Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/PowwwTwiluJ8A2ZElgK4eyc1PWA.roa
File: PowwwTwiluJ8A2ZElgK4eyc1PWA.roa (raw, json)
Hash identifier: cBgtvnSlua1GqsBtlyoK+P7m0TKkbEGsOi9jUNIodXo=
Subject key identifier: 3E:8C:30:C1:3C:22:96:E2:7C:03:66:44:96:02:B8:7B:27:35:3D:60
Certificate issuer: /CN=36c3c4565743ae57bd2aea9a363c2b3c3e250f72
Certificate serial: 018CAAFB31FA1BAC7D33619C8DB7E9CC4E12
Authority key identifier: 36:C3:C4:56:57:43:AE:57:BD:2A:EA:9A:36:3C:2B:3C:3E:25:0F:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsPEVldDrle9KuqaNjwrPD4lD3I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/PowwwTwiluJ8A2ZElgK4eyc1PWA.roa
Signing time: Wed 27 Dec 2023 11:13:58 +0000
ROA not before: Wed 27 Dec 2023 11:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203059
IP address blocks: 45.95.211.0/24 maxlen: 24
185.234.101.0/24 maxlen: 24
185.231.228.0/22 maxlen: 22
134.255.242.0/24 maxlen: 24
185.53.33.0/24 maxlen: 24
45.91.120.0/24 maxlen: 24
91.218.77.0/24 maxlen: 24
185.253.62.0/23 maxlen: 23
2a13:5080::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:aa:fb:31:fa:1b:ac:7d:33:61:9c:8d:b7:e9:cc:4e:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c3c4565743ae57bd2aea9a363c2b3c3e250f72
Validity
Not Before: Dec 27 11:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e8c30c13c2296e27c0366449602b87b27353d60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ca:46:28:43:33:ac:35:7b:55:18:5e:e6:ce:
16:dc:d2:5b:9e:1c:0d:50:f8:7f:86:d9:6e:56:1b:
a9:58:be:e0:16:9e:ef:15:d9:f3:5f:fe:c5:e4:62:
c6:04:f8:88:ea:39:b4:79:a8:83:83:5a:50:4c:f5:
52:c2:10:8d:ba:c8:12:83:c2:87:4f:95:e7:de:81:
55:de:3c:71:ae:f6:3a:d5:79:90:18:9e:34:2d:a0:
65:4e:17:93:b0:f1:5a:3b:ab:91:35:46:93:15:fb:
ce:45:dc:e9:71:b8:16:46:48:13:db:53:1f:63:11:
8a:e4:46:7a:5a:ce:5d:00:89:99:d9:ea:e7:ee:9b:
9c:02:13:9f:2a:40:69:68:73:3c:e6:85:18:69:6c:
c3:86:f2:69:84:b6:f8:16:c9:87:56:c3:fe:66:4b:
44:ea:7b:d6:22:df:af:26:d9:db:35:f2:8a:fd:95:
96:71:a0:bd:4f:ae:e0:0c:8a:8e:5d:2b:c0:69:13:
36:50:38:c2:0f:bc:d3:4f:55:f9:ff:7d:23:3b:53:
2a:1c:38:41:c1:6f:05:f6:a4:05:80:db:be:d1:53:
1c:62:e3:cc:74:f0:6f:2f:92:6e:64:1e:5b:1a:a2:
65:f0:5a:53:7e:27:50:af:65:6b:ea:45:14:eb:1e:
a4:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:8C:30:C1:3C:22:96:E2:7C:03:66:44:96:02:B8:7B:27:35:3D:60
X509v3 Authority Key Identifier:
keyid:36:C3:C4:56:57:43:AE:57:BD:2A:EA:9A:36:3C:2B:3C:3E:25:0F:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsPEVldDrle9KuqaNjwrPD4lD3I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/PowwwTwiluJ8A2ZElgK4eyc1PWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/NsPEVldDrle9KuqaNjwrPD4lD3I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.120.0/24
45.95.211.0/24
91.218.77.0/24
