Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/4A9OfNoNDdRon_F_dR2dUiustWI.roa
File: 4A9OfNoNDdRon_F_dR2dUiustWI.roa (raw, json)
Hash identifier: 9hhwEDsBbvwHCgGUKaCqXA6zHGZyIbOjxURE4l9DxkM=
Subject key identifier: E0:0F:4E:7C:DA:0D:0D:D4:68:9F:F1:7F:75:1D:9D:52:2B:AC:B5:62
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01860D36FC89D3EF46EAD673A49118F88A84
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/4A9OfNoNDdRon_F_dR2dUiustWI.roa
Signing time: Wed 01 Feb 2023 13:42:32 +0000
ROA not before: Wed 01 Feb 2023 13:42:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 213.232.93.0/24 maxlen: 24
213.232.95.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Feb 2023 16:27:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0d:36:fc:89:d3:ef:46:ea:d6:73:a4:91:18:f8:8a:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 1 13:42:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e00f4e7cda0d0dd4689ff17f751d9d522bacb562
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0f:26:27:41:6a:b0:33:2e:31:95:3e:8c:a7:
c7:38:20:d9:69:82:31:03:f4:3a:92:51:91:ae:f9:
16:14:65:60:0d:29:9a:97:12:8e:4f:75:fc:7f:41:
78:f1:f0:43:57:d2:23:2d:84:b9:7a:5c:cd:c4:b4:
ff:f8:28:79:75:4f:4e:67:e6:50:8d:19:5a:48:21:
14:69:8f:9c:f9:92:8c:71:d8:36:5b:b1:57:37:56:
7e:e3:01:16:73:6a:81:62:3d:84:b4:ea:b6:19:20:
6e:e4:7b:86:c1:66:69:03:ab:e5:b4:f0:b3:a8:b7:
31:64:af:4a:cd:49:76:0a:5b:27:8b:41:f3:d5:a2:
37:d5:c6:9b:14:a7:1b:ab:06:c6:6b:0c:eb:1e:91:
5a:bf:1f:46:48:2e:91:3b:66:6c:23:94:08:4d:8f:
59:4c:c8:f1:e2:0a:70:44:19:a0:a0:64:90:62:6b:
fe:86:e8:69:58:a3:5b:32:1e:86:a1:ff:60:27:09:
dc:8a:ea:e5:f7:30:9c:0d:2e:5c:e3:c4:d1:09:ec:
8d:a2:56:46:9d:5d:68:4b:86:b8:49:0b:8b:ad:ac:
b4:0b:b0:38:fb:0d:d7:ca:59:07:30:07:a1:ec:05:
36:e9:84:5c:b5:50:27:be:dd:ae:13:35:ea:de:21:
c2:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:0F:4E:7C:DA:0D:0D:D4:68:9F:F1:7F:75:1D:9D:52:2B:AC:B5:62
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/4A9OfNoNDdRon_F_dR2dUiustWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.207.0/24
185.238.10.0/24
185.255.168.0/24
213.232.93.0/24
213.232.95.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:89:07:13:3b:89:d4:e5:7d:a4:34:c8:54:17:64:7f:55:12:
ce:ef:84:80:9d:67:a1:7d:98:66:a6:8a:e2:ee:54:bc:f6:08:
e4:8a:71:f9:b0:74:25:fa:c5:f7:64:39:37:c4:da:f8:fc:b4:
70:31:61:c2:fb:ae:71:e0:bc:f9:a5:2d:03:6e:c1:8c:0a:73:
27:71:90:92:9e:d8:70:3a:0e:73:e1:9c:91:64:d5:43:a1:3f:
43:43:84:4e:be:df:5d:55:5a:ff:42:fe:93:8d:9b:34:d2:41:
c7:95:20:b9:18:7a:aa:bb:40:8a:21:9b:f0:1e:fb:1e:43:15:
88:d0:f0:f6:f6:f4:70:ae:d8:20:77:0f:63:27:9c:ee:fe:e8:
6e:1c:4a:a1:59:73:24:a9:47:cb:e8:21:9a:18:f1:f4:b9:fd:
59:de:bf:d2:2b:ef:e6:0e:6c:1b:b7:8e:e4:d5:6d:ea:3c:60:
52:5b:c1:e1:96:95:3c:b6:5e:d8:66:33:4d:db:6a:54:bc:c9:
70:13:52:32:3f:b5:a2:86:a4:c9:30:44:89:8a:4b:51:67:59:
fd:9a:19:66:e5:73:7c:34:5b:53:a8:e6:89:e6:54:02:73:a3:
5d:c9:8c:2b:50:4b:0e:c7:df:8f:07:f3:76:ca:4e:97:bb:33:
61:40:5c:15
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYYNNvyJ0+9G6tZzpJEY+IqEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjAxMTM0MjMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDBmNGU3Y2RhMGQwZGQ0Njg5ZmYxN2Y3NTFkOWQ1MjJiYWNiNTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqw8mJ0FqsDMuMZU+jKfHOCDZaYIx
A/Q6klGRrvkWFGVgDSmalxKOT3X8f0F48fBDV9IjLYS5elzNxLT/+Ch5dU9OZ+ZQ
jRlaSCEUaY+c+ZKMcdg2W7FXN1Z+4wEWc2qBYj2EtOq2GSBu5HuGwWZpA6vltPCz
qLcxZK9KzUl2Clsni0Hz1aI31cabFKcbqwbGawzrHpFavx9GSC6RO2ZsI5QITY9Z
TMjx4gpwRBmgoGSQYmv+huhpWKNbMh6Gof9gJwnciurl9zCcDS5c48TRCeyNolZG
nV1oS4a4SQuLray0C7A4+w3XylkHMAeh7AU26YRctVAnvt2uEzXq3iHCzwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOAPTnzaDQ3UaJ/xf3UdnVIrrLViMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvNEE5T2ZOb05EZFJvbl9GX2RSMmRVaXVzdFdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW7zPAwQA
ue4KAwQAuf+oAwQA1ehdAwQA1ehfMA0GCSqGSIb3DQEBCwUAA4IBAQBeiQcTO4nU
5X2kNMhUF2R/VRLO74SAnWehfZhmpori7lS89gjkinH5sHQl+sX3ZDk3xNr4/LRw
MWHC+65x4Lz5pS0DbsGMCnMncZCSnthwOg5z4ZyRZNVDoT9DQ4ROvt9dVVr/Qv6T
jZs00kHHlSC5GHqqu0CKIZvwHvseQxWI0PD29vRwrtggdw9jJ5zu/uhuHEqhWXMk
qUfL6CGaGPH0uf1Z3r/SK+/mDmwbt47k1W3qPGBSW8HhlpU8tl7YZjNN22pUvMlw
E1IyP7WihqTJMESJiktRZ1n9mhlm5XN8NFtTqOaJ5lQCc6NdyYwrUEsOx9+PB/N2
yk6XuzNhQFwV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:08 2024 by rpki-client on console-ams.rpki-client.org