Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/3eQ4yseYtgaaeOP3_7xIjMSXl-w.roa
File: 3eQ4yseYtgaaeOP3_7xIjMSXl-w.roa (raw, json)
Hash identifier: Q/MK8QC6SL5L7cOpxPHSRT5phPuZmTXeALNiB6czh/s=
Subject key identifier: DD:E4:38:CA:C7:98:B6:06:9A:78:E3:F7:FF:BC:48:8C:C4:97:97:EC
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187D5EB9FE330EEF6815F1F3E3856534CEF
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/3eQ4yseYtgaaeOP3_7xIjMSXl-w.roa
Signing time: Mon 01 May 2023 06:06:41 +0000
ROA not before: Mon 01 May 2023 06:06:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138687
IP address blocks: 188.212.133.0/24 maxlen: 24
185.255.171.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 May 2023 18:52:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:d5:eb:9f:e3:30:ee:f6:81:5f:1f:3e:38:56:53:4c:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 1 06:06:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dde438cac798b6069a78e3f7ffbc488cc49797ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:bf:c4:10:9f:d1:c6:b0:3f:7a:37:5e:ff:dc:
d2:0b:9d:13:de:ba:72:da:09:e8:55:0f:6b:41:e8:
a9:c7:64:e8:0e:cc:3f:2d:c6:1c:8f:7c:a7:17:74:
78:19:39:db:8c:f2:79:4f:c8:36:e5:e5:f6:16:4b:
10:48:a6:47:6a:f6:c0:cf:8e:b7:1c:18:ca:24:fb:
1c:3f:3c:44:87:f3:13:36:21:92:54:23:4a:ad:b1:
eb:17:65:a8:5e:91:b7:63:8c:15:48:29:a5:01:b4:
f2:3e:de:fd:b1:f7:da:5e:ae:09:0d:6f:62:3e:d4:
9e:46:4e:7b:29:59:da:ae:6a:f8:8e:03:cd:d7:4c:
00:5e:d8:db:4f:1a:7e:2b:a9:32:7f:d8:33:0f:da:
c7:ed:6d:aa:b7:48:3a:b3:5c:e9:e5:fb:ec:3c:47:
e9:26:1c:ea:65:f2:46:04:38:a5:7a:e7:9c:39:e0:
0b:41:ee:58:4f:73:59:62:8b:3a:a4:07:95:cf:e1:
99:52:5e:0f:3e:2f:ba:5d:79:6f:9a:3e:0f:0a:e0:
ac:6c:e2:5e:84:d3:67:d0:61:c5:a3:09:55:12:89:
9e:68:a8:93:ae:18:1c:ef:95:83:b4:08:a4:3e:a5:
ed:36:d7:3d:ff:7b:3a:ab:82:bc:ea:b5:31:8c:39:
b3:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:E4:38:CA:C7:98:B6:06:9A:78:E3:F7:FF:BC:48:8C:C4:97:97:EC
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/3eQ4yseYtgaaeOP3_7xIjMSXl-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.171.0/24
188.212.133.0/24
Signature Algorithm: sha256WithRSAEncryption
01:94:d7:01:70:bc:50:ba:c1:9f:53:48:b5:45:80:ee:e6:85:
72:e1:b0:26:36:c4:da:96:c9:54:82:2d:5e:78:64:2e:6f:14:
a7:eb:a4:b4:ec:1a:89:61:77:53:6c:bc:dd:c9:9f:7b:1a:c7:
54:d9:2d:f0:8d:0f:e3:33:94:23:65:10:6b:49:4d:30:54:2e:
91:75:cf:d6:68:b1:de:e8:06:94:a6:03:c0:8d:58:70:f8:8c:
65:3c:48:4e:2c:95:e7:df:91:37:8f:8e:82:2a:bb:67:75:da:
2d:78:b2:b1:84:f4:73:01:e9:79:df:56:e4:51:9a:17:a2:7d:
f0:10:c2:d6:9b:ec:a0:a3:6f:c8:3e:f3:f4:10:b7:f3:13:08:
6a:ed:d1:48:2a:1f:5d:7d:6d:18:c5:0e:a8:3b:ff:6e:57:ff:
7e:2d:fd:4f:80:2f:84:58:ca:5b:99:f6:91:d3:0c:6b:37:bf:
0f:ac:d4:60:76:1e:da:1f:f3:37:4d:79:e7:45:04:38:1f:d0:
57:cc:6b:ef:ea:ca:7b:2b:b8:db:66:72:1f:ca:5f:a2:80:78:
b6:98:6c:44:3b:52:bb:c1:00:7f:31:51:d5:1e:87:b1:bd:87:
13:d6:3f:34:2e:a5:32:0e:aa:67:88:c5:85:1d:85:e1:4c:9e:
f7:20:f3:5d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfV65/jMO72gV8fPjhWU0zvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTAxMDYwNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGU0MzhjYWM3OThiNjA2OWE3OGUzZjdmZmJjNDg4Y2M0OTc5N2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxb/EEJ/RxrA/ejde/9zSC50T3rpy
2gnoVQ9rQeipx2ToDsw/LcYcj3ynF3R4GTnbjPJ5T8g25eX2FksQSKZHavbAz463
HBjKJPscPzxEh/MTNiGSVCNKrbHrF2WoXpG3Y4wVSCmlAbTyPt79sffaXq4JDW9i
PtSeRk57KVnarmr4jgPN10wAXtjbTxp+K6kyf9gzD9rH7W2qt0g6s1zp5fvsPEfp
JhzqZfJGBDileuecOeALQe5YT3NZYos6pAeVz+GZUl4PPi+6XXlvmj4PCuCsbOJe
hNNn0GHFowlVEomeaKiTrhgc75WDtAikPqXtNtc9/3s6q4K86rUxjDmzHwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN3kOMrHmLYGmnjj9/+8SIzEl5fsMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvM2VRNHlzZVl0Z2FhZU9QM183eElqTVNYbC13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuf+rAwQA
vNSFMA0GCSqGSIb3DQEBCwUAA4IBAQABlNcBcLxQusGfU0i1RYDu5oVy4bAmNsTa
lslUgi1eeGQubxSn66S07BqJYXdTbLzdyZ97GsdU2S3wjQ/jM5QjZRBrSU0wVC6R
dc/WaLHe6AaUpgPAjVhw+IxlPEhOLJXn35E3j46CKrtnddoteLKxhPRzAel531bk
UZoXon3wEMLWm+ygo2/IPvP0ELfzEwhq7dFIKh9dfW0YxQ6oO/9uV/9+Lf1PgC+E
WMpbmfaR0wxrN78PrNRgdh7aH/M3TXnnRQQ4H9BXzGvv6sp7K7jbZnIfyl+igHi2
mGxEO1K7wQB/MVHVHoexvYcT1j80LqUyDqpniMWFHYXhTJ73IPNd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org