Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/7dd42b-66ed-4c13-a336-cfe1335f27fb/1/bw0OH3m0Gu_eZi1N5QLpBFMBSFI.roa
File: bw0OH3m0Gu_eZi1N5QLpBFMBSFI.roa (raw, json)
Hash identifier: l/DbxjDp8E7wDi2kSgoK2pi1m8NzT+8BY+e9ciaYS/g=
Subject key identifier: 6F:0D:0E:1F:79:B4:1A:EF:DE:66:2D:4D:E5:02:E9:04:53:01:48:52
Certificate issuer: /CN=dd6daef6664a7529b629f3fd65004915230f1be9
Certificate serial: 018AB29226840609D60EC4BCD0DCED4D0E2C
Authority key identifier: DD:6D:AE:F6:66:4A:75:29:B6:29:F3:FD:65:00:49:15:23:0F:1B:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3W2u9mZKdSm2KfP9ZQBJFSMPG-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/7dd42b-66ed-4c13-a336-cfe1335f27fb/1/bw0OH3m0Gu_eZi1N5QLpBFMBSFI.roa
Signing time: Wed 20 Sep 2023 12:30:37 +0000
ROA not before: Wed 20 Sep 2023 12:30:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197851
IP address blocks: 185.136.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:35:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b2:92:26:84:06:09:d6:0e:c4:bc:d0:dc:ed:4d:0e:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd6daef6664a7529b629f3fd65004915230f1be9
Validity
Not Before: Sep 20 12:30:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f0d0e1f79b41aefde662d4de502e90453014852
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:0c:63:f0:14:b6:15:53:fb:50:fb:96:7b:4e:
48:d0:0a:a1:3d:cd:d4:e8:e5:aa:e3:66:93:f1:ad:
55:87:eb:89:c7:ad:db:db:b9:11:54:8f:e9:1d:97:
ee:d0:4d:f6:16:55:e6:23:1a:85:76:3d:ae:8c:0c:
a7:75:61:98:d7:c3:4f:5d:42:9a:ea:f9:56:fa:11:
eb:d7:a7:58:02:78:e9:0d:f4:fd:b2:18:7a:55:aa:
72:5d:87:0b:78:4d:be:af:0b:ad:58:a5:e3:ba:0d:
df:6e:f6:b9:3f:e9:d0:a3:65:86:de:83:d9:a7:34:
65:18:51:a6:c8:8c:71:94:f3:d4:22:52:71:72:96:
f4:02:5a:ff:2b:71:85:bc:6f:8e:ac:23:d0:4f:4f:
2a:f8:52:41:25:96:a1:78:93:fb:5f:be:cd:d9:55:
d2:7d:cc:20:cc:c6:0d:c5:e6:1f:51:99:64:41:75:
c2:02:31:a7:4d:93:37:6f:1b:30:e7:a7:c5:92:43:
39:36:c8:f4:4f:1a:71:e7:52:44:05:3c:f6:ce:6a:
9b:ab:d2:3b:06:4f:57:17:e4:7e:b1:0e:dd:36:5b:
a4:85:98:82:fd:98:9d:de:45:1e:e8:b9:fc:0b:ac:
36:27:ab:4e:6a:d8:f1:44:8f:e0:4b:cf:91:7e:be:
a3:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:0D:0E:1F:79:B4:1A:EF:DE:66:2D:4D:E5:02:E9:04:53:01:48:52
X509v3 Authority Key Identifier:
keyid:DD:6D:AE:F6:66:4A:75:29:B6:29:F3:FD:65:00:49:15:23:0F:1B:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3W2u9mZKdSm2KfP9ZQBJFSMPG-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/7dd42b-66ed-4c13-a336-cfe1335f27fb/1/bw0OH3m0Gu_eZi1N5QLpBFMBSFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/7dd42b-66ed-4c13-a336-cfe1335f27fb/1/3W2u9mZKdSm2KfP9ZQBJFSMPG-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.87.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:27:b0:69:a2:ef:fb:b7:b9:ea:c0:f2:76:77:28:ff:61:81:
