Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/ge3y9dOmsi-16vrjO-V432iaunA.roa
File: ge3y9dOmsi-16vrjO-V432iaunA.roa (raw, json)
Hash identifier: SvMVYw/gw40D2FCZbYCejTf2qiGocwXeRJGWUh/AKvo=
Subject key identifier: 81:ED:F2:F5:D3:A6:B2:2F:B5:EA:FA:E3:3B:E5:78:DF:68:9A:BA:70
Certificate issuer: /CN=36c3c4565743ae57bd2aea9a363c2b3c3e250f72
Certificate serial: 0189EFA5A92836184E48377C18873E68BE40
Authority key identifier: 36:C3:C4:56:57:43:AE:57:BD:2A:EA:9A:36:3C:2B:3C:3E:25:0F:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsPEVldDrle9KuqaNjwrPD4lD3I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/ge3y9dOmsi-16vrjO-V432iaunA.roa
Signing time: Sun 13 Aug 2023 16:05:58 +0000
ROA not before: Sun 13 Aug 2023 16:05:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203059
IP address blocks: 45.95.211.0/24 maxlen: 24
185.234.101.0/24 maxlen: 24
185.231.228.0/22 maxlen: 22
134.255.242.0/24 maxlen: 24
45.91.120.0/24 maxlen: 24
91.218.77.0/24 maxlen: 24
185.253.62.0/23 maxlen: 23
2a13:5080::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 27 Dec 2023 11:13:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ef:a5:a9:28:36:18:4e:48:37:7c:18:87:3e:68:be:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c3c4565743ae57bd2aea9a363c2b3c3e250f72
Validity
Not Before: Aug 13 16:05:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81edf2f5d3a6b22fb5eafae33be578df689aba70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:1f:a2:f7:09:02:5b:6d:bc:ac:b3:ff:12:2f:
d4:a2:f1:19:30:65:0b:c7:b1:01:c8:b0:09:30:98:
b0:e3:00:42:6f:57:56:e6:cc:0e:96:a5:64:67:b9:
18:79:7f:b3:15:e8:66:03:0c:b5:3d:bc:b6:b1:36:
70:ff:d3:ec:0b:9d:81:fa:29:ec:e3:76:3a:e3:62:
bd:62:c3:f6:01:19:59:c5:bd:88:b0:94:47:cc:aa:
e0:41:ea:d7:2d:b9:73:9d:bf:ba:2e:1d:1a:ab:fc:
a7:1b:b8:3d:c3:60:cd:4b:f7:94:d6:6d:1b:82:24:
ae:ab:78:2a:39:c1:0e:d6:86:05:00:fd:36:1d:2e:
be:3c:17:e4:b6:01:47:2b:d6:a1:d5:30:75:e4:74:
dc:b5:04:94:8a:b0:b5:94:7a:d9:e4:11:60:39:ac:
31:04:b4:bd:5b:1d:7c:40:38:e6:e5:b4:fd:58:07:
6a:63:dd:df:14:f4:3a:5f:84:c9:7a:1f:ba:dd:1e:
bc:53:c9:ff:8b:45:03:72:4b:36:32:7d:a7:62:2f:
d0:72:e5:be:c7:ca:36:54:bf:54:f1:b9:93:39:fc:
f2:55:33:86:00:1c:58:d7:af:27:a7:42:6e:e6:5c:
97:40:51:c9:d7:d5:f1:88:a6:d4:19:4a:3e:db:a8:
24:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:ED:F2:F5:D3:A6:B2:2F:B5:EA:FA:E3:3B:E5:78:DF:68:9A:BA:70
X509v3 Authority Key Identifier:
keyid:36:C3:C4:56:57:43:AE:57:BD:2A:EA:9A:36:3C:2B:3C:3E:25:0F:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsPEVldDrle9KuqaNjwrPD4lD3I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/ge3y9dOmsi-16vrjO-V432iaunA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/NsPEVldDrle9KuqaNjwrPD4lD3I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.120.0/24
