Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/rO52P3RHSD_hArkgRB2i4vqlihA.roa
File: rO52P3RHSD_hArkgRB2i4vqlihA.roa (raw, json)
Hash identifier: v5ATNB5zWmxrKOelQKcHcUg5dOfLJWklZJBwd8UE6po=
Subject key identifier: AC:EE:76:3F:74:47:48:3F:E1:02:B9:20:44:1D:A2:E2:FA:A5:8A:10
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018D06BE73597204D12D9FD3C0AF5B54B63F
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/rO52P3RHSD_hArkgRB2i4vqlihA.roa
Signing time: Sun 14 Jan 2024 06:52:41 +0000
ROA not before: Sun 14 Jan 2024 06:52:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210636
IP address blocks: 217.74.20.0/24 maxlen: 24
94.176.111.0/24 maxlen: 24
91.190.106.0/24 maxlen: 24
185.241.211.0/24 maxlen: 24
45.80.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Apr 2024 08:26:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:06:be:73:59:72:04:d1:2d:9f:d3:c0:af:5b:54:b6:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 14 06:52:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=acee763f7447483fe102b920441da2e2faa58a10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:c6:3f:05:23:05:09:6e:79:66:b9:3c:e9:ee:
62:70:17:8f:2b:f6:05:2a:ad:95:73:e1:8b:6a:0f:
f6:f2:96:af:45:79:8c:cd:1b:c5:b9:41:9f:f6:cc:
76:33:28:c6:78:b6:7b:14:d7:45:28:db:a9:fb:97:
61:48:84:a9:40:90:e8:ac:aa:07:33:5b:79:ca:41:
3b:e1:8c:c6:29:43:76:db:04:a9:8d:24:96:81:99:
37:4e:c8:54:e2:4a:cb:50:59:23:50:66:0b:d1:60:
be:f8:97:19:b4:ae:4e:f2:7a:af:b1:08:4b:ed:b0:
80:2a:b0:03:d2:58:6a:d0:21:7b:6c:6a:9f:45:57:
28:ab:c4:70:f5:4d:2d:1c:78:d5:74:60:81:c9:ab:
fb:71:37:5e:b5:5a:66:94:27:1e:42:12:57:4f:e6:
b3:d7:fb:6c:aa:38:ce:3a:1b:68:85:6f:d3:ea:e2:
b0:ae:01:d4:11:0b:00:8d:d3:a3:62:57:72:09:13:
da:b7:49:8a:c6:97:e6:66:db:1b:49:74:31:54:52:
d8:c7:44:ed:89:02:80:d4:a3:c3:98:f9:07:c4:26:
29:2a:a0:dd:ca:25:4b:eb:db:33:0b:b2:cf:49:17:
c4:08:e2:fe:8c:17:ac:2e:54:69:fd:ea:a1:50:f7:
b7:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:EE:76:3F:74:47:48:3F:E1:02:B9:20:44:1D:A2:E2:FA:A5:8A:10
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/rO52P3RHSD_hArkgRB2i4vqlihA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.156.0/24
91.190.106.0/24
94.176.111.0/24
185.241.211.0/24
217.74.20.0/24
Signature Algorithm: sha256WithRSAEncryption
57:b6:36:10:64:36:08:53:af:8e:10:5b:3c:57:3e:91:3c:e7:
b6:4b:eb:9d:2e:a1:1a:af:90:de:7b:72:6e:a5:88:16:6b:f7:
76:36:17:54:ca:7e:84:68:4c:36:a1:93:85:f5:1e:8c:6f:ce:
79:2f:97:70:4e:7a:c1:81:7d:11:d0:81:66:ad:0b:50:52:a9:
88:a0:a7:cc:2a:c8:eb:d5:42:8a:38:1d:70:e7:9a:17:fe:31:
db:98:a6:e1:11:d8:9a:86:70:f2:69:29:49:df:74:e0:4e:f9:
35:6b:40:93:30:e5:1c:70:ff:9c:99:2a:29:6c:62:3b:44:99:
1b:28:6f:6e:6f:35:c0:d5:d7:df:2c:a6:2c:fb:f5:a0:ce:7f:
d8:e3:67:c0:9c:ee:6d:b7:8a:9d:e1:a9:98:c1:68:73:32:2f:
69:4a:1e:a1:51:66:c7:ce:dc:2d:12:5f:94:2d:23:13:12:1d:
18:18:82:31:7b:d3:76:6f:40:63:d0:c0:a9:ef:51:6f:ff:02:
d3:83:c3:c9:5c:44:11:f7:69:68:fe:d9:79:18:82:b5:24:11:
28:2c:1f:44:8c:9f:7b:a3:ee:9d:68:66:0f:08:d5:75:49:24:
b9:81:9a:43:8f:53:9a:e8:75:aa:de:fa:1d:7e:d8:d2:ea:e9:
12:6f:c5:19
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY0GvnNZcgTRLZ/TwK9bVLY/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTE0MDY1MjQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2VlNzYzZjc0NDc0ODNmZTEwMmI5MjA0NDFkYTJlMmZhYTU4YTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8Y/BSMFCW55Zrk86e5icBePK/YF
Kq2Vc+GLag/28pavRXmMzRvFuUGf9sx2MyjGeLZ7FNdFKNup+5dhSISpQJDorKoH
M1t5ykE74YzGKUN22wSpjSSWgZk3TshU4krLUFkjUGYL0WC++JcZtK5O8nqvsQhL
7bCAKrAD0lhq0CF7bGqfRVcoq8Rw9U0tHHjVdGCByav7cTdetVpmlCceQhJXT+az
1/tsqjjOOhtohW/T6uKwrgHUEQsAjdOjYldyCRPat0mKxpfmZtsbSXQxVFLYx0Tt
iQKA1KPDmPkHxCYpKqDdyiVL69szC7LPSRfECOL+jBesLlRp/eqhUPe3GQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKzudj90R0g/4QK5IEQdouL6pYoQMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvck81MlAzUkhTRF9oQXJrZ1JCMmk0dnFsaWhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVCcAwQA
W75qAwQAXrBvAwQAufHTAwQA2UoUMA0GCSqGSIb3DQEBCwUAA4IBAQBXtjYQZDYI
U6+OEFs8Vz6RPOe2S+udLqEar5Dee3JupYgWa/d2NhdUyn6EaEw2oZOF9R6Mb855
L5dwTnrBgX0R0IFmrQtQUqmIoKfMKsjr1UKKOB1w55oX/jHbmKbhEdiahnDyaSlJ
33TgTvk1a0CTMOUccP+cmSopbGI7RJkbKG9ubzXA1dffLKYs+/Wgzn/Y42fAnO5t
t4qd4amYwWhzMi9pSh6hUWbHztwtEl+ULSMTEh0YGIIxe9N2b0Bj0MCp71Fv/wLT
g8PJXEQR92lo/tl5GIK1JBEoLB9EjJ97o+6daGYPCNV1SSS5gZpDj1Oa6HWq3vod
ftjS6ukSb8UZ
-----END CERTIFICATE-----
Generated at Tue Apr 16 11:56:42 2024 by rpki-client on console-fra.rpki-client.org