91:c1:bc:3f:9d:76:c9:93:5f:21:67:4e:c7:4e:24:3d:d9:12:
1d:c0:84:ea:9a:ab:da:be:b0:6b:fa:74:8a:5f:d6:4d:a5:3b:
bb:10:bf:2c:f5:7e:52:18:29:e3:60:61:aa:90:79:7f:48:f2:
ee:10:bf:cf:2d:1b:99:1a:5e:e0:df:0d:a1:3b:38:ad:2e:b8:
f2:8e:df:32:28:87:b8:9d:74:5a:15:c4:3b:37:e3:1c:c3:fc:
bc:31:50:16:1c:e3:32:0c:75:f2:12:a2:cc:f0:2c:a4:fd:6e:
f5:c4:02:f1:3b:72:06:89:67:a1:c5:60:ce:ec:1d:42:a7:30:
fa:00:3f:08:14:85:a1:0f:21:30:58:a1:44:ea:89:f7:33:d8:
58:79:a3:50:4f:fa:4e:ab:6c:b0:3f:a9:a2:3d:86:00:88:df:
07:19:8b:56:36:b0:d7:8d:8e:ea:e3:d7:58:d6:45:2c:f7:01:
61:06:56:1b:41:b4:d0:1e:13:1c:74:1a:be:cc:a4:b7:ac:1f:
5a:4a:46:4b:a3:3b:d6:31:f9:23:e1:b3:f4:dc:f2:2e:5f:0b:
a4:0f:c8:fb:8d:85:85:1b:79:0b:af:d1:d2:fb:45:33:53:61:
40:0a:05:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqykiaEBgnWDsS80NztTQ4sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNmRhZWY2NjY0YTc1MjliNjI5ZjNmZDY1MDA0OTE1MjMw
ZjFiZTkwHhcNMjMwOTIwMTIzMDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjBkMGUxZjc5YjQxYWVmZGU2NjJkNGRlNTAyZTkwNDUzMDE0ODUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wxj8BS2FVP7UPuWe05I0AqhPc3U
6OWq42aT8a1Vh+uJx63b27kRVI/pHZfu0E32FlXmIxqFdj2ujAyndWGY18NPXUKa
6vlW+hHr16dYAnjpDfT9shh6VapyXYcLeE2+rwutWKXjug3fbva5P+nQo2WG3oPZ
pzRlGFGmyIxxlPPUIlJxcpb0Alr/K3GFvG+OrCPQT08q+FJBJZaheJP7X77N2VXS
fcwgzMYNxeYfUZlkQXXCAjGnTZM3bxsw56fFkkM5Nsj0Txpx51JEBTz2zmqbq9I7
Bk9XF+R+sQ7dNlukhZiC/Zid3kUe6Ln8C6w2J6tOatjxRI/gS8+Rfr6jCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG8NDh95tBrv3mYtTeUC6QRTAUhSMB8GA1UdIwQY
MBaAFN1trvZmSnUptinz/WUASRUjDxvpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1cydTltWktkU20yS2ZQOVpRQkpGU01QRy1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi83ZGQ0MmItNjZlZC00YzEzLWEzMzYt
Y2ZlMTMzNWYyN2ZiLzEvYncwT0gzbTBHdV9lWmkxTjVRTHBCRk1CU0ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi83ZGQ0MmItNjZlZC00YzEzLWEzMzYtY2ZlMTMzNWYyN2Zi
LzEvM1cydTltWktkU20yS2ZQOVpRQkpGU01QRy1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYhXMA0G
CSqGSIb3DQEBCwUAA4IBAQCwJ7Bpou/7t7nqwPJ2dyj/YYGRwbw/nXbJk18hZ07H
TiQ92RIdwITqmqvavrBr+nSKX9ZNpTu7EL8s9X5SGCnjYGGqkHl/SPLuEL/PLRuZ
Gl7g3w2hOzitLrjyjt8yKIe4nXRaFcQ7N+Mcw/y8MVAWHOMyDHXyEqLM8Cyk/W71
xALxO3IGiWehxWDO7B1CpzD6AD8IFIWhDyEwWKFE6on3M9hYeaNQT/pOq2ywP6mi
PYYAiN8HGYtWNrDXjY7q49dY1kUs9wFhBlYbQbTQHhMcdBq+zKS3rB9aSkZLozvW
Mfkj4bP03PIuXwukD8j7jYWFG3kLr9HS+0UzU2FACgWv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:50 2024 by rpki-client on console-fra.rpki-client.org