Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5seAFD_BvZO12k2HsgJZMVOWyJQ.roa
File: 5seAFD_BvZO12k2HsgJZMVOWyJQ.roa (raw, json)
Hash identifier: PlIZCHjcdSKwkAac3xJKzlkOyKcJ/9k42+QbQsHN/AY=
Subject key identifier: E6:C7:80:14:3F:C1:BD:93:B5:DA:4D:87:B2:02:59:31:53:96:C8:94
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01868F03C8F21031E830C88F436BE3C6DB82
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5seAFD_BvZO12k2HsgJZMVOWyJQ.roa
Signing time: Sun 26 Feb 2023 18:37:15 +0000
ROA not before: Sun 26 Feb 2023 18:37:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 93.114.193.0/24 maxlen: 24
188.240.68.0/24 maxlen: 24
185.255.36.0/24 maxlen: 24
185.135.142.0/24 maxlen: 24
188.240.226.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 Mar 2023 08:44:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:8f:03:c8:f2:10:31:e8:30:c8:8f:43:6b:e3:c6:db:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 26 18:37:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6c780143fc1bd93b5da4d87b20259315396c894
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:31:bf:f9:3f:50:15:f0:03:fd:59:1e:9a:88:
15:3c:03:df:d1:d9:3c:e1:21:bc:a9:f2:9a:c5:b1:
59:11:fc:10:28:64:77:b8:1d:81:50:e0:a4:21:92:
2c:92:d2:78:21:55:97:d4:3b:fb:b3:f9:45:76:86:
b1:f9:2b:8c:96:46:e6:01:8a:57:d8:4f:b8:a7:64:
c9:db:a9:a5:ba:fc:b0:f2:ad:44:d4:a6:62:9c:0c:
e7:3f:3d:55:89:2c:51:b5:67:70:5a:ec:d5:3d:71:
7c:94:1d:8b:44:5c:f9:37:28:53:32:82:86:2f:2f:
7e:2e:e5:95:4a:49:63:52:09:cd:95:47:cc:b1:96:
18:bd:67:89:65:0f:36:90:8d:39:14:41:64:3a:94:
ba:05:a4:56:41:88:42:2b:27:73:f6:51:c5:13:01:
ab:92:71:15:3e:97:29:aa:88:80:e8:fd:b9:bb:0d:
38:8c:d3:c1:91:ef:b0:15:a0:c1:1c:6c:7d:83:51:
23:69:41:9d:7f:7c:3e:b0:08:07:c7:72:7b:1d:a4:
5a:9a:f4:ad:9b:c4:f2:aa:a5:53:73:fc:6a:ac:8f:
a1:32:84:a0:0f:57:0d:1b:c7:52:41:32:ca:c1:75:
4c:b3:e4:d1:c2:5f:66:61:a4:44:b9:d1:7f:99:b4:
9d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:C7:80:14:3F:C1:BD:93:B5:DA:4D:87:B2:02:59:31:53:96:C8:94
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5seAFD_BvZO12k2HsgJZMVOWyJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.114.193.0/24
185.135.142.0/24
185.255.36.0/24
188.240.68.0/24
188.240.226.0/23
Signature Algorithm: sha256WithRSAEncryption
20:a7:0d:48:2a:08:37:29:3a:30:09:40:8f:4a:e8:41:e8:dd:
06:b4:84:34:46:89:e0:c8:85:ef:a5:ff:47:81:d7:a5:c6:83:
88:a2:49:31:0f:be:45:2f:32:9f:13:29:8e:fc:3c:ea:d1:c7:
2c:09:6d:47:75:ef:4f:4f:de:e9:ac:43:65:56:64:79:fd:5c:
85:6d:19:2d:4f:12:53:14:e6:6c:00:3a:50:20:58:17:c3:15:
3c:91:e5:7f:4c:08:6f:0c:ce:61:c6:be:96:23:a7:5b:85:d5:
d6:81:89:eb:3d:48:8c:5a:34:74:0f:a3:18:f3:f3:ee:02:c8:
73:9f:a7:6a:4c:8a:b7:2d:fc:8e:5a:fd:60:f6:7b:fa:f5:82:
c1:26:e8:2a:f6:b0:8c:18:78:93:e1:7b:6c:24:d9:0a:11:43:
02:ac:61:c4:12:84:04:fb:e9:b7:10:14:76:1c:dd:b5:a3:6e:
12:da:02:d5:e4:16:d7:45:e0:bd:14:ee:d5:22:31:b3:6f:87:
de:eb:5d:8a:4d:d3:93:aa:b9:da:00:6c:3f:37:46:fa:05:bd:
c9:b4:cb:5b:50:10:d1:66:bf:a2:b9:d5:74:4d:6b:31:76:14:
49:70:85:d1:f3:5c:de:de:ab:f3:2f:e6:f6:02:7d:de:1e:9b:
2f:b1:3f:6e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYaPA8jyEDHoMMiPQ2vjxtuCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjI2MTgzNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmM3ODAxNDNmYzFiZDkzYjVkYTRkODdiMjAyNTkzMTUzOTZjODk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujG/+T9QFfAD/VkemogVPAPf0dk8
4SG8qfKaxbFZEfwQKGR3uB2BUOCkIZIsktJ4IVWX1Dv7s/lFdoax+SuMlkbmAYpX
2E+4p2TJ26mluvyw8q1E1KZinAznPz1ViSxRtWdwWuzVPXF8lB2LRFz5NyhTMoKG
Ly9+LuWVSkljUgnNlUfMsZYYvWeJZQ82kI05FEFkOpS6BaRWQYhCKydz9lHFEwGr
knEVPpcpqoiA6P25uw04jNPBke+wFaDBHGx9g1EjaUGdf3w+sAgHx3J7HaRamvSt
m8TyqqVTc/xqrI+hMoSgD1cNG8dSQTLKwXVMs+TRwl9mYaREudF/mbSdrwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFObHgBQ/wb2TtdpNh7ICWTFTlsiUMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvNXNlQUZEX0J2Wk8xMmsySHNnSlpNVk9XeUpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAXXLBAwQA
uYeOAwQAuf8kAwQAvPBEAwQBvPDiMA0GCSqGSIb3DQEBCwUAA4IBAQAgpw1IKgg3
KTowCUCPSuhB6N0GtIQ0RongyIXvpf9HgdelxoOIokkxD75FLzKfEymO/Dzq0ccs
CW1Hde9PT97prENlVmR5/VyFbRktTxJTFOZsADpQIFgXwxU8keV/TAhvDM5hxr6W
I6dbhdXWgYnrPUiMWjR0D6MY8/PuAshzn6dqTIq3LfyOWv1g9nv69YLBJugq9rCM
GHiT4XtsJNkKEUMCrGHEEoQE++m3EBR2HN21o24S2gLV5BbXReC9FO7VIjGzb4fe
612KTdOTqrnaAGw/N0b6Bb3JtMtbUBDRZr+iudV0TWsxdhRJcIXR81ze3qvzL+b2
An3eHpsvsT9u
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:08 2024 by rpki-client on console-ams.rpki-client.org