Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/xGXOsqg6x-VIqYAgHOOzIGvFA2U.roa
File: xGXOsqg6x-VIqYAgHOOzIGvFA2U.roa (raw, json)
Hash identifier: ZX3OwqIa4ZEOmG3g+1HT0ep5wrAlGERuAlKhDZxwl6g=
Subject key identifier: C4:65:CE:B2:A8:3A:C7:E5:48:A9:80:20:1C:E3:B3:20:6B:C5:03:65
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CCE823D82A5D439C5187ED49C82640452
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/xGXOsqg6x-VIqYAgHOOzIGvFA2U.roa
Signing time: Wed 03 Jan 2024 08:48:11 +0000
ROA not before: Wed 03 Jan 2024 08:48:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8038
IP address blocks: 203.25.124.0/24 maxlen: 24
194.5.84.0/24 maxlen: 24
194.242.3.0/24 maxlen: 24
193.26.114.0/24 maxlen: 24
45.144.224.0/24 maxlen: 24
185.165.44.0/24 maxlen: 24
46.229.255.0/24 maxlen: 24
185.150.0.0/24 maxlen: 24
91.190.107.0/24 maxlen: 24
203.159.82.0/24 maxlen: 24
185.217.118.0/24 maxlen: 24
203.159.90.0/24 maxlen: 24
185.228.226.0/24 maxlen: 24
194.76.134.0/24 maxlen: 24
45.133.0.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ce:82:3d:82:a5:d4:39:c5:18:7e:d4:9c:82:64:04:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 3 08:48:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c465ceb2a83ac7e548a980201ce3b3206bc50365
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b9:60:19:19:a4:ff:2c:af:c5:54:e9:76:36:
17:b5:97:e2:06:18:7d:4b:6b:e1:a3:b6:df:2b:18:
d6:2b:aa:fa:24:cc:b0:eb:cc:d6:d9:67:a0:4e:2e:
32:30:ab:d5:22:ac:de:54:af:05:85:d9:9d:fc:e1:
6f:01:95:87:f5:f4:57:b5:6f:58:85:86:31:c9:f3:
e1:6d:7a:3f:b8:30:fa:53:1a:e7:06:7c:f3:fa:ba:
af:b3:5c:34:df:fb:22:9f:ac:e9:79:d9:4f:cc:2e:
0a:de:64:e2:cb:e0:a3:25:fa:8b:78:84:ea:e9:0a:
7c:26:9d:e3:e4:8c:13:6e:e5:74:2e:3d:c9:82:df:
46:c1:84:bc:a1:57:9f:fa:05:c0:6f:53:94:33:86:
8d:54:0a:3e:08:9d:88:32:df:68:f3:06:05:a9:0c:
34:ab:24:3f:36:0a:50:20:5a:e5:46:fc:b7:58:f3:
56:fc:42:78:55:86:51:87:0f:8c:cc:38:87:6d:bf:
c6:ac:e2:c9:fd:cb:3c:1d:87:f7:af:2f:43:59:79:
4f:dc:8b:18:a9:ef:51:0d:5a:50:cd:06:7b:8d:60:
d6:41:52:07:1c:97:17:31:60:d6:1d:27:0d:56:1f:
2d:db:e6:7a:4e:e5:74:7b:2e:e9:e9:20:ff:eb:a5:
91:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:65:CE:B2:A8:3A:C7:E5:48:A9:80:20:1C:E3:B3:20:6B:C5:03:65
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/xGXOsqg6x-VIqYAgHOOzIGvFA2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.0.0/24
45.144.224.0/24
46.229.255.0/24
91.190.107.0/24
185.150.0.0/24
185.165.44.0/24
185.217.118.0/24
