Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uMcsD5HTB5yNF_JYQa2wmwDXta4.roa
File: uMcsD5HTB5yNF_JYQa2wmwDXta4.roa (raw, json)
Hash identifier: fNV8IIIjeZTOkZi16YDFCsPw14b6vwbRMbTHBKJVgAg=
Subject key identifier: B8:C7:2C:0F:91:D3:07:9C:8D:17:F2:58:41:AD:B0:9B:00:D7:B5:AE
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01863655A38ED2DBAEAD81FB41593F8719B7
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uMcsD5HTB5yNF_JYQa2wmwDXta4.roa
Signing time: Thu 09 Feb 2023 13:20:27 +0000
ROA not before: Thu 09 Feb 2023 13:20:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206092
IP address blocks: 45.130.83.0/24 maxlen: 24
45.130.81.0/24 maxlen: 24
45.130.80.0/24 maxlen: 24
203.26.81.0/24 maxlen: 24
185.192.71.0/24 maxlen: 24
188.212.135.0/24 maxlen: 24
89.47.15.0/24 maxlen: 24
45.67.96.0/24 maxlen: 24
193.19.109.0/24 maxlen: 24
45.135.186.0/24 maxlen: 24
203.159.81.0/24 maxlen: 24
45.135.187.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:36:55:a3:8e:d2:db:ae:ad:81:fb:41:59:3f:87:19:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 9 13:20:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8c72c0f91d3079c8d17f25841adb09b00d7b5ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0f:54:cf:4f:75:56:d3:1f:ee:ae:45:4a:75:
35:9d:40:28:4b:66:4b:99:a3:c2:3a:6d:55:a8:cc:
08:a8:84:02:63:0b:f5:f6:8f:2d:b7:f4:bd:d4:8b:
7e:36:a4:00:de:93:ee:0a:48:ef:9c:29:46:03:37:
98:96:f4:df:53:69:16:b3:99:72:92:58:e5:06:5c:
bb:26:4d:17:76:3a:79:a5:4d:1d:dc:ce:40:d1:c9:
0c:8e:e4:24:64:4d:17:f3:3f:23:ef:07:6a:98:c2:
45:0e:db:a6:d1:c0:d5:87:fc:aa:85:52:28:23:70:
90:ca:d6:93:77:11:5b:08:4d:07:b0:ab:5c:d1:87:
27:a5:b6:7f:77:54:50:aa:51:7a:18:7c:e5:f6:f5:
04:4a:fa:47:2b:8a:8c:e6:94:b6:57:78:74:ac:57:
c2:64:b1:5f:1e:fa:ab:ac:17:e4:db:e1:95:2d:b3:
82:0a:b8:83:25:e5:83:ac:de:1b:c3:80:57:c1:b9:
b3:17:d7:2b:da:4a:20:3f:07:a4:4d:a1:b5:4a:73:
fd:dc:63:db:aa:95:a4:fe:e2:ea:72:10:23:a3:4d:
ee:97:47:07:91:c3:2c:5a:c0:df:3f:6b:6c:9a:e2:
26:dc:59:8c:24:2b:fa:8d:66:45:46:b3:f9:ac:24:
ca:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:C7:2C:0F:91:D3:07:9C:8D:17:F2:58:41:AD:B0:9B:00:D7:B5:AE
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uMcsD5HTB5yNF_JYQa2wmwDXta4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.96.0/24
45.130.80.0/23
45.130.83.0/24
45.135.186.0/23
89.47.15.0/24
185.192.71.0/24
188.212.135.0/24
193.19.109.0/24
203.26.81.0/24
203.159.81.0/24
Signature Algorithm: sha256WithRSAEncryption
88:4d:9c:b3:b8:d4:85:32:57:40:ae:96:80:a8:31:98:a5:e2:
dc:e3:ab:a0:45:93:82:b6:f3:49:91:33:9b:4a:5b:bd:d7:f1:
8b:29:10:08:8f:55:f2:76:0d:5f:02:42:fa:a4:89:e6:65:f1:
75:a6:55:06:d3:25:db:64:86:40:d8:df:bf:eb:54:29:cd:ec:
32:ba:f2:fa:06:34:1c:08:a3:87:8c:01:d1:2a:5d:bc:0f:62:
f9:a9:61:c5:a7:4c:29:da:92:2b:e5:21:d2:c1:4c:42:dd:c5:
23:72:85:b3:cf:58:77:1e:e6:0a:03:25:6b:85:09:07:72:b8:
80:2e:0c:50:8a:4e:e8:a6:0a:5a:0e:b2:14:ef:22:d8:90:04:
ac:86:fb:81:5e:db:18:8f:1c:73:e8:39:69:2d:41:ad:e0:af:
12:3e:1c:bd:b7:46:f1:b6:8d:77:a4:a6:dd:1e:93:ce:b6:69:
23:e8:b7:62:99:e5:50:bd:e9:18:dc:c5:94:be:65:e7:60:c1:
aa:81:ff:66:19:d0:55:75:d2:eb:08:df:70:06:67:b6:8d:1e:
e6:9f:ee:24:29:fd:3d:4d:f3:7a:fb:7d:9f:18:e0:88:ab:66:
b8:f2:aa:cd:ff:f4:35:de:c5:ac:2f:46:b1:87:fb:57:e3:17:
b6:f5:18:a7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYY2VaOO0tuurYH7QVk/hxm3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjA5MTMyMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGM3MmMwZjkxZDMwNzljOGQxN2YyNTg0MWFkYjA5YjAwZDdiNWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsA9Uz091VtMf7q5FSnU1nUAoS2ZL
maPCOm1VqMwIqIQCYwv19o8tt/S91It+NqQA3pPuCkjvnClGAzeYlvTfU2kWs5ly
kljlBly7Jk0Xdjp5pU0d3M5A0ckMjuQkZE0X8z8j7wdqmMJFDtum0cDVh/yqhVIo
I3CQytaTdxFbCE0HsKtc0YcnpbZ/d1RQqlF6GHzl9vUESvpHK4qM5pS2V3h0rFfC
ZLFfHvqrrBfk2+GVLbOCCriDJeWDrN4bw4BXwbmzF9cr2kogPwekTaG1SnP93GPb
qpWk/uLqchAjo03ul0cHkcMsWsDfP2tsmuIm3FmMJCv6jWZFRrP5rCTKvwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFLjHLA+R0wecjRfyWEGtsJsA17WuMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdU1jc0Q1SFRCNXlORl9KWVFhMndtd0RYdGE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALUNgAwQB
LYJQAwQALYJTAwQBLYe6AwQAWS8PAwQAucBHAwQAvNSHAwQAwRNtAwQAyxpRAwQA
y59RMA0GCSqGSIb3DQEBCwUAA4IBAQCITZyzuNSFMldArpaAqDGYpeLc46ugRZOC
tvNJkTObSlu91/GLKRAIj1Xydg1fAkL6pInmZfF1plUG0yXbZIZA2N+/61Qpzewy
uvL6BjQcCKOHjAHRKl28D2L5qWHFp0wp2pIr5SHSwUxC3cUjcoWzz1h3HuYKAyVr
hQkHcriALgxQik7opgpaDrIU7yLYkASshvuBXtsYjxxz6DlpLUGt4K8SPhy9t0bx
to13pKbdHpPOtmkj6LdimeVQvekY3MWUvmXnYMGqgf9mGdBVddLrCN9wBme2jR7m
n+4kKf09TfN6+32fGOCIq2a48qrN//Q13sWsL0axh/tX4xe29Rin
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:57 2023 by rpki-client on console-ams.rpki-client.org