Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qqTIJkHQxFawvnwLx-lAy_XFAqA.roa
File: qqTIJkHQxFawvnwLx-lAy_XFAqA.roa (raw, json)
Hash identifier: mx6E1QGLrEifqAVbqVarB1wYsvrEFl16OWa1GgDYBQ4=
Subject key identifier: AA:A4:C8:26:41:D0:C4:56:B0:BE:7C:0B:C7:E9:40:CB:F5:C5:02:A0
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01919F61A7C772D95791598B8F3A8CFAB56F
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qqTIJkHQxFawvnwLx-lAy_XFAqA.roa
Signing time: Thu 29 Aug 2024 18:24:22 +0000
ROA not before: Thu 29 Aug 2024 18:24:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209854
IP address blocks: 45.135.184.0/24 maxlen: 24
45.144.227.0/24 maxlen: 24
62.197.144.0/24 maxlen: 24
62.197.145.0/24 maxlen: 24
62.197.146.0/24 maxlen: 24
62.197.147.0/24 maxlen: 24
62.197.148.0/24 maxlen: 24
62.197.149.0/24 maxlen: 24
62.197.150.0/24 maxlen: 24
62.197.152.0/24 maxlen: 24
62.197.153.0/24 maxlen: 24
62.197.154.0/23 maxlen: 24
62.197.156.0/23 maxlen: 24
62.197.158.0/24 maxlen: 24
91.190.101.0/24 maxlen: 24
92.62.120.0/24 maxlen: 24
92.62.121.0/24 maxlen: 24
92.62.122.0/23 maxlen: 24
185.244.139.0/24 maxlen: 24
193.218.35.0/24 maxlen: 24
194.169.168.0/24 maxlen: 24
194.169.170.0/23 maxlen: 24
212.119.32.0/23 maxlen: 24
212.119.34.0/24 maxlen: 24
213.109.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 30 Aug 2024 06:47:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9f:61:a7:c7:72:d9:57:91:59:8b:8f:3a:8c:fa:b5:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 29 18:24:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aaa4c82641d0c456b0be7c0bc7e940cbf5c502a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f9:a9:14:12:a4:0e:47:a9:c4:c4:2f:9e:23:
c2:1b:e6:1e:d7:5c:12:aa:1f:93:50:d6:23:5c:94:
93:35:5e:07:b0:1d:ea:4a:b1:a9:c4:0a:1f:30:2f:
79:2e:33:dc:56:a7:0e:85:68:23:34:c1:14:bb:02:
14:38:64:bc:94:24:8e:a0:01:36:53:15:51:60:8f:
67:01:f0:c8:68:ab:6b:50:5e:46:a4:0a:f1:4a:31:
a9:8e:a8:da:1f:46:4f:7f:c2:ff:8e:f6:d0:ce:33:
42:3a:1e:bb:10:6e:e3:27:3a:f4:af:ce:51:c1:ba:
ac:22:9e:a7:0e:44:cb:4b:41:db:db:49:bb:2e:b8:
b6:d0:86:68:d1:ac:01:94:71:2f:df:2b:f5:0b:11:
74:28:16:8c:49:8d:f0:8d:82:82:26:51:9a:54:ff:
56:f4:f7:10:4b:b5:e7:e9:bc:a4:3a:90:2f:85:fa:
2d:f2:20:aa:8e:1b:5d:b7:7b:e2:7c:86:f5:65:6d:
70:c2:29:b4:ec:a6:45:ca:7f:8a:1a:af:4e:65:19:
22:7a:26:4e:32:00:f9:40:59:ec:46:2c:8a:f9:0a:
e5:a5:65:d6:4b:9e:8a:a4:a8:60:bd:2d:ce:0c:c9:
db:78:0c:07:cd:d4:55:00:06:45:48:01:5d:f9:c9:
ba:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:A4:C8:26:41:D0:C4:56:B0:BE:7C:0B:C7:E9:40:CB:F5:C5:02:A0
