Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/oRp5B3WYOBPSU8FrYIGQD-SJAVU.roa
File: oRp5B3WYOBPSU8FrYIGQD-SJAVU.roa (raw, json)
Hash identifier: Nr/0lBic6QWe/LqCJSBTHn5Hc2r0KMpZB3QqdIoE+cw=
Subject key identifier: A1:1A:79:07:75:98:38:13:D2:53:C1:6B:60:81:90:0F:E4:89:01:55
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CC50103567FEEEDD64ABA8CC36B3D6932
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/oRp5B3WYOBPSU8FrYIGQD-SJAVU.roa
Signing time: Mon 01 Jan 2024 12:30:27 +0000
ROA not before: Mon 01 Jan 2024 12:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.241.182.0/24 maxlen: 24
188.214.208.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.254.0/23 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Jan 2024 06:25:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:03:56:7f:ee:ed:d6:4a:ba:8c:c3:6b:3d:69:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 12:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a11a790775983813d253c16b6081900fe4890155
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a3:d1:d1:94:c6:c2:f7:c8:48:e2:ed:61:2e:
24:16:2c:9a:1c:09:90:8e:3d:e4:b8:50:da:67:25:
05:f9:9d:5c:84:26:7d:c0:5f:41:80:11:2b:e9:63:
d9:f1:30:68:c0:a8:2f:bd:15:5e:89:9d:ea:4b:c0:
89:33:be:e7:bb:04:c0:60:8e:a7:a0:60:e6:fc:34:
3e:aa:04:0b:c1:15:bc:95:e5:89:c6:84:23:55:42:
d8:16:6c:25:3b:70:4d:5d:71:4e:0b:ca:6f:4c:74:
39:d3:4c:f4:39:d1:67:45:08:69:77:9c:da:3b:8d:
5d:61:8d:17:c3:30:a9:22:80:37:de:20:81:78:f2:
dd:26:56:af:57:c7:86:aa:b6:62:2c:9b:f6:c9:80:
8f:20:c4:0c:71:0d:c7:2c:f4:2c:09:1d:86:ac:e8:
3b:9f:92:82:b4:41:b4:29:66:38:a9:92:1e:99:61:
97:42:9f:6a:05:e2:54:12:c3:dd:c9:54:f6:89:d2:
d7:80:56:bf:9e:1e:24:f9:5f:7b:6a:74:3e:7c:84:
ae:67:dc:9d:33:41:a0:ed:42:c9:ad:8d:58:e2:43:
ad:84:9b:0a:a4:f9:1a:83:36:30:c6:5c:05:b0:9c:
32:eb:65:40:70:6a:24:35:36:05:fe:de:d5:b5:a3:
6d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:1A:79:07:75:98:38:13:D2:53:C1:6B:60:81:90:0F:E4:89:01:55
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/oRp5B3WYOBPSU8FrYIGQD-SJAVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
87.247.148.0/22
89.33.84.0/23
89.35.154.0/24
89.37.62.0/23
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.168.0/22
188.212.133.0/24
188.212.158.0/23
188.214.208.0/23
188.240.224.0/23
188.240.227.0/24
188.241.110.0/24
188.241.182.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:7c:35:83:52:3f:e9:a7:a7:82:c1:18:77:ce:8d:07:08:93:
c0:96:96:c8:f9:d1:13:94:eb:60:50:94:f1:bd:3d:b6:40:f1:
0d:65:38:75:4d:4c:42:8f:1c:87:97:7e:05:b5:bf:6a:67:4c:
53:20:ee:19:b0:ff:75:c8:35:e9:c1:65:82:c7:c0:d5:38:e5:
53:0d:bf:ff:1d:68:c9:b3:19:0c:c4:7f:d2:f3:15:62:40:a0:
ed:5d:81:ee:76:50:de:d2:71:0b:b0:5e:aa:0b:22:1d:b3:f0:
8f:33:c0:da:14:b5:2e:26:c9:ce:25:c3:4a:d2:1e:69:c4:b8:
f6:7a:4b:8e:bd:8c:6a:6c:1b:03:c7:89:c1:6b:9d:dc:c6:0f:
0d:ba:31:a0:60:72:5c:ad:b6:e4:04:d4:23:a0:57:f7:4e:e9:
39:d4:e1:e5:26:e6:2f:4c:cb:c9:af:5c:6e:e1:dc:b7:af:82:
9a:e0:4b:51:ec:55:03:87:e3:dd:31:b1:f8:ed:81:c4:67:06:
72:86:28:ec:d4:e6:05:73:ff:87:b9:0c:e7:e9:ab:96:8a:bb:
79:bd:87:05:bc:9f:ba:85:28:de:1a:c3:a7:97:13:70:a2:b6:
61:4f:fe:5a:c2:d0:65:0b:dc:04:b8:2a:3d:22:63:0b:e4:18:
b0:94:b3:c4
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAYzFAQNWf+7t1kq6jMNrPWkyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTFhNzkwNzc1OTgzODEzZDI1M2MxNmI2MDgxOTAwZmU0ODkwMTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6PR0ZTGwvfISOLtYS4kFiyaHAmQ
jj3kuFDaZyUF+Z1chCZ9wF9BgBEr6WPZ8TBowKgvvRVeiZ3qS8CJM77nuwTAYI6n
oGDm/DQ+qgQLwRW8leWJxoQjVULYFmwlO3BNXXFOC8pvTHQ500z0OdFnRQhpd5za
O41dYY0XwzCpIoA33iCBePLdJlavV8eGqrZiLJv2yYCPIMQMcQ3HLPQsCR2GrOg7
n5KCtEG0KWY4qZIemWGXQp9qBeJUEsPdyVT2idLXgFa/nh4k+V97anQ+fISuZ9yd
M0Gg7ULJrY1Y4kOthJsKpPkagzYwxlwFsJwy62VAcGokNTYF/t7VtaNt1wIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFKEaeQd1mDgT0lPBa2CBkA/kiQFVMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvb1JwNUIzV1lPQlBTVThGcllJR1FELVNKQVZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBAIt
krgDBAAtnJ0DBAJX95QDBAFZIVQDBABZI5oDBAFZJT4DBAJbvMwDBAFdc/4DBAG5
h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAK5/6gDBAC81IUDBAG81J4DBAG8
1tADBAG88OADBAC88OMDBAC88W4DBAC88bYDBAC88fMDBAHBF4ADBALV6FwwDQYJ
KoZIhvcNAQELBQADggEBAC98NYNSP+mnp4LBGHfOjQcIk8CWlsj50ROU62BQlPG9
PbZA8Q1lOHVNTEKPHIeXfgW1v2pnTFMg7hmw/3XINenBZYLHwNU45VMNv/8daMmz
GQzEf9LzFWJAoO1dge52UN7ScQuwXqoLIh2z8I8zwNoUtS4myc4lw0rSHmnEuPZ6
S469jGpsGwPHicFrndzGDw26MaBgclyttuQE1COgV/dO6TnU4eUm5i9My8mvXG7h
3LevgprgS1HsVQOH490xsfjtgcRnBnKGKOzU5gVz/4e5DOfpq5aKu3m9hwW8n7qF
KN4aw6eXE3CitmFP/lrC0GUL3AS4Kj0iYwvkGLCUs8Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:48 2024 by rpki-client on console-fra.rpki-client.org