Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/8JjqFyJc8IECqhJ45fKNpfN2k7M.roa
File: 8JjqFyJc8IECqhJ45fKNpfN2k7M.roa (raw, json)
Hash identifier: 35zviTuIMWoK+4KbdI1uImyLrTI4shKVSCWjHVOwxd8=
Subject key identifier: F0:98:EA:17:22:5C:F0:81:02:AA:12:78:E5:F2:8D:A5:F3:76:93:B3
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0186029CAF532A356856F171CC5DF68AD0AA
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/8JjqFyJc8IECqhJ45fKNpfN2k7M.roa
Signing time: Mon 30 Jan 2023 12:17:48 +0000
ROA not before: Mon 30 Jan 2023 12:17:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38337
IP address blocks: 193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.94.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.255.37.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:02:9c:af:53:2a:35:68:56:f1:71:cc:5d:f6:8a:d0:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 30 12:17:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f098ea17225cf08102aa1278e5f28da5f37693b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c4:f8:83:6a:33:c6:2c:21:78:2c:ec:d6:01:
73:6e:af:c2:37:bd:21:ae:17:96:9e:37:6b:23:d5:
3e:4a:f5:46:9d:fb:77:7f:7e:62:1c:5d:f9:c0:6e:
d2:6f:6a:fb:30:06:7c:53:9e:a7:f9:c3:86:cb:90:
64:37:7b:11:ff:13:d2:34:b0:80:22:59:8e:64:50:
bd:5e:88:29:cc:4d:5d:79:c8:df:8e:e0:e6:18:d6:
eb:89:47:97:2b:0f:30:2c:41:4d:2c:d6:6f:5c:18:
d7:5a:23:86:43:16:db:d5:d4:af:75:d8:94:6e:72:
d4:d3:b6:55:95:13:c0:c2:bc:dd:77:fd:47:c5:e6:
33:93:b2:69:d3:23:c0:28:73:cb:8e:4b:9b:ff:0a:
72:a5:46:f2:b7:04:a5:76:e1:7a:7d:d0:c3:99:e1:
08:6f:02:83:0c:a2:73:db:2a:82:88:b0:81:81:f0:
9e:eb:18:91:d9:ee:7a:79:a5:34:57:ea:78:0b:d0:
35:ff:64:ac:9e:4b:a5:f5:e8:63:47:32:a2:8f:68:
19:db:5f:ba:94:31:e3:df:a6:39:dd:db:e4:64:95:
d9:a9:44:3a:ad:b6:97:b4:cd:f8:12:80:76:d1:c9:
c5:14:22:55:b1:32:c6:6f:1a:b8:67:51:01:7f:e1:
a7:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:98:EA:17:22:5C:F0:81:02:AA:12:78:E5:F2:8D:A5:F3:76:93:B3
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/8JjqFyJc8IECqhJ45fKNpfN2k7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.143.0/24
185.255.37.0/24
188.240.225.0/24
193.23.128.0/23
213.232.94.0/24
Signature Algorithm: sha256WithRSAEncryption
46:e3:9d:f9:ca:c3:ff:92:7b:8f:71:e6:1e:3c:f4:4c:c6:b4:
63:f9:b5:07:ca:a7:3b:90:10:22:8c:de:91:bd:33:e1:e6:57:
50:6f:27:ae:96:34:d8:7e:f7:0c:f2:29:92:e7:f8:b7:da:59:
be:24:80:50:d2:7b:d8:dc:33:6a:1a:a1:06:29:35:08:a4:27:
86:d9:a5:e8:80:27:ee:2d:e7:46:07:be:93:ce:99:d8:51:04:
97:1e:8f:3b:9b:e3:73:c5:3e:f6:bb:3a:b2:be:1d:19:cf:d7:
ad:2e:8a:95:d5:4b:ed:75:c2:4e:99:bd:93:5a:27:8b:5a:fb:
76:1a:b9:56:d8:26:34:e3:e9:04:b2:6b:ce:45:e9:e1:64:f9:
07:1b:c3:fb:55:80:23:9c:32:d7:8a:ea:a5:11:d7:94:2c:0d:
e2:f4:0d:16:fa:9b:ae:6f:d3:54:9e:24:a9:3e:35:f7:77:b9:
18:c8:ef:2f:11:71:0b:f1:ac:ee:d0:d5:77:18:4e:4e:72:42:
44:5d:48:64:3f:7f:ef:b7:f0:7d:92:6f:58:14:c0:ff:00:73:
10:d8:0b:d6:b5:db:03:5f:38:b6:bc:d3:d1:25:b6:3f:31:f7:
d6:40:f2:b3:f8:16:e1:83:26:4c:54:4a:53:06:4f:1c:7f:ce:
bb:e6:3f:91
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYYCnK9TKjVoVvFxzF32itCqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTMwMTIxNzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDk4ZWExNzIyNWNmMDgxMDJhYTEyNzhlNWYyOGRhNWYzNzY5M2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicT4g2ozxiwheCzs1gFzbq/CN70h
rheWnjdrI9U+SvVGnft3f35iHF35wG7Sb2r7MAZ8U56n+cOGy5BkN3sR/xPSNLCA
IlmOZFC9XogpzE1decjfjuDmGNbriUeXKw8wLEFNLNZvXBjXWiOGQxbb1dSvddiU
bnLU07ZVlRPAwrzdd/1HxeYzk7Jp0yPAKHPLjkub/wpypUbytwSlduF6fdDDmeEI
bwKDDKJz2yqCiLCBgfCe6xiR2e56eaU0V+p4C9A1/2Ssnkul9ehjRzKij2gZ21+6
lDHj36Y53dvkZJXZqUQ6rbaXtM34EoB20cnFFCJVsTLGbxq4Z1EBf+GnAQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPCY6hciXPCBAqoSeOXyjaXzdpOzMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvOEpqcUZ5SmM4SUVDcWhKNDVmS05wZk4yazdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAuYePAwQA
uf8lAwQAvPDhAwQBwReAAwQA1eheMA0GCSqGSIb3DQEBCwUAA4IBAQBG4535ysP/
knuPceYePPRMxrRj+bUHyqc7kBAijN6RvTPh5ldQbyeuljTYfvcM8imS5/i32lm+
JIBQ0nvY3DNqGqEGKTUIpCeG2aXogCfuLedGB76TzpnYUQSXHo87m+NzxT72uzqy
vh0Zz9etLoqV1UvtdcJOmb2TWieLWvt2GrlW2CY04+kEsmvORenhZPkHG8P7VYAj
nDLXiuqlEdeULA3i9A0W+puub9NUniSpPjX3d7kYyO8vEXEL8azu0NV3GE5OckJE
XUhkP3/vt/B9km9YFMD/AHMQ2AvWtdsDXzi2vNPRJbY/MffWQPKz+BbhgyZMVEpT
Bk8cf8675j+R
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:53 2023 by rpki-client on console-ams.rpki-client.org