Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/2remjOSM5c89B9Yox13Qr4g0dnA.roa
File: 2remjOSM5c89B9Yox13Qr4g0dnA.roa (raw, json)
Hash identifier: XlOLYgZ8Qm4/dCCoP2Nkd9EHOFdo9xkhXPZQAu62oy8=
Subject key identifier: DA:B7:A6:8C:E4:8C:E5:CF:3D:07:D6:28:C7:5D:D0:AF:88:34:76:70
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 01871A9DE1771D24C8550840B3A97F1B084E
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/2remjOSM5c89B9Yox13Qr4g0dnA.roa
Signing time: Sat 25 Mar 2023 21:12:47 +0000
ROA not before: Sat 25 Mar 2023 21:12:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3356
IP address blocks: 193.142.36.0/22 maxlen: 24
194.180.232.0/23 maxlen: 24
91.132.124.0/23 maxlen: 24
212.87.218.0/23 maxlen: 24
212.87.216.0/24 maxlen: 24
194.180.236.0/23 maxlen: 24
93.177.94.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:1a:9d:e1:77:1d:24:c8:55:08:40:b3:a9:7f:1b:08:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Mar 25 21:12:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dab7a68ce48ce5cf3d07d628c75dd0af88347670
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:6b:2a:bb:26:7b:c8:15:5e:2a:6f:c2:b2:5f:
1c:08:e4:9a:28:9b:17:e4:4f:86:b9:88:69:2f:95:
69:d6:f5:25:f0:8d:b2:11:08:cf:7b:53:1e:66:af:
70:6e:bf:db:3b:46:16:f6:40:db:54:ae:ab:6e:ef:
e5:83:fc:bf:99:59:c7:c6:da:d9:c9:67:f8:fc:d4:
35:ac:23:c6:c5:55:16:cc:85:b2:80:ff:81:e2:26:
bc:60:ad:aa:20:aa:21:56:58:4c:86:ce:b1:c0:00:
3f:9b:2d:01:40:cd:be:d2:dc:95:9e:ad:3c:cf:26:
aa:60:45:aa:63:76:6c:22:60:df:e7:42:46:b5:da:
4b:cf:13:3b:56:79:07:e8:b5:e4:7e:0a:06:fc:c8:
a1:50:88:f5:ad:f0:21:7c:32:df:a9:4e:da:b7:13:
45:6b:e1:e0:23:95:ef:99:93:81:a7:2d:c1:2b:92:
b5:88:76:4b:6b:07:e6:0b:eb:3b:17:da:75:a4:10:
31:6e:60:b6:1e:d3:4b:97:66:33:c8:43:45:52:2b:
a9:5c:bc:b0:92:81:b5:a5:77:bd:e1:da:d8:fc:74:
88:d1:f0:f1:26:77:47:21:ff:fb:11:71:82:80:4e:
96:5b:e4:49:63:d5:8b:64:47:51:ce:79:50:6e:1d:
93:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:B7:A6:8C:E4:8C:E5:CF:3D:07:D6:28:C7:5D:D0:AF:88:34:76:70
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/2remjOSM5c89B9Yox13Qr4g0dnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.124.0/23
93.177.94.0/23
193.142.36.0/22
194.180.232.0/23
194.180.236.0/23
212.87.216.0/24
212.87.218.0/23
Signature Algorithm: sha256WithRSAEncryption
30:e5:4c:79:c2:98:55:b0:52:46:89:28:51:e3:94:97:f6:5c:
28:e4:18:94:4e:a8:5b:6d:31:9d:e4:08:74:52:d1:00:33:1d:
02:51:3c:37:6a:eb:27:87:c2:26:01:6b:ea:bb:db:a3:32:dc:
7c:01:15:a8:0b:84:76:60:8f:d5:d9:29:d1:6f:a8:01:bf:9a:
1d:c6:64:e7:b4:d2:63:05:b3:53:46:e4:ca:7b:f2:ee:e8:89:
e8:57:a0:e1:04:0d:2a:90:09:7e:70:ca:11:4b:59:a8:90:ba:
c0:b0:be:89:62:c0:98:2e:d4:22:51:81:f1:c5:5e:e8:c3:8d:
f1:f5:73:86:11:9c:1d:30:f1:8d:7f:8d:c0:48:a2:c7:83:32:
f4:bf:1f:e6:52:0a:13:12:98:f7:f3:f2:cf:13:ed:35:9f:63:
cd:42:f0:46:cd:b4:30:eb:9f:41:63:ff:8c:16:61:16:dd:7a:
33:6f:99:90:fc:9a:85:fb:35:4a:d9:10:55:84:c9:a8:6d:8a:
e7:ee:08:0a:7d:7f:ab:7a:db:15:ba:5f:fc:da:72:e5:e5:a6:
35:84:2b:3f:30:c7:35:b2:8f:a3:2a:24:ac:42:43:b3:b0:1e:
f2:2b:25:9b:74:97:72:bd:b0:6e:de:d5:80:28:24:1a:9c:e8:
10:68:e1:fe
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYcaneF3HSTIVQhAs6l/GwhOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwMzI1MjExMjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWI3YTY4Y2U0OGNlNWNmM2QwN2Q2MjhjNzVkZDBhZjg4MzQ3NjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWsquyZ7yBVeKm/Csl8cCOSaKJsX
5E+GuYhpL5Vp1vUl8I2yEQjPe1MeZq9wbr/bO0YW9kDbVK6rbu/lg/y/mVnHxtrZ
yWf4/NQ1rCPGxVUWzIWygP+B4ia8YK2qIKohVlhMhs6xwAA/my0BQM2+0tyVnq08
zyaqYEWqY3ZsImDf50JGtdpLzxM7VnkH6LXkfgoG/MihUIj1rfAhfDLfqU7atxNF
a+HgI5XvmZOBpy3BK5K1iHZLawfmC+s7F9p1pBAxbmC2HtNLl2YzyENFUiupXLyw
koG1pXe94drY/HSI0fDxJndHIf/7EXGCgE6WW+RJY9WLZEdRznlQbh2TWwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNq3pozkjOXPPQfWKMdd0K+INHZwMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvMnJlbWpPU001Yzg5QjlZb3gxM1FyNGcwZG5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBW4R8AwQB
XbFeAwQCwY4kAwQBwrToAwQBwrTsAwQA1FfYAwQB1FfaMA0GCSqGSIb3DQEBCwUA
A4IBAQAw5Ux5wphVsFJGiShR45SX9lwo5BiUTqhbbTGd5Ah0UtEAMx0CUTw3ausn
h8ImAWvqu9ujMtx8ARWoC4R2YI/V2SnRb6gBv5odxmTntNJjBbNTRuTKe/Lu6Ino
V6DhBA0qkAl+cMoRS1mokLrAsL6JYsCYLtQiUYHxxV7ow43x9XOGEZwdMPGNf43A
SKLHgzL0vx/mUgoTEpj38/LPE+01n2PNQvBGzbQw659BY/+MFmEW3Xozb5mQ/JqF
+zVK2RBVhMmobYrn7ggKfX+retsVul/82nLl5aY1hCs/MMc1so+jKiSsQkOzsB7y
KyWbdJdyvbBu3tWAKCQanOgQaOH+
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:24 2024 by rpki-client on console-fra.rpki-client.org