Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uh4wBGQ_Ysy7l23UKGyLd8tivHU.roa
File: uh4wBGQ_Ysy7l23UKGyLd8tivHU.roa (raw, json)
Hash identifier: wjGSz25meBDJ3vXi/2hKQOMmxXtS2jeRy1Ix1mLRMC4=
Subject key identifier: BA:1E:30:04:64:3F:62:CC:BB:97:6D:D4:28:6C:8B:77:CB:62:BC:75
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CC5012EA5F32305C327561A2C3C978BAC
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uh4wBGQ_Ysy7l23UKGyLd8tivHU.roa
Signing time: Mon 01 Jan 2024 12:30:38 +0000
ROA not before: Mon 01 Jan 2024 12:30:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212477
IP address blocks: 45.123.41.0/24 maxlen: 24
45.123.42.0/23 maxlen: 24
45.141.203.0/24 maxlen: 24
45.141.200.0/23 maxlen: 24
45.141.202.0/24 maxlen: 24
91.190.100.0/24 maxlen: 24
103.212.82.0/24 maxlen: 24
185.35.138.0/24 maxlen: 24
185.35.136.0/23 maxlen: 24
185.35.139.0/24 maxlen: 24
89.47.89.0/24 maxlen: 24
2a0b:64c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 18 Mar 2024 16:24:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:2e:a5:f3:23:05:c3:27:56:1a:2c:3c:97:8b:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 12:30:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba1e3004643f62ccbb976dd4286c8b77cb62bc75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:6c:8b:fc:4c:d0:10:fe:0f:23:fb:6d:0d:8f:
bf:ed:20:c1:0a:cb:12:01:01:6d:94:b9:6e:8a:95:
25:f2:9b:20:1f:8a:a5:91:69:39:9b:79:f3:22:ae:
29:b8:07:96:ef:e0:24:ce:f9:77:6e:69:b1:8c:b5:
38:9b:1d:91:41:dc:9e:08:0d:48:59:34:c6:ee:54:
f3:b7:c9:61:55:10:5b:c5:05:46:3c:93:30:da:fa:
9a:c6:1f:3d:46:7c:21:74:5d:ce:ef:c0:59:3f:ea:
29:e3:e8:07:af:87:ce:e8:66:a9:1a:03:c0:f6:a9:
af:42:da:cc:00:3f:e7:cf:ca:b7:d4:f7:16:c5:cf:
84:c5:3c:16:ed:ee:f7:d8:27:79:2b:6d:45:30:30:
0a:7e:4a:a3:f8:42:d4:a6:e0:2f:81:c5:6e:76:93:
1b:a1:cc:35:7c:74:9f:26:0e:21:70:c8:98:fa:f6:
f7:bc:75:dc:f3:9f:1c:bc:4c:22:f7:35:7a:e7:b0:
06:93:05:dc:0a:b7:e3:f6:7f:3b:6e:e5:46:1a:97:
5d:aa:1b:71:58:6b:30:63:2b:d9:f4:55:00:f6:ee:
c4:06:35:a7:c9:91:9f:f3:da:ce:8a:73:16:a4:7b:
82:f1:0c:9a:e8:12:9e:2e:07:42:4c:56:9c:25:d6:
a3:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:1E:30:04:64:3F:62:CC:BB:97:6D:D4:28:6C:8B:77:CB:62:BC:75
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uh4wBGQ_Ysy7l23UKGyLd8tivHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.123.41.0-45.123.43.255
45.141.200.0/22
89.47.89.0/24
91.190.100.0/24
103.212.82.0/24
185.35.136.0/22
IPv6:
2a0b:64c0::/32
Signature Algorithm: sha256WithRSAEncryption
58:f2:ab:f4:8b:41:25:c2:87:6f:11:60:be:d6:c8:73:58:01:
4f:66:54:64:a0:3d:a6:24:21:04:4c:8b:57:c7:2f:95:11:d5:
98:73:e7:9e:c5:33:c2:fb:39:08:1d:f5:fb:e0:37:b4:73:a6:
38:78:23:50:4a:c4:4c:59:81:73:29:53:51:77:db:27:61:6e:
d3:e9:72:16:24:db:54:5e:af:ab:c3:8f:0a:17:d5:e0:71:ad:
0b:9e:a3:04:13:b8:ae:0f:67:f5:74:01:59:e9:86:27:f8:84:
16:ae:35:69:8e:5d:a2:93:25:63:62:c0:e5:dd:22:5b:7e:be:
d1:94:2b:21:b1:10:53:12:ea:19:6d:b9:be:52:6e:ab:6f:95:
8f:b2:f5:1a:3d:ac:e6:74:ec:44:bf:6e:95:f0:6e:d7:f1:7f:
e9:23:d2:df:cb:14:c8:a2:e9:99:09:1d:75:00:dd:c0:9b:07:
6b:4d:24:a6:25:db:82:04:88:8b:32:2b:61:42:6f:af:bc:70:
c6:3d:51:d5:88:2d:ce:05:d7:a3:08:e0:f9:28:ae:df:c9:b1:
8a:55:82:1b:89:ad:6a:cd:77:d9:96:a6:6b:44:f7:6a:c8:62:
66:04:61:96:14:a2:36:ff:27:c5:ae:94:11:d6:99:a1:45:24:
a9:d9:e1:55
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYzFAS6l8yMFwydWGiw8l4usMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTFlMzAwNDY0M2Y2MmNjYmI5NzZkZDQyODZjOGI3N2NiNjJiYzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGyL/EzQEP4PI/ttDY+/7SDBCssS
AQFtlLluipUl8psgH4qlkWk5m3nzIq4puAeW7+Akzvl3bmmxjLU4mx2RQdyeCA1I
WTTG7lTzt8lhVRBbxQVGPJMw2vqaxh89RnwhdF3O78BZP+op4+gHr4fO6GapGgPA
9qmvQtrMAD/nz8q31PcWxc+ExTwW7e732Cd5K21FMDAKfkqj+ELUpuAvgcVudpMb
ocw1fHSfJg4hcMiY+vb3vHXc858cvEwi9zV657AGkwXcCrfj9n87buVGGpddqhtx
WGswYyvZ9FUA9u7EBjWnyZGf89rOinMWpHuC8Qya6BKeLgdCTFacJdajiwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFLoeMARkP2LMu5dt1Chsi3fLYrx1MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdWg0d0JHUV9Zc3k3bDIzVUtHeUxkOHRpdkhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsMAwDBAAteykD
BAIteygDBAItjcgDBABZL1kDBABbvmQDBABn1FIDBAK5I4gwDQQCAAIwBwMFACoL
ZMAwDQYJKoZIhvcNAQELBQADggEBAFjyq/SLQSXCh28RYL7WyHNYAU9mVGSgPaYk
IQRMi1fHL5UR1Zhz557FM8L7OQgd9fvgN7Rzpjh4I1BKxExZgXMpU1F32ydhbtPp
chYk21Rer6vDjwoX1eBxrQueowQTuK4PZ/V0AVnphif4hBauNWmOXaKTJWNiwOXd
Ilt+vtGUKyGxEFMS6hltub5SbqtvlY+y9Ro9rOZ07ES/bpXwbtfxf+kj0t/LFMii
6ZkJHXUA3cCbB2tNJKYl24IEiIsyK2FCb6+8cMY9UdWILc4F16MI4Pkort/JsYpV
ghuJrWrNd9mWpmtE92rIYmYEYZYUojb/J8WulBHWmaFFJKnZ4VU=
-----END CERTIFICATE-----
Generated at Mon Mar 18 19:36:58 2024 by rpki-client on console-ams.rpki-client.org