134.255.242.0/24
185.53.33.0/24
185.231.228.0/22
185.234.101.0/24
185.253.62.0/23
IPv6:
2a13:5080::/29
Signature Algorithm: sha256WithRSAEncryption
32:f2:0b:39:b9:cc:09:f1:cd:b7:42:76:33:28:f3:3e:dd:2b:
73:70:f6:19:8f:35:fa:d9:2d:d0:01:7a:b3:e5:68:82:05:ea:
b5:30:52:8c:61:09:c5:7b:b8:30:4c:3a:11:d2:b5:63:f7:a9:
a5:8c:0f:dc:c8:ef:1a:21:86:33:a2:fb:e9:46:6f:d5:84:86:
c4:55:a1:12:2f:f1:aa:3f:de:15:98:9c:b5:a7:c8:e7:b7:2f:
0c:e3:2e:e1:13:d0:71:5a:66:b3:dd:65:38:bf:65:ad:b8:a8:
0c:f0:fa:6a:5c:d3:53:96:b5:3f:50:2c:e5:ba:48:dc:2d:a5:
8f:98:d7:84:a7:53:0b:0d:ac:db:04:cd:98:cd:37:32:2a:dc:
6b:99:8c:f7:bf:03:97:47:f6:85:50:fa:1c:e6:64:60:7a:63:
9c:3f:9b:68:0a:d0:db:f0:69:6f:64:6f:b2:d2:12:97:78:73:
c1:e4:d5:2b:84:47:6c:72:0e:b9:06:85:03:90:a3:73:cf:14:
9b:2f:e0:ce:3e:a9:69:73:68:e5:01:b4:ce:73:52:08:4f:1e:
bc:da:33:d3:0f:f8:34:f6:97:82:82:d7:20:00:ae:57:86:8e:
09:99:59:89:e7:ee:86:8c:cb:3d:35:b5:4b:12:15:a2:62:d9:
d6:49:c2:ad
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYyq+zH6G6x9M2GcjbfpzE4SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzNjNDU2NTc0M2FlNTdiZDJhZWE5YTM2M2MyYjNjM2Uy
NTBmNzIwHhcNMjMxMjI3MTExMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZThjMzBjMTNjMjI5NmUyN2MwMzY2NDQ5NjAyYjg3YjI3MzUzZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgspGKEMzrDV7VRhe5s4W3NJbnhwN
UPh/htluVhupWL7gFp7vFdnzX/7F5GLGBPiI6jm0eaiDg1pQTPVSwhCNusgSg8KH
T5Xn3oFV3jxxrvY61XmQGJ40LaBlTheTsPFaO6uRNUaTFfvORdzpcbgWRkgT21Mf
YxGK5EZ6Ws5dAImZ2ern7pucAhOfKkBpaHM85oUYaWzDhvJphLb4FsmHVsP+ZktE
6nvWIt+vJtnbNfKK/ZWWcaC9T67gDIqOXSvAaRM2UDjCD7zTT1X5/30jO1MqHDhB
wW8F9qQFgNu+0VMcYuPMdPBvL5JuZB5bGqJl8FpTfidQr2Vr6kUU6x6kVQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFD6MMME8IpbifANmRJYCuHsnNT1gMB8GA1UdIwQY
MBaAFDbDxFZXQ65XvSrqmjY8Kzw+JQ9yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNQRVZsZERybGU5S3VxYU5qd3JQRDRsRDNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8wMTYxNTYtMDkzZS00MDViLTliMmQt
YTU3NDlkMjM0NmU3LzEvUG93d3dUd2lsdUo4QTJaRWxnSzRleWMxUFdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8wMTYxNTYtMDkzZS00MDViLTliMmQtYTU3NDlkMjM0NmU3
LzEvTnNQRVZsZERybGU5S3VxYU5qd3JQRDRsRDNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQALVt4AwQA
LV/TAwQAW9pNAwQAhv/yAwQAuTUhAwQCuefkAwQAueplAwQBuf0+MA0EAgACMAcD
BQMqE1CAMA0GCSqGSIb3DQEBCwUAA4IBAQAy8gs5ucwJ8c23QnYzKPM+3StzcPYZ
jzX62S3QAXqz5WiCBeq1MFKMYQnFe7gwTDoR0rVj96mljA/cyO8aIYYzovvpRm/V
hIbEVaESL/GqP94VmJy1p8jnty8M4y7hE9BxWmaz3WU4v2WtuKgM8PpqXNNTlrU/
UCzlukjcLaWPmNeEp1MLDazbBM2YzTcyKtxrmYz3vwOXR/aFUPoc5mRgemOcP5to
CtDb8GlvZG+y0hKXeHPB5NUrhEdscg65BoUDkKNzzxSbL+DOPqlpc2jlAbTOc1II
Tx682jPTD/g09peCgtcgAK5Xho4JmVmJ5+6GjMs9NbVLEhWiYtnWScKt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:49 2024 by rpki-client on console-ams.rpki-client.org