185.228.226.0/24
193.26.114.0/24
194.5.84.0/24
194.76.134.0/24
194.242.3.0/24
203.25.124.0/24
203.159.82.0/24
203.159.90.0/24
Signature Algorithm: sha256WithRSAEncryption
97:5d:8b:4d:37:36:01:91:d4:10:ec:49:64:83:11:e8:1d:8f:
e5:16:a2:52:1d:1f:86:5d:0e:b9:29:07:2d:a8:3a:d7:0c:e5:
47:ad:36:00:1b:3b:d1:ea:7d:02:f3:f9:54:cf:c7:20:5f:73:
97:84:eb:82:05:d0:cb:42:7c:ab:e4:3e:ea:e9:4f:7e:cb:e1:
63:f0:3e:e7:6f:af:dd:9f:15:af:58:5d:2b:f4:c1:48:0f:06:
a2:fb:bf:f4:39:c7:51:d1:3d:fd:65:42:8a:f7:5a:42:e2:e1:
ef:69:59:1c:08:de:f0:91:f2:92:70:3e:ce:4b:7b:18:d3:e4:
72:3b:f6:c8:86:40:71:47:fd:a0:8e:0f:8d:38:d0:e8:a9:3c:
cf:7b:06:6b:52:6a:de:fa:07:e9:ba:0f:3a:b6:44:3f:2c:69:
12:ea:38:42:79:b8:f8:ae:b4:2d:43:87:b6:7a:be:d3:a5:b4:
0c:73:e0:b8:cb:89:cb:d2:65:d2:f7:7a:37:1c:a5:0f:8b:1d:
9b:e4:78:b1:d0:8c:77:80:27:13:39:6f:16:df:9f:0c:98:be:
b9:ee:75:a6:f1:7d:db:06:11:eb:22:7f:a8:fa:9b:bf:7e:f2:
bc:7e:2f:42:92:62:1e:1d:1a:44:ff:67:0f:f2:ac:c0:ad:c5:
11:5c:64:16
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYzOgj2CpdQ5xRh+1JyCZARSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAzMDg0ODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDY1Y2ViMmE4M2FjN2U1NDhhOTgwMjAxY2UzYjMyMDZiYzUwMzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLlgGRmk/yyvxVTpdjYXtZfiBhh9
S2vho7bfKxjWK6r6JMyw68zW2WegTi4yMKvVIqzeVK8Fhdmd/OFvAZWH9fRXtW9Y
hYYxyfPhbXo/uDD6UxrnBnzz+rqvs1w03/sin6zpedlPzC4K3mTiy+CjJfqLeITq
6Qp8Jp3j5IwTbuV0Lj3Jgt9GwYS8oVef+gXAb1OUM4aNVAo+CJ2IMt9o8wYFqQw0
qyQ/NgpQIFrlRvy3WPNW/EJ4VYZRhw+MzDiHbb/GrOLJ/cs8HYf3ry9DWXlP3IsY
qe9RDVpQzQZ7jWDWQVIHHJcXMWDWHScNVh8t2+Z6TuV0ey7p6SD/66WR4wIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFMRlzrKoOsflSKmAIBzjsyBrxQNlMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEveEdYT3NxZzZ4LVZJcVlBZ0hPT3pJR3ZGQTJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQALYUAAwQA
LZDgAwQALuX/AwQAW75rAwQAuZYAAwQAuaUsAwQAudl2AwQAueTiAwQAwRpyAwQA
wgVUAwQAwkyGAwQAwvIDAwQAyxl8AwQAy59SAwQAy59aMA0GCSqGSIb3DQEBCwUA
A4IBAQCXXYtNNzYBkdQQ7ElkgxHoHY/lFqJSHR+GXQ65KQctqDrXDOVHrTYAGzvR
6n0C8/lUz8cgX3OXhOuCBdDLQnyr5D7q6U9+y+Fj8D7nb6/dnxWvWF0r9MFIDwai
+7/0OcdR0T39ZUKK91pC4uHvaVkcCN7wkfKScD7OS3sY0+RyO/bIhkBxR/2gjg+N
ONDoqTzPewZrUmre+gfpug86tkQ/LGkS6jhCebj4rrQtQ4e2er7TpbQMc+C4y4nL
0mXS93o3HKUPix2b5Hix0Ix3gCcTOW8W358MmL657nWm8X3bBhHrIn+o+pu/fvK8
fi9CkmIeHRpE/2cP8qzArcURXGQW
-----END CERTIFICATE-----
Generated at Fri Jan 5 17:14:10 2024 by rpki-client on console-ams.rpki-client.org