Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/6ccf03-090d-416e-86cf-e9dc3f1cf824/1/CR0JKqhLgDDGkZNOyS7FCtCOMKc.roa
File: CR0JKqhLgDDGkZNOyS7FCtCOMKc.roa (raw, json)
Hash identifier: tTEvdV6B2oCXjol5SwpoSk/B8Vd071yD3KSEQ9+xSUo=
Subject key identifier: 09:1D:09:2A:A8:4B:80:30:C6:91:93:4E:C9:2E:C5:0A:D0:8E:30:A7
Certificate issuer: /CN=eba8db3b54d081c30bf51bdc7b19e4f6480b7f53
Certificate serial: 018CC86F1A58F95AD2A97E86BEE9F4A8B316
Authority key identifier: EB:A8:DB:3B:54:D0:81:C3:0B:F5:1B:DC:7B:19:E4:F6:48:0B:7F:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/66jbO1TQgcML9Rvcexnk9kgLf1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/6ccf03-090d-416e-86cf-e9dc3f1cf824/1/CR0JKqhLgDDGkZNOyS7FCtCOMKc.roa
Signing time: Tue 02 Jan 2024 04:29:33 +0000
ROA not before: Tue 02 Jan 2024 04:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1239
IP address blocks: 185.192.36.0/23 maxlen: 23
185.192.36.0/22 maxlen: 22
185.192.38.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 08 Jan 2024 13:51:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:1a:58:f9:5a:d2:a9:7e:86:be:e9:f4:a8:b3:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eba8db3b54d081c30bf51bdc7b19e4f6480b7f53
Validity
Not Before: Jan 2 04:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=091d092aa84b8030c691934ec92ec50ad08e30a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:10:14:2e:85:e5:c3:68:36:e8:27:c5:cf:71:
a6:e4:f7:45:84:46:b7:fd:ff:22:ad:f3:40:4c:48:
c3:70:10:f6:a6:dd:20:23:66:5d:fa:45:88:4f:6f:
84:ca:b3:3d:c6:0a:28:5a:bf:be:75:3b:44:7e:24:
2c:ed:a4:3c:65:8a:a7:bb:64:4b:1b:1f:1e:87:72:
73:48:20:71:3b:6d:62:67:57:18:2b:77:24:97:97:
a1:1f:b0:26:fe:6c:3d:21:c9:17:51:40:8b:5b:42:
a9:46:f2:b9:97:6f:c2:41:d2:8f:c7:83:b9:ce:7b:
98:6f:58:16:4c:f1:62:ca:b7:15:c3:47:c3:e0:d2:
bb:3b:6a:55:dc:26:9c:86:ae:9a:ce:7a:0a:a9:7b:
b9:ea:36:a4:da:b6:65:00:0b:05:63:83:88:54:9e:
26:f6:6c:b5:4a:42:81:a1:eb:ed:18:14:4d:a0:46:
57:c2:0f:3c:f6:d4:bb:5d:41:60:40:9a:7d:53:78:
a2:0a:3d:f7:59:a1:d4:4b:c1:f4:58:81:20:84:79:
18:7c:b6:41:bc:e5:dd:88:fc:b8:47:a7:df:a0:62:
62:49:d8:f1:3d:0d:03:30:de:be:ed:7b:3e:b0:b0:
e8:e9:d9:be:9f:7b:76:d5:ef:c2:9c:e6:28:7b:f7:
22:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:1D:09:2A:A8:4B:80:30:C6:91:93:4E:C9:2E:C5:0A:D0:8E:30:A7
X509v3 Authority Key Identifier:
keyid:EB:A8:DB:3B:54:D0:81:C3:0B:F5:1B:DC:7B:19:E4:F6:48:0B:7F:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/66jbO1TQgcML9Rvcexnk9kgLf1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/6ccf03-090d-416e-86cf-e9dc3f1cf824/1/CR0JKqhLgDDGkZNOyS7FCtCOMKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/6ccf03-090d-416e-86cf-e9dc3f1cf824/1/66jbO1TQgcML9Rvcexnk9kgLf1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.192.36.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:d5:6d:e6:5d:71:00:bf:4b:72:ef:d2:03:27:96:f1:a4:dd:
