Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/3Oqd4ECphsIOI-FB17WW_STgP2I.roa
File: 3Oqd4ECphsIOI-FB17WW_STgP2I.roa (raw, json)
Hash identifier: YWXHs/HyjDdQzUcGY1UTWy5KJzIrLCZgjENOzGX4rvc=
Subject key identifier: DC:EA:9D:E0:40:A9:86:C2:0E:23:E1:41:D7:B5:96:FD:24:E0:3F:62
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187512B734EFEF49CCC5944AE3C2BC6164E
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/3Oqd4ECphsIOI-FB17WW_STgP2I.roa
Signing time: Wed 05 Apr 2023 11:26:54 +0000
ROA not before: Wed 05 Apr 2023 11:26:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 78.142.242.0/24 maxlen: 24
188.214.27.0/24 maxlen: 24
78.142.243.0/24 maxlen: 24
185.9.55.0/24 maxlen: 24
194.4.157.0/24 maxlen: 24
103.205.27.0/24 maxlen: 24
185.103.75.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:51:2b:73:4e:fe:f4:9c:cc:59:44:ae:3c:2b:c6:16:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 5 11:26:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcea9de040a986c20e23e141d7b596fd24e03f62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2b:93:28:be:17:62:a6:c9:c5:4f:2e:61:ab:
fb:10:e5:21:f4:6a:3d:1e:98:fe:c9:9a:57:af:a6:
6f:86:35:04:37:b0:ba:93:01:0b:a5:8a:40:be:bb:
18:96:03:a8:5c:77:e5:af:3b:43:a9:81:cf:16:2d:
eb:d2:96:87:d4:c7:92:93:d8:33:be:16:29:f9:00:
f7:c7:37:f6:34:d2:5f:a7:ca:db:97:92:a1:0e:61:
3f:3b:1f:14:a9:6e:a2:cf:f7:83:33:75:fe:e2:dd:
4c:1c:47:0f:ca:41:22:3a:61:88:7c:9e:b7:b7:b3:
16:0f:5d:b2:0e:ae:9d:90:d2:1b:d8:8e:32:0e:5f:
60:62:af:8a:68:98:0f:55:18:69:1e:4f:69:2c:ac:
f2:60:97:72:60:01:24:3d:66:34:04:36:91:19:bb:
da:a0:4d:ec:c0:5d:95:16:aa:fc:3c:bc:c4:c0:53:
60:5f:50:7c:aa:33:76:40:68:1f:84:82:f8:e1:da:
49:49:87:90:68:81:ee:cf:db:64:df:03:1f:d0:d6:
8d:23:49:27:3c:0d:f6:00:42:ff:6a:3e:61:d2:ca:
d7:4c:09:d9:d4:80:1b:46:88:8a:d5:be:24:cf:12:
7c:bb:2d:1f:3a:99:95:50:a1:85:12:50:db:04:a6:
d4:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:EA:9D:E0:40:A9:86:C2:0E:23:E1:41:D7:B5:96:FD:24:E0:3F:62
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/3Oqd4ECphsIOI-FB17WW_STgP2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.242.0/23
103.205.27.0/24
185.9.55.0/24
185.103.75.0/24
188.214.27.0/24
194.4.157.0/24
Signature Algorithm: sha256WithRSAEncryption
53:cb:b2:68:51:f8:cb:d7:4c:aa:2d:37:61:5e:0a:35:a2:38:
9c:e9:e4:02:f6:fa:e2:46:8e:ec:10:60:67:97:dc:7b:4a:6d:
ee:06:38:4a:e8:b1:3d:0a:dc:09:4c:9e:5d:c2:0c:4a:19:f8:
87:31:33:d6:a9:13:e1:a7:16:62:01:7d:dc:ee:39:01:6e:7b:
87:97:a1:c8:91:32:35:93:19:33:8a:42:58:8f:b9:c9:28:20:
2a:10:aa:60:bc:8e:2d:b2:79:af:74:7b:5c:d2:06:83:bb:67:
67:bf:37:4d:7e:60:3e:24:a1:85:08:f5:de:b9:64:45:6d:6d:
4d:cd:b7:24:13:59:49:a8:40:b9:aa:a2:3e:2c:03:4f:02:ff:
a1:f4:06:4d:41:e1:e6:40:c5:66:3f:08:43:75:c0:81:ca:49:
0d:18:ad:9b:78:4c:c0:21:92:74:7e:10:79:d4:46:95:18:fe:
cf:79:f5:36:ee:8a:6d:ad:95:02:93:59:0b:86:18:71:92:53:
82:be:fb:86:74:56:d4:84:45:bd:8f:b3:d0:30:f4:c7:f5:9f:
79:a4:97:04:35:55:9b:72:af:d6:87:d7:78:fd:32:2c:83:24:
fa:91:05:b1:0c:8e:d4:ca:28:8e:ad:66:55:b5:5a:d5:59:ce:
08:0f:c8:5a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYdRK3NO/vSczFlErjwrxhZOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDA1MTEyNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2VhOWRlMDQwYTk4NmMyMGUyM2UxNDFkN2I1OTZmZDI0ZTAzZjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCuTKL4XYqbJxU8uYav7EOUh9Go9
Hpj+yZpXr6ZvhjUEN7C6kwELpYpAvrsYlgOoXHflrztDqYHPFi3r0paH1MeSk9gz
vhYp+QD3xzf2NNJfp8rbl5KhDmE/Ox8UqW6iz/eDM3X+4t1MHEcPykEiOmGIfJ63
t7MWD12yDq6dkNIb2I4yDl9gYq+KaJgPVRhpHk9pLKzyYJdyYAEkPWY0BDaRGbva
oE3swF2VFqr8PLzEwFNgX1B8qjN2QGgfhIL44dpJSYeQaIHuz9tk3wMf0NaNI0kn
PA32AEL/aj5h0srXTAnZ1IAbRoiK1b4kzxJ8uy0fOpmVUKGFElDbBKbULwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNzqneBAqYbCDiPhQde1lv0k4D9iMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvM09xZDRFQ3Boc0lPSS1GQjE3V1dfU1RnUDJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBTo7yAwQA
Z80bAwQAuQk3AwQAuWdLAwQAvNYbAwQAwgSdMA0GCSqGSIb3DQEBCwUAA4IBAQBT
y7JoUfjL10yqLTdhXgo1ojic6eQC9vriRo7sEGBnl9x7Sm3uBjhK6LE9CtwJTJ5d
wgxKGfiHMTPWqRPhpxZiAX3c7jkBbnuHl6HIkTI1kxkzikJYj7nJKCAqEKpgvI4t
snmvdHtc0gaDu2dnvzdNfmA+JKGFCPXeuWRFbW1NzbckE1lJqEC5qqI+LANPAv+h
9AZNQeHmQMVmPwhDdcCBykkNGK2beEzAIZJ0fhB51EaVGP7PefU27optrZUCk1kL
hhhxklOCvvuGdFbUhEW9j7PQMPTH9Z95pJcENVWbcq/Wh9d4/TIsgyT6kQWxDI7U
yiiOrWZVtVrVWc4ID8ha
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:53 2023 by rpki-client on console-ams.rpki-client.org