be:22:
8a:ff:44:fa:6e:3e:20:cd:61:a1:ea:89:04:71:b5:dc:b4:70:
7f:66:0c:84:21:25:e8:c8:88:f2:ae:2d:e1:ff:3c:60:6f:25:
f7:a0:4d:fc:9a:64:47:f0:ed:a2:4b:c1:b2:f9:4b:f9:63:5b:
26:36:fd:38:59:dc:2f:f7:e8:ee:40:0b:ec:15:87:1b:54:b8:
f0:8f:85:2c:ff:3d:61:be:0f:64:e7:dd:a2:2e:6b:34:ce:d6:
e2:ab:d4:ae:2a:1d:d6:13:2d:2d:f6:27:6f:71:7d:a2:73:97:
d0:e6:87:f1:e2:91:c6:36:10:1d:8e:59:2a:61:93:9f:ce:d6:
8d:9c:25:d4:b7:6b:2d:88:a6:6d:5c:a6:f7:39:2a:4f:7b:c9:
d7:fd:35:86:8a:fe:bf:9a:54:2d:f5:b7:31:b7:8c:b3:aa:a1:
46:62:5e:0e:6f:7a:05:26:a5:15:61:a5:0c:7e:ec:12:86:d1:
de:a1:af:75
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYwe1sjuqms8gJY2O4x+IkqhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTMwMDYwNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzE3MGVhMDczODk3MzczZWRlMzFmZmJlYWUwNTU5NTQ0ODE4NDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJhk28/IwuX1x7MGOliXaXxrh3Dy
0ih2wmQElJVOKCrbi+5Ekp2v7mf94CQZT/lVFXYguNodqSYH4PPjhoN/UGorl5ri
sYnXhgWXtaaGPXPdNYzMlt5BBlj4L3aTamMBp5wN/pSGVIepsAmfk0yhIsu1jGBu
YKRqNVe0gkIgFzOs6X0OJYCOe7zrZWA2kSnHoklANWC2U9MxzHdd++p9/+Tklt/Q
yMNREj9UDEUqEYj+xnh32r+GVrAtCwRn+y8smsIe4n5KCCHfnBU8cgw8Pb9IdbB1
+v9mEwzXk/4FQGXHZFDYPRXIV4OuamgunRnay7LoM2U1AyvRiF5MlpzcIwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJwXDqBziXNz7eMf++rgVZVEgYQsMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbkJjT29IT0pjM1B0NHhfNzZ1QlZsVVNCaEN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQhEAwQA
LUNhAwQALUNjAwQALVsyAwQAvPFuMA0GCSqGSIb3DQEBCwUAA4IBAQCISsfgpVjC
N/gIoJioImVKdY1Dallv0bq8FcC/vhOWJzWMkK8XJBWeMO36piQrm22FLKMFCzW0
YFB8W7rjmi8bf61+iQjqviKK/0T6bj4gzWGh6okEcbXctHB/ZgyEISXoyIjyri3h
/zxgbyX3oE38mmRH8O2iS8Gy+Uv5Y1smNv04Wdwv9+juQAvsFYcbVLjwj4Us/z1h
vg9k592iLms0ztbiq9SuKh3WEy0t9idvcX2ic5fQ5ofx4pHGNhAdjlkqYZOfztaN
nCXUt2stiKZtXKb3OSpPe8nX/TWGiv6/mlQt9bcxt4yzqqFGYl4Ob3oFJqUVYaUM
fuwShtHeoa91
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:13 2024 by rpki-client on console-ams.rpki-client.org