Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/suyGWQ4mKgcm7daLdk1-MxE4zJ0.roa
File: suyGWQ4mKgcm7daLdk1-MxE4zJ0.roa (raw, json)
Hash identifier: przSgntGsVCURJcxeE3lIogK9pOrhWLvKFRjkpzCSA0=
Subject key identifier: B2:EC:86:59:0E:26:2A:07:26:ED:D6:8B:76:4D:7E:33:11:38:CC:9D
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0190DA318F961C11E3416C79104B9234E639
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/suyGWQ4mKgcm7daLdk1-MxE4zJ0.roa
Signing time: Mon 22 Jul 2024 11:26:39 +0000
ROA not before: Mon 22 Jul 2024 11:26:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137409
IP address blocks: 45.8.70.0/24 maxlen: 24
45.130.202.0/23 maxlen: 24
45.133.4.0/24 maxlen: 24
45.133.5.0/24 maxlen: 24
45.133.6.0/24 maxlen: 24
45.133.7.0/24 maxlen: 24
89.34.126.0/23 maxlen: 24
185.165.45.0/24 maxlen: 24
185.245.7.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
194.5.82.0/24 maxlen: 24
194.5.83.0/24 maxlen: 24
194.61.40.0/23 maxlen: 24
203.25.124.0/24 maxlen: 24
204.75.229.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Aug 2024 17:37:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:da:31:8f:96:1c:11:e3:41:6c:79:10:4b:92:34:e6:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 22 11:26:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2ec86590e262a0726edd68b764d7e331138cc9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:de:3a:a2:a5:63:07:e9:da:86:a1:cb:6c:31:
9b:ef:12:77:41:6b:56:45:71:0a:1d:5e:0d:87:9c:
6b:54:fd:c8:e8:88:59:21:b6:92:87:bf:2c:8b:ca:
e7:be:b9:a5:59:d9:4d:22:b0:20:18:f8:c0:d7:9b:
9f:d3:94:e1:cc:7c:a8:21:c5:67:fd:b0:af:9c:4c:
b8:34:ca:d4:f8:bc:ca:11:9c:5a:c9:09:1c:67:95:
c8:d9:3a:df:ae:80:5a:b1:c0:c7:6f:92:bb:72:30:
0b:39:c2:62:2c:e8:a9:80:2f:4b:fa:fd:b6:03:b0:
60:13:62:a3:15:00:97:77:58:d4:a2:41:16:86:e5:
5f:2e:46:43:c1:a9:dc:c7:cb:cf:98:9a:6b:8c:b8:
ba:52:cd:3d:b4:78:53:91:f9:95:71:36:4f:80:25:
2f:18:3e:82:29:01:eb:f0:dd:fd:9e:10:4f:28:85:
d2:7f:f0:e4:96:0c:fc:67:70:f5:cd:d8:1a:65:3a:
eb:65:85:96:9c:d5:bb:e7:6e:5f:1d:d0:d4:ee:32:
a0:26:ae:0c:f7:8e:a3:06:e3:af:01:0f:49:7b:d1:
0d:d4:c8:ed:3c:87:24:89:c1:15:1b:7c:fb:b7:e3:
c8:bd:78:26:9f:d9:8b:d9:9e:85:f9:09:e2:c0:38:
b9:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:EC:86:59:0E:26:2A:07:26:ED:D6:8B:76:4D:7E:33:11:38:CC:9D
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/suyGWQ4mKgcm7daLdk1-MxE4zJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.70.0/24
