Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/8sopFXiOaujWI6ogDexJcDSdQNU.roa
File: 8sopFXiOaujWI6ogDexJcDSdQNU.roa (raw, json)
Hash identifier: eHs9RzM42DLoCriChPUozjPId290VsuCLZ0wLlcO7gY=
Subject key identifier: F2:CA:29:15:78:8E:6A:E8:D6:23:AA:20:0D:EC:49:70:34:9D:40:D5
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01862B24AFF1F9AF4C3659C72C5730E6E110
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/8sopFXiOaujWI6ogDexJcDSdQNU.roa
Signing time: Tue 07 Feb 2023 09:11:09 +0000
ROA not before: Tue 07 Feb 2023 09:11:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 188.212.133.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.95.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
94.176.110.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
188.214.208.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Feb 2023 17:43:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2b:24:af:f1:f9:af:4c:36:59:c7:2c:57:30:e6:e1:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 7 09:11:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2ca2915788e6ae8d623aa200dec4970349d40d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:db:fb:bb:d8:e6:c9:7e:cc:78:30:34:49:4f:
07:9e:8d:d3:14:f5:92:2d:8f:4a:41:eb:81:03:65:
0c:02:a6:b3:6e:c9:67:1e:9f:51:45:39:e8:a9:a5:
1d:89:ea:9c:cc:2d:42:83:c0:c1:74:d3:0c:d6:c5:
65:be:77:8c:4e:05:64:0f:53:d8:ff:2d:7c:2c:b1:
5b:72:35:2c:11:d8:e3:b0:99:2b:69:e3:f8:8a:37:
85:45:f9:b2:78:f2:9a:e8:51:a3:f5:52:0b:b3:a3:
d3:af:a1:0b:28:84:0b:36:3d:1b:62:dc:82:5e:85:
5d:c8:40:cc:f3:b2:51:91:a5:3f:6e:05:4c:01:e0:
93:d9:46:21:5b:45:1b:65:3a:21:65:0a:cc:6c:ef:
cd:77:71:0a:03:8c:28:e4:d5:1d:f3:d7:15:f8:68:
2f:22:7b:96:97:04:09:73:9b:c1:3e:31:9f:7a:fa:
f3:12:c1:d4:b5:e2:12:6e:a3:20:42:1c:c9:0b:30:
12:81:98:4c:04:d1:85:53:a5:f8:90:cf:df:ff:91:
1a:c8:2e:d3:9f:23:e9:a6:8e:c1:4e:f6:6e:7e:e9:
f6:4c:97:f8:0d:89:9d:4d:5a:29:99:ef:e6:56:30:
f5:b3:61:83:dc:75:2a:aa:ae:e2:20:8f:9c:a6:81:
a6:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:CA:29:15:78:8E:6A:E8:D6:23:AA:20:0D:EC:49:70:34:9D:40:D5
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/8sopFXiOaujWI6ogDexJcDSdQNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.207.0/24
94.176.110.0/24
185.238.10.0/24
185.255.168.0/24
188.212.133.0/24
188.212.159.0/24
188.214.208.0/23
213.232.93.0/24
213.232.95.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:b3:aa:b0:18:8f:1b:76:fd:8c:3b:ad:b6:53:90:32:ee:88:
ec:81:44:09:de:a0:59:19:9a:69:5f:47:c2:07:65:de:aa:e4:
97:a9:6b:44:90:fa:b4:4a:55:a2:10:2a:4f:51:8c:93:b7:0a:
44:ad:3f:f6:c3:bf:10:48:0d:5b:17:fc:ba:7a:4d:0a:e1:5a:
e2:d1:16:d0:24:f9:c6:4b:5e:16:5a:35:f5:94:8c:1c:90:cc:
ae:2d:6c:93:71:b1:0f:9e:22:1d:27:31:36:85:57:7e:0f:91:
5d:bd:1b:b8:d0:13:3d:9c:d7:92:84:aa:59:a4:f3:75:9a:45:
83:c3:65:d0:64:ec:a7:33:f5:19:60:b1:9d:27:aa:fe:d3:4e:
27:3c:b8:31:82:35:c8:c9:c5:90:48:92:43:ed:f3:c8:b9:c3:
31:93:19:e0:fd:60:ac:05:a4:aa:cb:7c:af:0e:5f:e4:2f:d5:
56:10:83:f2:d2:f2:12:5e:e5:db:43:a9:0b:2a:e7:1c:3c:41:
f9:22:90:77:dc:23:52:2e:27:3e:ff:37:f5:69:5c:7e:18:53:
c4:27:06:8b:c9:09:c9:36:d2:80:a1:24:0d:ab:15:0c:28:57:
b6:6e:d0:10:10:62:72:9c:c8:ff:0f:f5:7e:ea:3c:eb:b0:a6:
26:1e:1f:4f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYYrJK/x+a9MNlnHLFcw5uEQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjA3MDkxMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmNhMjkxNTc4OGU2YWU4ZDYyM2FhMjAwZGVjNDk3MDM0OWQ0MGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9v7u9jmyX7MeDA0SU8Hno3TFPWS
LY9KQeuBA2UMAqazbslnHp9RRTnoqaUdieqczC1Cg8DBdNMM1sVlvneMTgVkD1PY
/y18LLFbcjUsEdjjsJkraeP4ijeFRfmyePKa6FGj9VILs6PTr6ELKIQLNj0bYtyC
XoVdyEDM87JRkaU/bgVMAeCT2UYhW0UbZTohZQrMbO/Nd3EKA4wo5NUd89cV+Ggv
InuWlwQJc5vBPjGfevrzEsHUteISbqMgQhzJCzASgZhMBNGFU6X4kM/f/5EayC7T
nyPppo7BTvZufun2TJf4DYmdTVopme/mVjD1s2GD3HUqqq7iII+cpoGmcwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFPLKKRV4jmro1iOqIA3sSXA0nUDVMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvOHNvcEZYaU9hdWpXSTZvZ0RleEpjRFNkUU5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAW7zPAwQA
XrBuAwQAue4KAwQAuf+oAwQAvNSFAwQAvNSfAwQBvNbQAwQA1ehdAwQA1ehfMA0G
CSqGSIb3DQEBCwUAA4IBAQAds6qwGI8bdv2MO622U5Ay7ojsgUQJ3qBZGZppX0fC
B2XequSXqWtEkPq0SlWiECpPUYyTtwpErT/2w78QSA1bF/y6ek0K4Vri0RbQJPnG
S14WWjX1lIwckMyuLWyTcbEPniIdJzE2hVd+D5FdvRu40BM9nNeShKpZpPN1mkWD
w2XQZOynM/UZYLGdJ6r+004nPLgxgjXIycWQSJJD7fPIucMxkxng/WCsBaSqy3yv
Dl/kL9VWEIPy0vISXuXbQ6kLKuccPEH5IpB33CNSLic+/zf1aVx+GFPEJwaLyQnJ
NtKAoSQNqxUMKFe2btAQEGJynMj/D/V+6jzrsKYmHh9P
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org