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qqTIJkHQxFawvnwLx-lAy_XFAqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.184.0/24
45.144.227.0/24
62.197.144.0-62.197.150.255
62.197.152.0-62.197.158.255
91.190.101.0/24
92.62.120.0/22
185.244.139.0/24
193.218.35.0/24
194.169.168.0/24
194.169.170.0/23
212.119.32.0-212.119.34.255
213.109.151.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:9a:1e:1c:46:3b:d8:be:3a:c4:fb:e7:45:84:2a:15:b1:97:
a6:7e:03:aa:27:45:21:aa:d7:37:34:c1:4d:8a:b8:d1:68:04:
9f:ca:09:91:06:09:25:68:39:db:a2:7d:6c:51:02:ab:19:9f:
b2:18:82:d4:aa:d6:a1:d7:c8:14:75:4a:82:a4:8f:b9:34:64:
41:0f:b0:3d:d4:62:8b:e8:5a:ca:9b:21:6b:99:31:cc:93:9a:
70:5d:f7:0f:43:a4:74:8d:35:44:82:de:99:78:c2:91:17:49:
2b:00:3c:58:fa:6e:c5:3e:8b:c7:bb:fd:41:67:94:a0:ba:ce:
02:86:87:58:bd:39:13:75:1f:13:30:ce:06:ff:b3:3c:02:9e:
59:5c:3b:5b:42:02:82:f3:f3:56:e7:dc:74:78:25:0e:36:8c:
f8:94:45:0c:12:e0:7f:76:60:8c:6a:58:7d:bf:6f:28:82:77:
25:01:dc:45:04:6a:6c:5c:12:e3:9d:e4:0c:e8:fb:93:3f:39:
90:63:4a:ea:21:aa:88:a8:7e:95:f5:7d:4c:85:91:a4:e1:0e:
eb:25:9d:f3:8a:a7:81:ef:2a:68:d5:7b:d2:7e:0a:dd:c0:a0:
a9:a8:80:16:d7:36:e5:a8:86:5d:e1:ac:33:c3:ff:16:58:63:
2c:61:b4:d6
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZGfYafHctlXkVmLjzqM+rVvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwODI5MTgyNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWE0YzgyNjQxZDBjNDU2YjBiZTdjMGJjN2U5NDBjYmY1YzUwMmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvmpFBKkDkepxMQvniPCG+Ye11wS
qh+TUNYjXJSTNV4HsB3qSrGpxAofMC95LjPcVqcOhWgjNMEUuwIUOGS8lCSOoAE2
UxVRYI9nAfDIaKtrUF5GpArxSjGpjqjaH0ZPf8L/jvbQzjNCOh67EG7jJzr0r85R
wbqsIp6nDkTLS0Hb20m7Lri20IZo0awBlHEv3yv1CxF0KBaMSY3wjYKCJlGaVP9W
9PcQS7Xn6bykOpAvhfot8iCqjhtdt3vifIb1ZW1wwim07KZFyn+KGq9OZRkieiZO
MgD5QFnsRiyK+QrlpWXWS56KpKhgvS3ODMnbeAwHzdRVAAZFSAFd+cm6oQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFKqkyCZB0MRWsL58C8fpQMv1xQKgMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvcXFUSUprSFF4RmF3dm53THgtbEF5X1hGQXFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQALYe4AwQA
LZDjMAwDBAQ+xZADBAA+xZYwDAMEAz7FmAMEAD7FngMEAFu+ZQMEAlw+eAMEALn0
iwMEAMHaIwMEAMKpqAMEAcKpqjAMAwQF1HcgAwQA1HciAwQA1W2XMA0GCSqGSIb3
DQEBCwUAA4IBAQCMmh4cRjvYvjrE++dFhCoVsZemfgOqJ0Uhqtc3NMFNirjRaASf
ygmRBgklaDnbon1sUQKrGZ+yGILUqtah18gUdUqCpI+5NGRBD7A91GKL6FrKmyFr
mTHMk5pwXfcPQ6R0jTVEgt6ZeMKRF0krADxY+m7FPovHu/1BZ5Sgus4ChodYvTkT
dR8TMM4G/7M8Ap5ZXDtbQgKC8/NW59x0eCUONoz4lEUMEuB/dmCMalh9v28ogncl
AdxFBGpsXBLjneQM6PuTPzmQY0rqIaqIqH6V9X1MhZGk4Q7rJZ3ziqeB7ypo1XvS
fgrdwKCpqIAW1zblqIZd4awzw/8WWGMsYbTW
-----END CERTIFICATE-----
Generated at Fri Aug 30 09:05:03 2024 by rpki-client on console-ams.rpki-client.org