45.130.202.0/23
45.133.4.0/22
89.34.126.0/23
185.165.45.0/24
185.245.7.0/24
188.213.202.0/24
194.5.82.0/23
194.61.40.0/23
203.25.124.0/24
204.75.229.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:7b:8a:a5:84:f5:36:7b:fb:0e:5b:08:ba:dd:20:2f:92:f5:
be:5b:48:05:d6:52:73:3d:6c:63:7e:e9:73:79:8f:3a:80:8c:
b0:a5:5f:d1:98:99:9b:0b:de:48:91:d0:7c:17:59:03:f5:f2:
75:74:0c:32:af:58:ce:1b:92:d9:7d:b3:08:5b:dc:e9:57:dd:
27:93:15:ea:51:ea:25:89:b0:2a:19:aa:11:d0:7a:79:2a:20:
2d:f0:01:ed:f9:4d:4c:7d:ba:fd:5b:50:3a:76:e0:22:f0:cf:
2d:f5:54:69:e2:1b:7e:69:46:91:3f:8d:85:ba:78:21:be:69:
09:5a:7a:76:b9:a9:c0:0d:4f:a6:06:ef:46:0d:5e:1d:61:cf:
c2:b6:0d:e7:53:60:37:cf:fc:7b:1e:18:90:72:97:ff:56:3b:
41:2f:9f:ea:df:61:e4:26:99:ab:c6:e5:0e:52:ab:fc:a9:9e:
f4:b2:6b:65:f2:f3:fd:37:86:9b:e0:94:ff:85:81:ae:a4:52:
d8:f7:c7:ef:d7:ad:91:18:c3:da:99:d3:d7:b4:eb:0e:df:25:
f4:1c:5a:a0:e4:75:dd:37:8b:60:72:52:8b:d4:9c:57:ab:2e:
93:24:de:1a:0a:df:b6:0f:83:b4:2c:39:b2:6e:c1:0d:1d:51:
22:e9:36:7c
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZDaMY+WHBHjQWx5EEuSNOY5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwNzIyMTEyNjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmVjODY1OTBlMjYyYTA3MjZlZGQ2OGI3NjRkN2UzMzExMzhjYzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo946oqVjB+nahqHLbDGb7xJ3QWtW
RXEKHV4Nh5xrVP3I6IhZIbaSh78si8rnvrmlWdlNIrAgGPjA15uf05ThzHyoIcVn
/bCvnEy4NMrU+LzKEZxayQkcZ5XI2TrfroBascDHb5K7cjALOcJiLOipgC9L+v22
A7BgE2KjFQCXd1jUokEWhuVfLkZDwancx8vPmJprjLi6Us09tHhTkfmVcTZPgCUv
GD6CKQHr8N39nhBPKIXSf/Dklgz8Z3D1zdgaZTrrZYWWnNW7525fHdDU7jKgJq4M
946jBuOvAQ9Je9EN1MjtPIckicEVG3z7t+PIvXgmn9mL2Z6F+QniwDi5zwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFLLshlkOJioHJu3Wi3ZNfjMROMydMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvc3V5R1dRNG1LZ2NtN2RhTGRrMS1NeEU0ekowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALQhGAwQB
LYLKAwQCLYUEAwQBWSJ+AwQAuaUtAwQAufUHAwQAvNXKAwQBwgVSAwQBwj0oAwQA
yxl8AwQAzEvlMA0GCSqGSIb3DQEBCwUAA4IBAQAce4qlhPU2e/sOWwi63SAvkvW+
W0gF1lJzPWxjfulzeY86gIywpV/RmJmbC95IkdB8F1kD9fJ1dAwyr1jOG5LZfbMI
W9zpV90nkxXqUeolibAqGaoR0Hp5KiAt8AHt+U1Mfbr9W1A6duAi8M8t9VRp4ht+
aUaRP42FunghvmkJWnp2uanADU+mBu9GDV4dYc/Ctg3nU2A3z/x7HhiQcpf/VjtB
L5/q32HkJpmrxuUOUqv8qZ70smtl8vP9N4ab4JT/hYGupFLY98fv162RGMPamdPX
tOsO3yX0HFqg5HXdN4tgclKL1JxXqy6TJN4aCt+2D4O0LDmybsENHVEi6TZ8
-----END CERTIFICATE-----
Generated at Tue Aug 13 20:15:46 2024 by rpki-client on console-ams.rpki-client.org