Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/kY8mDZoyaAUByB0CXwRdTSaI0PI.roa
File: kY8mDZoyaAUByB0CXwRdTSaI0PI.roa (raw, json)
Hash identifier: RwKwmYo24vVZC20amGMte+Kwg24Zv0kAvOZXtd78sQU=
Subject key identifier: 91:8F:26:0D:9A:32:68:05:01:C8:1D:02:5F:04:5D:4D:26:88:D0:F2
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0187B8CAA7E631C3AA9EE7C93A208033809D
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/kY8mDZoyaAUByB0CXwRdTSaI0PI.roa
Signing time: Tue 25 Apr 2023 14:21:41 +0000
ROA not before: Tue 25 Apr 2023 14:21:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64267
IP address blocks: 188.255.144.0/24 maxlen: 24
109.233.184.0/24 maxlen: 24
178.253.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Jun 2023 10:54:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b8:ca:a7:e6:31:c3:aa:9e:e7:c9:3a:20:80:33:80:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Apr 25 14:21:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=918f260d9a32680501c81d025f045d4d2688d0f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ae:8b:84:53:e0:13:0d:90:a8:13:9e:aa:ed:
bf:da:40:f4:e7:2b:92:b0:a1:be:68:80:06:33:2b:
23:c5:b7:8b:95:c7:11:4c:9f:b7:1d:dc:1c:61:ba:
74:bd:6f:a6:d6:68:ea:59:6d:68:62:82:6c:09:e2:
69:47:00:fb:22:c1:65:ba:82:27:b2:5a:7a:a5:62:
05:29:d7:a2:46:60:a9:ec:95:e1:76:a3:95:35:69:
24:b7:d2:30:74:1d:16:7e:bc:93:80:1b:f2:31:c6:
8c:9b:09:99:cb:59:a2:3a:d3:78:b4:e9:93:91:e1:
3a:3c:1a:f3:08:a4:1c:0e:3e:38:ba:64:ac:77:3b:
31:f5:db:57:84:b2:43:fa:f4:6e:e5:6b:62:3e:91:
53:fc:eb:39:e4:2d:a6:2c:22:a1:56:38:38:cf:3f:
20:35:77:0d:a1:c3:c4:53:96:1b:a2:48:e4:46:16:
3a:4a:0f:ae:96:74:6a:68:8c:12:37:99:7e:96:6c:
7c:5a:0c:8a:d1:ed:df:61:8c:61:ac:33:8c:bf:a7:
7c:4f:e7:42:5a:dc:7c:e9:9b:a5:63:6d:bc:25:f6:
5b:d1:0b:72:84:d2:61:58:95:d4:3f:00:da:74:19:
9b:91:03:0b:77:95:54:7c:b6:22:d9:64:75:7d:00:
00:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:8F:26:0D:9A:32:68:05:01:C8:1D:02:5F:04:5D:4D:26:88:D0:F2
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/kY8mDZoyaAUByB0CXwRdTSaI0PI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.233.184.0/24
178.253.237.0/24
188.255.144.0/24
Signature Algorithm: sha256WithRSAEncryption
97:6a:f7:3e:e1:93:81:0e:11:42:a5:e3:bd:29:f0:53:26:76:
01:7a:0a:ff:bf:f4:d4:64:17:9f:f3:a0:81:db:10:91:71:f5:
e4:82:f0:4b:75:dd:aa:90:95:e1:4b:4b:39:47:b4:89:db:51:
74:07:fb:13:d1:94:ce:5b:9e:44:c8:21:ec:dc:97:9f:d8:1d:
bc:1d:b0:80:2a:7f:56:33:54:63:61:a0:e9:90:54:c9:80:20:
f5:1b:67:fc:5e:e2:e4:7f:2f:d3:cd:23:35:bb:0e:1a:a8:f7:
91:30:e6:6c:b1:32:fb:c0:79:26:37:37:69:c5:41:4a:4f:55:
4b:62:b9:c4:f1:9e:68:08:89:7a:64:5a:11:ce:70:8d:0c:ff:
e7:e1:28:fd:d3:33:1b:5b:c0:43:77:5f:ff:05:90:80:54:b2:
99:6a:ec:e6:eb:9c:d7:c9:e5:93:d5:15:23:42:88:fa:b1:9d:
1f:e4:da:df:42:ca:4d:c3:77:05:5e:c2:e4:f1:ec:12:2a:9f:
75:5c:67:76:68:92:5b:1b:cb:88:ff:6b:ce:54:39:4d:6b:40:
8a:52:ee:3a:54:15:fd:9d:6a:f2:80:e7:39:27:a5:e6:83:3f:
49:70:92:e8:57:f4:78:ef:0c:b5:8f:0d:87:9b:e6:f5:23:ab:
a0:21:1f:f4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYe4yqfmMcOqnufJOiCAM4CdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwNDI1MTQyMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MThmMjYwZDlhMzI2ODA1MDFjODFkMDI1ZjA0NWQ0ZDI2ODhkMGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsK6LhFPgEw2QqBOequ2/2kD05yuS
sKG+aIAGMysjxbeLlccRTJ+3HdwcYbp0vW+m1mjqWW1oYoJsCeJpRwD7IsFluoIn
slp6pWIFKdeiRmCp7JXhdqOVNWkkt9IwdB0WfryTgBvyMcaMmwmZy1miOtN4tOmT
keE6PBrzCKQcDj44umSsdzsx9dtXhLJD+vRu5WtiPpFT/Os55C2mLCKhVjg4zz8g
NXcNocPEU5YbokjkRhY6Sg+ulnRqaIwSN5l+lmx8WgyK0e3fYYxhrDOMv6d8T+dC
Wtx86ZulY228JfZb0QtyhNJhWJXUPwDadBmbkQMLd5VUfLYi2WR1fQAAlwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJGPJg2aMmgFAcgdAl8EXU0miNDyMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEva1k4bURab3lhQVVCeUIwQ1h3UmRUU2FJMFBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbem4AwQA
sv3tAwQAvP+QMA0GCSqGSIb3DQEBCwUAA4IBAQCXavc+4ZOBDhFCpeO9KfBTJnYB
egr/v/TUZBef86CB2xCRcfXkgvBLdd2qkJXhS0s5R7SJ21F0B/sT0ZTOW55EyCHs
3Jef2B28HbCAKn9WM1RjYaDpkFTJgCD1G2f8XuLkfy/TzSM1uw4aqPeRMOZssTL7
wHkmNzdpxUFKT1VLYrnE8Z5oCIl6ZFoRznCNDP/n4Sj90zMbW8BDd1//BZCAVLKZ
auzm65zXyeWT1RUjQoj6sZ0f5NrfQspNw3cFXsLk8ewSKp91XGd2aJJbG8uI/2vO
VDlNa0CKUu46VBX9nWrygOc5J6Xmgz9JcJLoV/R47wy1jw2Hm+b1I6ugIR/0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:26 2024 by rpki-client on console-fra.rpki-client.org