Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/SeNiUcrdsteU0Jy_5jXJgWl8BAs.roa
File: SeNiUcrdsteU0Jy_5jXJgWl8BAs.roa (raw, json)
Hash identifier: vOc2Ypks97WSvdxw04bJiVlYZeq5vAn1wRdFNklV8KA=
Subject key identifier: 49:E3:62:51:CA:DD:B2:D7:94:D0:9C:BF:E6:35:C9:81:69:7C:04:0B
Certificate issuer: /CN=36c3c4565743ae57bd2aea9a363c2b3c3e250f72
Certificate serial: 018CC649CE840BD0CA4EB0894D846B9B5420
Authority key identifier: 36:C3:C4:56:57:43:AE:57:BD:2A:EA:9A:36:3C:2B:3C:3E:25:0F:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsPEVldDrle9KuqaNjwrPD4lD3I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/SeNiUcrdsteU0Jy_5jXJgWl8BAs.roa
Signing time: Mon 01 Jan 2024 18:29:34 +0000
ROA not before: Mon 01 Jan 2024 18:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203059
IP address blocks: 45.95.211.0/24 maxlen: 24
185.234.101.0/24 maxlen: 24
185.231.228.0/22 maxlen: 22
134.255.242.0/24 maxlen: 24
185.53.33.0/24 maxlen: 24
45.91.120.0/24 maxlen: 24
91.218.77.0/24 maxlen: 24
185.253.62.0/23 maxlen: 23
2a13:5080::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 08 Apr 2024 14:47:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:ce:84:0b:d0:ca:4e:b0:89:4d:84:6b:9b:54:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c3c4565743ae57bd2aea9a363c2b3c3e250f72
Validity
Not Before: Jan 1 18:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=49e36251caddb2d794d09cbfe635c981697c040b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e9:33:4b:f5:44:be:fe:b9:e9:67:ed:6c:93:
ab:15:c9:f1:19:7b:18:05:4d:4f:75:55:94:a8:02:
f1:1a:dc:b7:c1:b7:68:38:cf:2d:2f:2a:66:e0:c2:
20:8d:58:4b:8a:d2:fa:05:1a:1f:ba:70:d6:9b:54:
0a:37:27:bc:28:27:b1:37:ec:4d:08:00:12:46:d3:
c9:3c:b6:0c:cb:21:95:f8:02:c3:a2:c0:f8:92:96:
bd:7f:80:d8:ee:ff:28:53:89:dd:3a:29:3a:0d:b8:
ca:eb:71:7a:8d:54:db:39:4e:ef:24:aa:80:c5:3e:
a1:6c:d2:06:c8:90:ea:a7:9e:3c:ee:4a:76:56:c9:
a7:53:b6:15:f1:d3:49:de:87:7b:65:20:bb:bb:46:
75:3e:64:98:58:0a:5b:9c:6c:4b:75:a4:06:d3:8b:
66:0b:16:4a:fd:a9:43:9c:18:98:d5:03:7b:4e:9b:
da:b4:16:30:fa:a9:50:0d:52:a7:64:89:98:60:01:
8b:a2:1c:55:2b:4f:70:8b:ad:b8:b6:16:43:47:cc:
40:b3:ec:17:0c:d5:36:a8:a7:07:92:ac:89:42:0d:
c1:9c:46:05:42:5d:00:a7:6d:ea:ec:8c:a7:14:95:
3e:e3:04:da:11:83:17:72:ad:49:e9:a6:09:87:00:
97:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:E3:62:51:CA:DD:B2:D7:94:D0:9C:BF:E6:35:C9:81:69:7C:04:0B
X509v3 Authority Key Identifier:
keyid:36:C3:C4:56:57:43:AE:57:BD:2A:EA:9A:36:3C:2B:3C:3E:25:0F:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsPEVldDrle9KuqaNjwrPD4lD3I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/SeNiUcrdsteU0Jy_5jXJgWl8BAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/NsPEVldDrle9KuqaNjwrPD4lD3I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.120.0/24