45.95.211.0/24
91.218.77.0/24
134.255.242.0/24
185.231.228.0/22
185.234.101.0/24
185.253.62.0/23
IPv6:
2a13:5080::/29
Signature Algorithm: sha256WithRSAEncryption
50:1f:ca:06:c5:10:a9:d6:0d:d7:a0:18:1f:27:ab:30:18:38:
98:5e:e1:5b:c6:a3:a7:0c:67:bb:32:70:8f:ed:9f:30:14:ca:
c3:06:63:29:30:c7:f7:c3:d0:92:3d:fb:0a:3a:1d:32:02:9a:
8e:a3:65:19:cd:88:68:f4:9e:27:ab:b6:be:f4:1b:a5:03:a5:
ec:de:ce:03:d1:77:f0:b9:93:dc:ee:07:f8:4c:49:8d:13:23:
cd:d6:2c:06:df:71:a3:e3:c3:55:55:0d:03:10:70:cc:ef:e5:
15:c6:e5:b8:85:3c:c0:9c:ea:00:d7:6e:6c:d5:ae:1a:19:83:
f5:7c:78:21:78:5e:ae:bc:f9:9e:2a:e8:c4:5f:91:35:8e:12:
ae:69:fc:12:da:22:66:af:5c:20:5e:d6:48:1d:6f:e4:4e:11:
81:a2:b0:66:35:49:b2:9f:0b:06:0c:d4:54:0f:78:1f:f6:92:
db:80:fd:87:07:39:49:3a:0b:43:66:71:0e:39:44:96:0f:4e:
63:7d:55:f6:8f:88:b1:51:5e:96:3f:a9:35:77:c2:24:38:93:
03:f7:cf:8d:49:8c:11:05:3d:11:72:ad:95:8a:5f:0b:11:7a:
c5:3c:66:8b:93:9d:a6:4f:cb:c0:d7:37:96:c4:1b:82:ee:fa:
ba:34:d1:2c
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYnvpakoNhhOSDd8GIc+aL5AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzNjNDU2NTc0M2FlNTdiZDJhZWE5YTM2M2MyYjNjM2Uy
NTBmNzIwHhcNMjMwODEzMTYwNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWVkZjJmNWQzYTZiMjJmYjVlYWZhZTMzYmU1NzhkZjY4OWFiYTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhh+i9wkCW228rLP/Ei/UovEZMGUL
x7EByLAJMJiw4wBCb1dW5swOlqVkZ7kYeX+zFehmAwy1Pby2sTZw/9PsC52B+ins
43Y642K9YsP2ARlZxb2IsJRHzKrgQerXLblznb+6Lh0aq/ynG7g9w2DNS/eU1m0b
giSuq3gqOcEO1oYFAP02HS6+PBfktgFHK9ah1TB15HTctQSUirC1lHrZ5BFgOawx
BLS9Wx18QDjm5bT9WAdqY93fFPQ6X4TJeh+63R68U8n/i0UDcks2Mn2nYi/QcuW+
x8o2VL9U8bmTOfzyVTOGABxY168np0Ju5lyXQFHJ19XxiKbUGUo+26gklQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFIHt8vXTprIvter64zvleN9omrpwMB8GA1UdIwQY
MBaAFDbDxFZXQ65XvSrqmjY8Kzw+JQ9yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNQRVZsZERybGU5S3VxYU5qd3JQRDRsRDNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8wMTYxNTYtMDkzZS00MDViLTliMmQt
YTU3NDlkMjM0NmU3LzEvZ2UzeTlkT21zaS0xNnZyak8tVjQzMmlhdW5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8wMTYxNTYtMDkzZS00MDViLTliMmQtYTU3NDlkMjM0NmU3
LzEvTnNQRVZsZERybGU5S3VxYU5qd3JQRDRsRDNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQALVt4AwQA
LV/TAwQAW9pNAwQAhv/yAwQCuefkAwQAueplAwQBuf0+MA0EAgACMAcDBQMqE1CA
MA0GCSqGSIb3DQEBCwUAA4IBAQBQH8oGxRCp1g3XoBgfJ6swGDiYXuFbxqOnDGe7
MnCP7Z8wFMrDBmMpMMf3w9CSPfsKOh0yApqOo2UZzYho9J4nq7a+9BulA6Xs3s4D
0XfwuZPc7gf4TEmNEyPN1iwG33Gj48NVVQ0DEHDM7+UVxuW4hTzAnOoA125s1a4a
GYP1fHgheF6uvPmeKujEX5E1jhKuafwS2iJmr1wgXtZIHW/kThGBorBmNUmynwsG
DNRUD3gf9pLbgP2HBzlJOgtDZnEOOUSWD05jfVX2j4ixUV6WP6k1d8IkOJMD98+N
SYwRBT0Rcq2Vil8LEXrFPGaLk52mT8vA1zeWxBuC7vq6NNEs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:49 2024 by rpki-client on console-ams.rpki-client.org