Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/nnCWCV2zO2EoZ353Cjwq-EBNx9U.roa
File: nnCWCV2zO2EoZ353Cjwq-EBNx9U.roa (raw, json)
Hash identifier: AG+pHpVHHD8O/wLSBVg8aa7PklgtcRBm4pEU9OZUdFE=
Subject key identifier: 9E:70:96:09:5D:B3:3B:61:28:67:7E:77:0A:3C:2A:F8:40:4D:C7:D5
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 0185703073F607F71E8B3EF4DB30970EDC17
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/nnCWCV2zO2EoZ353Cjwq-EBNx9U.roa
Signing time: Mon 02 Jan 2023 01:55:01 +0000
ROA not before: Mon 02 Jan 2023 01:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211595
IP address blocks: 195.228.112.0/24 maxlen: 24
195.228.4.0/24 maxlen: 24
84.1.236.0/24 maxlen: 24
195.228.15.0/24 maxlen: 24
195.228.31.0/24 maxlen: 24
84.2.54.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:73:f6:07:f7:1e:8b:3e:f4:db:30:97:0e:dc:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 2 01:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e7096095db33b6128677e770a3c2af8404dc7d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:59:22:06:1e:b9:e0:53:e8:1e:e7:11:49:b7:
ab:d4:3d:2f:de:d7:0f:c9:33:9b:70:e2:33:b0:fe:
31:d2:5a:3e:88:57:79:54:2b:b7:76:71:8d:14:6b:
55:e4:b8:f3:fe:03:46:37:6d:d8:75:8b:1c:fc:39:
d6:59:89:2c:38:dc:cb:3c:de:2b:a9:1a:40:a6:1b:
6d:fb:72:13:38:b8:02:c5:b5:54:13:86:a4:a8:54:
bc:ed:8d:4b:f9:9e:4b:a4:ad:80:3b:f3:41:bb:8f:
22:cd:79:e5:8f:25:53:d7:ff:8d:74:8a:5f:d0:62:
e5:87:4f:12:26:e3:56:a1:17:9a:14:68:2a:fa:55:
99:74:aa:f0:e3:25:12:d4:75:80:ea:16:73:32:0a:
54:b2:52:cd:67:07:2e:35:03:ca:df:29:26:a5:32:
33:0c:46:fe:36:c7:ad:55:a6:39:e4:ec:c8:d8:2f:
e7:fc:de:c6:57:e1:c8:5e:79:06:ff:b2:d6:44:ad:
09:36:09:65:f9:6a:e9:2f:94:e6:45:fc:46:d0:f1:
08:ed:a4:87:76:ed:3f:be:c9:51:0e:c4:5c:96:ca:
03:b7:fd:76:5e:c0:66:8f:c9:2a:2d:69:28:75:b6:
65:7a:28:d4:38:1f:c3:c2:8b:16:5c:4c:84:6e:42:
d1:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:70:96:09:5D:B3:3B:61:28:67:7E:77:0A:3C:2A:F8:40:4D:C7:D5
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/nnCWCV2zO2EoZ353Cjwq-EBNx9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.1.236.0/24
84.2.54.0/24
195.228.4.0/24
195.228.15.0/24
195.228.31.0/24
195.228.112.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:d1:59:77:aa:8a:30:7b:b3:17:39:65:dc:8f:dc:de:73:c2:
ec:c4:23:86:f2:c2:4c:4b:64:d2:42:b8:fa:53:a3:92:ea:61:
b3:7c:80:64:86:16:35:7d:06:25:44:e6:77:3a:29:07:4c:b2:
20:eb:39:a9:4b:d7:48:f6:6d:3b:71:cf:39:f2:43:26:4e:bd:
be:89:d7:bd:17:64:36:bb:c7:94:58:37:4e:de:f8:19:b9:59:
8e:98:e5:79:a6:7b:80:4f:2b:24:5a:1e:b8:b5:65:7f:26:c7:
4f:52:72:80:e7:0a:99:e5:58:5e:e1:0c:8a:5e:33:06:41:3a:
6e:96:1d:4c:04:6c:37:cc:1d:90:3e:64:1c:45:4b:79:28:71:
de:37:83:92:00:05:da:4b:86:be:df:72:f4:23:b2:72:08:4c:
58:fe:c9:ae:86:53:32:72:08:01:38:99:8a:d4:96:53:07:f8:
96:d7:04:10:dc:bd:01:9d:86:90:f3:54:f8:09:0a:ab:15:a2:
ae:97:bd:34:4c:d7:71:70:cc:c9:e6:2b:95:a8:55:88:35:00:
83:54:9b:44:e9:6a:0a:67:1b:3a:da:57:8d:ed:9e:fd:11:f0:
e3:ea:88:14:b9:52:44:0b:0e:9f:f6:9a:91:f2:77:a9:4f:71:
8a:a0:ed:b3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVwMHP2B/ceiz702zCXDtwXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjMwMTAyMDE1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTcwOTYwOTVkYjMzYjYxMjg2NzdlNzcwYTNjMmFmODQwNGRjN2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1kiBh654FPoHucRSber1D0v3tcP
yTObcOIzsP4x0lo+iFd5VCu3dnGNFGtV5Ljz/gNGN23YdYsc/DnWWYksONzLPN4r
qRpAphtt+3ITOLgCxbVUE4akqFS87Y1L+Z5LpK2AO/NBu48izXnljyVT1/+NdIpf
0GLlh08SJuNWoReaFGgq+lWZdKrw4yUS1HWA6hZzMgpUslLNZwcuNQPK3ykmpTIz
DEb+NsetVaY55OzI2C/n/N7GV+HIXnkG/7LWRK0JNgll+WrpL5TmRfxG0PEI7aSH
du0/vslRDsRclsoDt/12XsBmj8kqLWkodbZleijUOB/DwosWXEyEbkLRWQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJ5wlgldszthKGd+dwo8KvhATcfVMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvbm5DV0NWMnpPMkVvWjM1M0Nqd3EtRUJOeDlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVAHsAwQA
VAI2AwQAw+QEAwQAw+QPAwQAw+QfAwQAw+RwMA0GCSqGSIb3DQEBCwUAA4IBAQCL
0Vl3qoowe7MXOWXcj9zec8LsxCOG8sJMS2TSQrj6U6OS6mGzfIBkhhY1fQYlROZ3
OikHTLIg6zmpS9dI9m07cc858kMmTr2+ide9F2Q2u8eUWDdO3vgZuVmOmOV5pnuA
TyskWh64tWV/JsdPUnKA5wqZ5Vhe4QyKXjMGQTpulh1MBGw3zB2QPmQcRUt5KHHe
N4OSAAXaS4a+33L0I7JyCExY/smuhlMycggBOJmK1JZTB/iW1wQQ3L0BnYaQ81T4
CQqrFaKul700TNdxcMzJ5iuVqFWINQCDVJtE6WoKZxs62leN7Z79EfDj6ogUuVJE
Cw6f9pqR8nepT3GKoO2z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:47 2024 by rpki-client on console-fra.rpki-client.org