45.95.211.0/24
91.218.77.0/24
134.255.242.0/24
185.53.33.0/24
185.231.228.0/22
185.234.101.0/24
185.253.62.0/23
IPv6:
2a13:5080::/29
Signature Algorithm: sha256WithRSAEncryption
34:3a:b9:9b:ae:d4:3b:73:46:2c:bb:84:3b:f5:bd:3e:58:fb:
d8:6d:cb:5d:80:2a:67:25:d0:a9:af:db:cf:ab:ed:1b:04:13:
1b:69:4f:5b:ad:6d:77:6c:e1:4d:c2:57:2c:71:58:f8:04:4c:
e0:2b:3f:12:4a:6c:39:13:6e:61:36:69:69:bd:f6:ea:b3:18:
95:a0:5f:02:d5:f0:13:55:0b:85:8f:1c:02:43:ba:f6:54:a0:
b9:f6:c5:2d:2e:3b:48:bc:dd:d0:71:a0:00:88:4f:84:58:4c:
e0:20:c2:c4:02:49:e0:56:4d:f2:51:58:ff:d8:44:54:9d:dc:
07:cf:5e:f6:16:0a:ec:75:d9:0a:de:43:12:ae:5a:29:29:1a:
b9:25:24:12:b3:32:b1:52:f1:0b:13:66:81:2d:d3:0b:39:a6:
e8:a1:15:5c:f3:df:c3:0f:1a:40:9b:e0:3a:56:8d:36:f4:6c:
6a:9a:d0:4f:62:18:b3:af:20:a3:ce:bd:df:c5:8c:98:94:6c:
f5:6e:77:c6:a5:09:0d:60:9b:7b:bf:e3:3f:f2:5a:95:7e:e8:
58:d1:06:e0:40:13:cc:7e:4a:f5:8e:b8:f4:45:e8:92:60:c9:
01:8a:77:58:42:0d:94:35:68:d8:5c:5f:b6:45:dd:cc:54:f5:
ec:a0:98:9b
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzGSc6EC9DKTrCJTYRrm1QgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzNjNDU2NTc0M2FlNTdiZDJhZWE5YTM2M2MyYjNjM2Uy
NTBmNzIwHhcNMjQwMTAxMTgyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWUzNjI1MWNhZGRiMmQ3OTRkMDljYmZlNjM1Yzk4MTY5N2MwNDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxukzS/VEvv656WftbJOrFcnxGXsY
BU1PdVWUqALxGty3wbdoOM8tLypm4MIgjVhLitL6BRofunDWm1QKNye8KCexN+xN
CAASRtPJPLYMyyGV+ALDosD4kpa9f4DY7v8oU4ndOik6DbjK63F6jVTbOU7vJKqA
xT6hbNIGyJDqp5487kp2VsmnU7YV8dNJ3od7ZSC7u0Z1PmSYWApbnGxLdaQG04tm
CxZK/alDnBiY1QN7TpvatBYw+qlQDVKnZImYYAGLohxVK09wi624thZDR8xAs+wX
DNU2qKcHkqyJQg3BnEYFQl0Ap23q7IynFJU+4wTaEYMXcq1J6aYJhwCXjQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFEnjYlHK3bLXlNCcv+Y1yYFpfAQLMB8GA1UdIwQY
MBaAFDbDxFZXQ65XvSrqmjY8Kzw+JQ9yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNQRVZsZERybGU5S3VxYU5qd3JQRDRsRDNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8wMTYxNTYtMDkzZS00MDViLTliMmQt
YTU3NDlkMjM0NmU3LzEvU2VOaVVjcmRzdGVVMEp5XzVqWEpnV2w4QkFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8wMTYxNTYtMDkzZS00MDViLTliMmQtYTU3NDlkMjM0NmU3
LzEvTnNQRVZsZERybGU5S3VxYU5qd3JQRDRsRDNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQALVt4AwQA
LV/TAwQAW9pNAwQAhv/yAwQAuTUhAwQCuefkAwQAueplAwQBuf0+MA0EAgACMAcD
BQMqE1CAMA0GCSqGSIb3DQEBCwUAA4IBAQA0OrmbrtQ7c0Ysu4Q79b0+WPvYbctd
gCpnJdCpr9vPq+0bBBMbaU9brW13bOFNwlcscVj4BEzgKz8SSmw5E25hNmlpvfbq
sxiVoF8C1fATVQuFjxwCQ7r2VKC59sUtLjtIvN3QcaAAiE+EWEzgIMLEAkngVk3y
UVj/2ERUndwHz172FgrsddkK3kMSrlopKRq5JSQSszKxUvELE2aBLdMLOabooRVc
89/DDxpAm+A6Vo029GxqmtBPYhizryCjzr3fxYyYlGz1bnfGpQkNYJt7v+M/8lqV
fuhY0QbgQBPMfkr1jrj0ReiSYMkBindYQg2UNWjYXF+2Rd3MVPXsoJib
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:25 2024 by rpki-client on console-fra.rpki-client.org