Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/74AYvUaJhYIqjwTc43D4nifIqgs.roa
File: 74AYvUaJhYIqjwTc43D4nifIqgs.roa (raw, json)
Hash identifier: neg2YPtEAX2JQNvopMqONt19JovZGPw4u0Ww/13Z1nk=
Subject key identifier: EF:80:18:BD:46:89:85:82:2A:8F:04:DC:E3:70:F8:9E:27:C8:AA:0B
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018612F5E5112D77EB3A73D14468CD5A6FA7
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/74AYvUaJhYIqjwTc43D4nifIqgs.roa
Signing time: Thu 02 Feb 2023 16:29:10 +0000
ROA not before: Thu 02 Feb 2023 16:29:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17447
IP address blocks: 213.232.92.0/24 maxlen: 24
89.34.126.0/24 maxlen: 24
94.176.111.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
185.238.8.0/24 maxlen: 24
185.238.11.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:12:f5:e5:11:2d:77:eb:3a:73:d1:44:68:cd:5a:6f:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 2 16:29:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef8018bd468985822a8f04dce370f89e27c8aa0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:0c:0f:e5:35:df:f6:78:29:bf:4d:27:a6:ad:
b5:e8:c2:47:84:17:d4:60:2e:8d:75:15:6e:04:bb:
7f:b8:50:2e:5c:c3:ef:fb:82:c0:b6:32:9b:8d:4e:
4e:d8:25:cc:49:fd:b4:81:8f:36:c8:88:ae:85:1a:
ff:cb:5b:12:80:d7:08:eb:55:84:97:fc:1c:eb:bb:
4b:65:a0:98:f7:dc:c0:2c:86:bd:10:4f:e9:00:7f:
a0:0e:6d:41:02:a7:e9:ec:5b:e9:66:5e:25:f3:8b:
8a:24:60:f7:9f:13:95:3d:e7:39:a3:57:e1:fb:4b:
c7:3b:e7:cf:36:d3:97:78:9f:4a:6d:90:c2:a7:f8:
a2:0f:7f:b7:e3:49:dc:b8:87:a3:ff:36:6d:48:22:
75:90:d2:f9:e3:cb:71:51:1d:e7:7d:74:96:9a:9e:
1b:5b:0d:c6:5d:fa:4e:2c:5f:cd:78:02:67:12:ec:
58:fb:09:11:8c:b8:c0:bd:e8:72:94:04:bd:7a:3b:
4c:30:47:19:46:c2:06:e1:48:31:31:fe:10:01:df:
b2:3d:15:71:59:17:13:70:6a:0f:35:89:a9:42:26:
cc:4e:60:04:6e:21:c3:7c:5d:0d:c9:a9:3c:1f:b0:
c8:b9:0f:ab:56:43:8f:07:b6:e9:35:1e:38:95:70:
99:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:80:18:BD:46:89:85:82:2A:8F:04:DC:E3:70:F8:9E:27:C8:AA:0B
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/74AYvUaJhYIqjwTc43D4nifIqgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.126.0/24
94.176.111.0/24
185.238.8.0/24
185.238.11.0/24
188.240.224.0/24
213.232.92.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:0a:77:7b:e9:71:69:32:ca:8b:89:ce:19:07:c3:39:a0:b5:
56:f4:e5:dc:d4:92:dd:d6:d8:97:2b:ea:5a:15:95:b7:a6:1f:
b2:b0:9c:35:23:3a:c7:e6:12:98:95:f0:9c:af:b0:c0:c3:aa:
c4:6c:89:07:de:da:53:ef:3c:5e:e8:4d:44:14:18:b7:9c:6d:
a4:eb:c3:54:ea:a8:97:05:15:ae:06:14:22:0a:4a:26:b1:7e:
4c:97:e9:95:72:b0:6a:5f:95:72:ed:af:39:76:c4:72:b4:1a:
4e:a6:b5:4f:ff:e9:1d:c7:96:95:ec:5f:67:84:c4:64:85:70:
f2:7f:ee:ec:9a:63:ae:ef:24:94:16:cf:56:61:fb:9c:b3:66:
ac:c1:70:d6:32:8a:e7:bb:e6:50:5e:7c:45:be:11:1c:af:9c:
f5:a9:8e:7a:c3:c2:50:6e:96:52:15:ef:43:f6:0e:97:3e:47:
24:fa:9f:32:60:f6:4b:2b:be:bf:3c:87:bb:c4:83:22:63:b1:
eb:37:7b:94:fc:55:fd:63:fd:a3:64:3d:5c:cb:61:ee:15:81:
ec:0c:43:de:d7:fc:8f:0a:91:aa:88:70:dd:92:f1:b3:5d:65:
6d:22:8c:3d:3e:da:72:34:a6:ce:22:52:80:e8:26:8e:7d:7f:
d3:2d:52:d7
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYYS9eURLXfrOnPRRGjNWm+nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjAyMTYyOTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjgwMThiZDQ2ODk4NTgyMmE4ZjA0ZGNlMzcwZjg5ZTI3YzhhYTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6QwP5TXf9ngpv00npq216MJHhBfU
YC6NdRVuBLt/uFAuXMPv+4LAtjKbjU5O2CXMSf20gY82yIiuhRr/y1sSgNcI61WE
l/wc67tLZaCY99zALIa9EE/pAH+gDm1BAqfp7FvpZl4l84uKJGD3nxOVPec5o1fh
+0vHO+fPNtOXeJ9KbZDCp/iiD3+340ncuIej/zZtSCJ1kNL548txUR3nfXSWmp4b
Ww3GXfpOLF/NeAJnEuxY+wkRjLjAvehylAS9ejtMMEcZRsIG4UgxMf4QAd+yPRVx
WRcTcGoPNYmpQibMTmAEbiHDfF0Nyak8H7DIuQ+rVkOPB7bpNR44lXCZEQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFO+AGL1GiYWCKo8E3ONw+J4nyKoLMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvNzRBWXZVYUpoWUlxandUYzQzRDRuaWZJcWdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAWSJ+AwQA
XrBvAwQAue4IAwQAue4LAwQAvPDgAwQA1ehcMA0GCSqGSIb3DQEBCwUAA4IBAQBa
Cnd76XFpMsqLic4ZB8M5oLVW9OXc1JLd1tiXK+paFZW3ph+ysJw1IzrH5hKYlfCc
r7DAw6rEbIkH3tpT7zxe6E1EFBi3nG2k68NU6qiXBRWuBhQiCkomsX5Ml+mVcrBq
X5Vy7a85dsRytBpOprVP/+kdx5aV7F9nhMRkhXDyf+7smmOu7ySUFs9WYfucs2as
wXDWMornu+ZQXnxFvhEcr5z1qY56w8JQbpZSFe9D9g6XPkck+p8yYPZLK76/PIe7
xIMiY7HrN3uU/FX9Y/2jZD1cy2HuFYHsDEPe1/yPCpGqiHDdkvGzXWVtIow9Ptpy
NKbOIlKA6CaOfX/TLVLX
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:57 2023 by rpki-client on console-fra.rpki-client.org