Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/xksCepBkwvyW7ymT6ZzHLsXsQzA.roa
File: xksCepBkwvyW7ymT6ZzHLsXsQzA.roa (raw, json)
Hash identifier: gJLzpmGFsnUWDqfFkRhDNv2j53ubhDpnJBk50F1/2Vs=
Subject key identifier: C6:4B:02:7A:90:64:C2:FC:96:EF:29:93:E9:9C:C7:2E:C5:EC:43:30
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019117664866A674A6E9312566024A8D8B41
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/xksCepBkwvyW7ymT6ZzHLsXsQzA.roa
Signing time: Sat 03 Aug 2024 08:41:04 +0000
ROA not before: Sat 03 Aug 2024 08:41:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 45.80.157.0/24 maxlen: 24
185.192.69.0/24 maxlen: 24
185.198.240.0/24 maxlen: 24
185.198.243.0/24 maxlen: 24
185.217.117.0/24 maxlen: 24
188.213.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Sep 2024 05:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:17:66:48:66:a6:74:a6:e9:31:25:66:02:4a:8d:8b:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 3 08:41:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c64b027a9064c2fc96ef2993e99cc72ec5ec4330
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:45:08:db:8e:81:0a:76:6a:a1:9a:52:b7:c1:
28:db:fe:22:9d:23:6a:95:23:70:24:d6:20:ec:ca:
7b:c1:ee:37:30:56:af:7c:a4:de:8c:85:95:4e:fa:
fb:be:2e:ec:6d:bc:6a:1e:fd:88:79:0a:f4:18:fe:
7a:52:12:47:33:a3:79:ed:5e:7e:e7:f1:aa:16:e4:
20:e8:f8:70:64:71:b3:fb:26:71:8e:95:74:24:fa:
03:38:6c:e6:ff:46:b7:6c:04:96:b7:07:18:85:7e:
2a:17:b7:0f:c5:c0:83:f2:8b:b5:9c:78:d5:9a:99:
db:2c:36:4a:28:ff:4f:b7:df:59:4a:8e:b2:58:68:
a2:fb:f0:41:af:99:de:0e:9b:5d:9b:3b:e9:01:78:
d8:2e:e1:c5:dc:ff:dd:c4:1d:70:ae:d0:9f:bc:78:
a6:fc:d8:db:89:bd:58:4d:62:dd:6b:c4:82:29:7f:
c7:8c:97:e8:49:ff:55:be:3d:e4:b4:fe:05:12:4a:
ad:dc:e2:ca:8c:cd:f5:99:5d:c6:31:b6:7e:4c:8b:
a2:7e:49:2f:05:60:b8:04:4e:c2:4b:ad:1b:44:cf:
55:ac:30:12:74:95:81:bf:fa:7d:e6:fc:c6:2b:bd:
e9:bf:b6:7b:51:88:ec:d4:4e:3e:37:e8:ed:f3:80:
27:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:4B:02:7A:90:64:C2:FC:96:EF:29:93:E9:9C:C7:2E:C5:EC:43:30
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/xksCepBkwvyW7ymT6ZzHLsXsQzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.157.0/24
185.192.69.0/24
185.198.240.0/24
185.198.243.0/24
185.217.117.0/24
188.213.203.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:39:d8:b0:98:6d:4e:c1:65:1d:7f:69:74:81:b7:9a:80:71:
66:fc:ec:c9:31:ac:e7:7c:fe:76:1f:fc:4a:9e:7d:4a:ca:d7:
f7:d5:5f:73:3a:e5:4e:8c:e6:31:ac:36:64:bb:02:3f:d1:a7:
2d:cf:b9:67:90:00:8a:6d:f3:99:dc:aa:81:43:b2:cd:b2:ca:
f3:06:ed:be:c4:c3:17:11:e1:e3:6c:df:44:86:6d:fc:60:3b:
5a:7d:3d:39:f5:ae:5f:2e:78:7e:88:bf:44:1e:93:63:3c:07:
ee:55:f0:09:4f:94:cb:9b:dc:59:b0:1f:b4:24:92:75:6d:ce:
ea:ed:9a:2b:31:ed:a7:d3:f1:34:c8:94:a2:70:db:c2:6f:73:
91:b1:8f:4e:68:62:49:b7:29:6f:ce:02:a8:ed:d1:13:4e:55:
00:b2:6b:21:88:c0:fa:81:8d:29:08:07:c3:0d:b0:15:2e:25:
d2:5d:13:ff:4c:96:95:59:03:08:a1:bf:ee:89:d6:6f:84:48:
bf:06:31:38:9f:29:f6:b7:07:0e:52:e9:d8:81:2f:b8:88:0c:
23:b4:83:1d:b7:8f:b1:1c:42:62:67:ac:9e:05:57:57:0b:5d:
61:5d:d6:f7:62:14:de:57:4c:fa:4e:41:30:76:f4:98:d6:22:
bf:b3:b6:25
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZEXZkhmpnSm6TElZgJKjYtBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwODAzMDg0MTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjRiMDI3YTkwNjRjMmZjOTZlZjI5OTNlOTljYzcyZWM1ZWM0MzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkUI246BCnZqoZpSt8Eo2/4inSNq
lSNwJNYg7Mp7we43MFavfKTejIWVTvr7vi7sbbxqHv2IeQr0GP56UhJHM6N57V5+
5/GqFuQg6PhwZHGz+yZxjpV0JPoDOGzm/0a3bASWtwcYhX4qF7cPxcCD8ou1nHjV
mpnbLDZKKP9Pt99ZSo6yWGii+/BBr5neDptdmzvpAXjYLuHF3P/dxB1wrtCfvHim
/Njbib1YTWLda8SCKX/HjJfoSf9Vvj3ktP4FEkqt3OLKjM31mV3GMbZ+TIuifkkv
BWC4BE7CS60bRM9VrDASdJWBv/p95vzGK73pv7Z7UYjs1E4+N+jt84AnKQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMZLAnqQZML8lu8pk+mcxy7F7EMwMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEveGtzQ2VwQmt3dnlXN3ltVDZaekhMc1hzUXpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALVCdAwQA
ucBFAwQAucbwAwQAucbzAwQAudl1AwQAvNXLMA0GCSqGSIb3DQEBCwUAA4IBAQAr
OdiwmG1OwWUdf2l0gbeagHFm/OzJMaznfP52H/xKnn1Kytf31V9zOuVOjOYxrDZk
uwI/0actz7lnkACKbfOZ3KqBQ7LNssrzBu2+xMMXEeHjbN9Ehm38YDtafT059a5f
Lnh+iL9EHpNjPAfuVfAJT5TLm9xZsB+0JJJ1bc7q7ZorMe2n0/E0yJSicNvCb3OR
sY9OaGJJtylvzgKo7dETTlUAsmshiMD6gY0pCAfDDbAVLiXSXRP/TJaVWQMIob/u
idZvhEi/BjE4nyn2twcOUunYgS+4iAwjtIMdt4+xHEJiZ6yeBVdXC11hXdb3YhTe
V0z6TkEwdvSY1iK/s7Yl
-----END CERTIFICATE-----
Generated at Wed Sep 4 07:35:30 2024 by rpki-client on console-fra.rpki-client.org