c2:aa:97:13:71:ac:0e:96:b5:05:c8:37:87:e4:dc:c5:a9:18:
e4:b2:4b:c5:8a:fe:38:2a:80:13:a2:d2:38:ee:f4:73:07:d0:
1b:b9:14:a7:81:c1:42:37:61:69:63:a9:ba:55:15:8b:43:d3:
5d:b9:22:13:14:fb:75:f0:52:e0:a0:61:8b:e4:89:1c:fc:8f:
f3:12:e3:62:40:1b:be:5e:76:c0:7b:f7:89:ac:9e:4a:08:e8:
8c:08:1f:b9:85:4a:08:60:ef:55:3b:9c:4d:d2:03:36:c8:95:
aa:fd:dd:d3:9c:0b:89:3d:91:70:7d:37:d6:2d:65:20:11:02:
96:3b:79:f3:75:5c:d8:79:aa:ae:22:41:b5:22:a3:be:c6:e8:
6c:33:c4:a0:51:38:ad:db:9f:76:2a:b4:3c:ac:ab:fd:84:b3:
53:fa:69:3f:88:3b:47:c5:ee:6d:4e:e8:1c:ae:f9:81:f1:f5:
97:c6:19:32:9c:75:4d:ad:ec:68:67:08:9e:ed:31:5b:e8:c0:
a6:d6:1b:49:2a:33:72:39:a9:eb:d7:67:f0:1d:28:21:d2:7e:
c0:62:5b:9d:d6:1b:2a:db:62:45:4e:28:3b:aa:19:ca:1b:8d:
ec:cd:d9:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIbxpY+VrSqX6Gvun0qLMWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViYThkYjNiNTRkMDgxYzMwYmY1MWJkYzdiMTllNGY2NDgw
YjdmNTMwHhcNMjQwMTAyMDQyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTFkMDkyYWE4NGI4MDMwYzY5MTkzNGVjOTJlYzUwYWQwOGUzMGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxAULoXlw2g26CfFz3Gm5PdFhEa3
/f8irfNATEjDcBD2pt0gI2Zd+kWIT2+EyrM9xgooWr++dTtEfiQs7aQ8ZYqnu2RL
Gx8eh3JzSCBxO21iZ1cYK3ckl5ehH7Am/mw9IckXUUCLW0KpRvK5l2/CQdKPx4O5
znuYb1gWTPFiyrcVw0fD4NK7O2pV3Cachq6aznoKqXu56jak2rZlAAsFY4OIVJ4m
9my1SkKBoevtGBRNoEZXwg889tS7XUFgQJp9U3iiCj33WaHUS8H0WIEghHkYfLZB
vOXdiPy4R6ffoGJiSdjxPQ0DMN6+7Xs+sLDo6dm+n3t21e/CnOYoe/cihwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAkdCSqoS4AwxpGTTskuxQrQjjCnMB8GA1UdIwQY
MBaAFOuo2ztU0IHDC/Ub3HsZ5PZIC39TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjZqYk8xVFFnY01MOVJ2Y2V4bms5a2dMZjFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi82Y2NmMDMtMDkwZC00MTZlLTg2Y2Yt
ZTlkYzNmMWNmODI0LzEvQ1IwSktxaExnRERHa1pOT3lTN0ZDdENPTUtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi82Y2NmMDMtMDkwZC00MTZlLTg2Y2YtZTlkYzNmMWNmODI0
LzEvNjZqYk8xVFFnY01MOVJ2Y2V4bms5a2dMZjFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucAkMA0G
CSqGSIb3DQEBCwUAA4IBAQCp1W3mXXEAv0ty79IDJ5bxpN3CqpcTcawOlrUFyDeH
5NzFqRjkskvFiv44KoATotI47vRzB9AbuRSngcFCN2FpY6m6VRWLQ9NduSITFPt1
8FLgoGGL5Ikc/I/zEuNiQBu+XnbAe/eJrJ5KCOiMCB+5hUoIYO9VO5xN0gM2yJWq
/d3TnAuJPZFwfTfWLWUgEQKWO3nzdVzYeaquIkG1IqO+xuhsM8SgUTit2592KrQ8
rKv9hLNT+mk/iDtHxe5tTugcrvmB8fWXxhkynHVNrexoZwie7TFb6MCm1htJKjNy
Oanr12fwHSgh0n7AYlud1hsq22JFTig7qhnKG43szdm8
-----END CERTIFICATE-----
Generated at Mon Jan 8 18:32:36 2024 by rpki-client on console-fra.rpki-client.org