Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1pLJMD15J8qjPM39ftMBbwB8M5I.roa
File: 1pLJMD15J8qjPM39ftMBbwB8M5I.roa (raw, json)
Hash identifier: t0PjxXEuPA//dm1raHbv54sFEODRqmAXSpyRrpNbJGU=
Subject key identifier: D6:92:C9:30:3D:79:27:CA:A3:3C:CD:FD:7E:D3:01:6F:00:7C:33:92
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018641C61E735E50EE2031746915E3417B62
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1pLJMD15J8qjPM39ftMBbwB8M5I.roa
Signing time: Sat 11 Feb 2023 18:39:08 +0000
ROA not before: Sat 11 Feb 2023 18:39:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203458
IP address blocks: 93.115.254.0/23 maxlen: 24
87.247.148.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
91.188.206.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Feb 2023 11:49:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:41:c6:1e:73:5e:50:ee:20:31:74:69:15:e3:41:7b:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 11 18:39:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d692c9303d7927caa33ccdfd7ed3016f007c3392
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b5:86:e6:3d:99:65:f1:55:6d:e5:04:05:e1:
d2:99:fc:34:ed:15:ed:9e:ba:7a:3b:4a:45:b3:18:
15:2d:a3:29:2b:48:23:c1:cb:5e:9d:37:62:71:65:
2a:e7:f3:5c:98:93:3c:e4:68:3a:65:77:59:b7:3e:
5d:ab:5a:5d:b0:d7:4b:7e:b5:26:46:c6:ec:0b:69:
9b:c3:46:2d:b1:fe:c1:40:c1:21:b1:c0:2d:a4:80:
42:e4:03:20:6a:e5:3e:5c:30:1f:1e:aa:9d:c3:3b:
9d:41:4c:b7:fc:ac:bb:fe:18:a7:94:82:7d:45:92:
99:7f:a8:56:b9:d4:86:a7:d1:9c:e5:28:c4:74:33:
0a:f6:bf:1d:0d:a5:04:3c:17:7a:1d:7f:c1:b3:20:
74:de:33:c4:09:c9:d1:f5:b3:e2:d4:1f:c3:fb:67:
90:8b:d8:55:a8:08:f2:b2:bc:b9:1d:31:99:f9:83:
dd:06:9e:60:58:1e:d6:39:c2:8b:79:de:e3:50:68:
29:0e:55:d9:09:26:47:06:ea:0f:18:28:58:fe:73:
fe:17:b1:fa:bc:4c:da:93:98:30:19:3e:4c:aa:5c:
97:39:7d:19:f3:a0:02:f8:06:8b:ee:9a:d3:b6:a8:
ef:19:ce:8f:5b:9e:fa:9d:6c:f8:4c:76:fe:86:c9:
e7:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:92:C9:30:3D:79:27:CA:A3:3C:CD:FD:7E:D3:01:6F:00:7C:33:92
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1pLJMD15J8qjPM39ftMBbwB8M5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.247.148.0/24
91.188.206.0/24
93.115.254.0/23
185.255.170.0/23
Signature Algorithm: sha256WithRSAEncryption
75:96:ba:4b:a4:65:d6:56:91:68:e7:e7:2b:9d:ed:ec:00:35:
c7:1a:ff:e5:48:2c:ab:ec:fa:28:9e:9b:26:4d:1b:ed:5e:ed:
8c:bb:7b:cb:fa:dd:53:82:c8:3e:20:24:e3:44:f5:7f:9e:11:
2c:8c:74:ad:71:b6:d4:b1:28:92:c1:dc:4f:51:a5:82:a2:a6:
d8:91:d4:da:f1:11:55:9e:10:5e:bc:73:6f:49:ab:9c:aa:1a:
59:1a:ef:27:1c:f8:55:de:1d:d6:0b:f0:4f:09:17:fa:65:d3:
cf:31:f7:86:b8:32:d9:10:e2:e3:e0:18:aa:78:e1:2d:b2:5e:
d2:bd:67:c2:af:25:0b:cc:8c:3c:31:c5:ce:a4:47:40:b9:79:
4a:63:e9:7f:cd:64:98:e2:fd:88:35:1e:1d:e8:d2:55:9b:17:
74:58:47:9c:2c:c3:cf:70:45:dc:92:ad:a1:50:a3:0c:74:f3:
dc:39:cb:c5:59:b8:04:81:09:c6:d4:d3:0e:28:2e:ec:64:c9:
41:2f:67:d7:28:2a:1b:f2:f3:62:b3:fe:4c:e0:99:7c:29:77:
7f:6d:03:39:04:0c:f4:1e:fb:e2:52:0f:d6:1a:ad:ca:5f:a9:
07:c8:4f:38:06:4b:0e:81:45:02:d7:cd:88:57:9c:77:ba:0c:
b8:43:94:2c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYZBxh5zXlDuIDF0aRXjQXtiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjExMTgzOTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjkyYzkzMDNkNzkyN2NhYTMzY2NkZmQ3ZWQzMDE2ZjAwN2MzMzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLWG5j2ZZfFVbeUEBeHSmfw07RXt
nrp6O0pFsxgVLaMpK0gjwctenTdicWUq5/NcmJM85Gg6ZXdZtz5dq1pdsNdLfrUm
RsbsC2mbw0Ytsf7BQMEhscAtpIBC5AMgauU+XDAfHqqdwzudQUy3/Ky7/hinlIJ9
RZKZf6hWudSGp9Gc5SjEdDMK9r8dDaUEPBd6HX/BsyB03jPECcnR9bPi1B/D+2eQ
i9hVqAjysry5HTGZ+YPdBp5gWB7WOcKLed7jUGgpDlXZCSZHBuoPGChY/nP+F7H6
vEzak5gwGT5MqlyXOX0Z86AC+AaL7prTtqjvGc6PW576nWz4THb+hsnnlQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNaSyTA9eSfKozzN/X7TAW8AfDOSMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMXBMSk1EMTVKOHFqUE0zOWZ0TUJid0I4TTVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAV/eUAwQA
W7zOAwQBXXP+AwQBuf+qMA0GCSqGSIb3DQEBCwUAA4IBAQB1lrpLpGXWVpFo5+cr
ne3sADXHGv/lSCyr7PoonpsmTRvtXu2Mu3vL+t1Tgsg+ICTjRPV/nhEsjHStcbbU
sSiSwdxPUaWCoqbYkdTa8RFVnhBevHNvSaucqhpZGu8nHPhV3h3WC/BPCRf6ZdPP
MfeGuDLZEOLj4BiqeOEtsl7SvWfCryULzIw8McXOpEdAuXlKY+l/zWSY4v2INR4d
6NJVmxd0WEecLMPPcEXckq2hUKMMdPPcOcvFWbgEgQnG1NMOKC7sZMlBL2fXKCob
8vNis/5M4Jl8KXd/bQM5BAz0HvviUg/WGq3KX6kHyE84BksOgUUC182IV5x3ugy4
Q5Qs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org