Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/9QHtwr-gqF-Q3BZ4yujZWQ4gTcU.roa
File: 9QHtwr-gqF-Q3BZ4yujZWQ4gTcU.roa (raw, json)
Hash identifier: rfFj8SbMENAJHbuXg4g04D1z+90DuZL2kd7ChVE/hp0=
Subject key identifier: F5:01:ED:C2:BF:A0:A8:5F:90:DC:16:78:CA:E8:D9:59:0E:20:4D:C5
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01862F72FB20C00D76A62F04C81DD3D15580
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/9QHtwr-gqF-Q3BZ4yujZWQ4gTcU.roa
Signing time: Wed 08 Feb 2023 05:15:09 +0000
ROA not before: Wed 08 Feb 2023 05:15:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17447
IP address blocks: 188.241.248.0/24 maxlen: 24
188.241.159.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
89.34.126.0/24 maxlen: 24
94.176.111.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
185.238.8.0/24 maxlen: 24
185.238.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Feb 2023 19:28:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2f:72:fb:20:c0:0d:76:a6:2f:04:c8:1d:d3:d1:55:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 8 05:15:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f501edc2bfa0a85f90dc1678cae8d9590e204dc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:fd:7f:05:2e:0c:71:74:04:57:97:e7:74:4a:
7f:af:2b:e3:95:10:2e:a2:5c:91:c7:52:9c:ac:23:
a3:ef:8f:a3:ef:40:b0:0b:33:b1:b1:90:8d:73:42:
f0:13:32:91:ca:95:6e:a3:b9:2e:fe:14:74:b4:59:
0e:bb:f9:a9:47:71:e8:de:5e:45:67:25:02:ff:60:
d3:30:57:df:81:62:f6:de:9b:af:a4:fa:56:23:ad:
af:bb:41:65:dc:55:00:eb:5f:24:d7:ae:25:5d:33:
97:e7:16:66:09:d7:e2:4e:49:98:3b:04:b0:95:61:
eb:ed:49:0d:cc:79:cd:c2:c8:83:ae:98:10:86:94:
7b:cd:d3:41:18:94:d7:c1:a0:f5:6e:9e:96:26:2b:
12:9d:b4:be:4b:1d:ff:cb:b0:86:82:b2:3f:05:91:
93:ae:06:d2:96:4d:3d:b0:9e:c9:2d:4d:16:47:a1:
6e:1c:9d:71:54:52:b4:f6:48:aa:91:b6:a5:e3:f7:
c8:85:eb:bc:03:2c:59:5f:4e:da:2f:16:3f:ca:f2:
c2:e4:83:94:51:24:37:69:8f:2b:99:44:3e:a8:e9:
9d:02:5c:a4:71:ae:3a:8f:db:6e:18:aa:c0:83:18:
b1:88:8d:b5:59:20:c0:ad:08:11:14:88:bf:fa:c4:
09:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:01:ED:C2:BF:A0:A8:5F:90:DC:16:78:CA:E8:D9:59:0E:20:4D:C5
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/9QHtwr-gqF-Q3BZ4yujZWQ4gTcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.126.0/24
94.176.111.0/24
185.238.8.0/24
185.238.11.0/24
188.240.224.0/24
188.241.159.0/24
188.241.248.0/24
213.232.92.0/24
Signature Algorithm: sha256WithRSAEncryption
25:73:7e:0d:6d:c2:9d:4c:3d:20:fb:7b:c8:a1:84:cd:25:6b:
f8:b2:bc:55:01:64:fa:6e:c3:d6:45:b8:36:ec:0f:ba:c0:56:
2c:05:3d:28:a7:9b:fe:1c:e3:52:47:2f:8d:95:d9:60:0b:fe:
7b:ff:bc:4f:68:10:02:0b:9a:4c:44:18:02:bc:0d:7c:5f:84:
f1:4b:14:77:e1:3c:0d:32:8a:65:fc:eb:17:f9:e8:9f:9e:46:
0d:0c:bf:f8:bc:a0:3e:a5:de:7f:ab:7a:a7:05:ef:76:90:3f:
99:7e:96:ba:6b:35:6b:fc:b1:63:94:1b:b3:1d:ad:f1:77:71:
ac:9f:21:25:f8:40:89:04:f8:a8:38:ec:2b:43:29:33:ce:ff:
83:3b:0e:87:89:6e:a2:d8:4b:56:37:9d:1e:5f:57:9a:94:ac:
ef:cb:19:1f:10:fc:f6:94:7d:ff:c4:2a:55:33:26:52:45:e2:
1b:2f:f7:ff:96:fa:c1:07:bc:83:d0:7a:a7:f0:8d:90:3e:9f:
7b:04:ea:ec:22:2e:6f:ec:40:90:ea:bf:39:9c:dc:62:37:4b:
a8:24:68:b6:4e:66:32:2c:73:27:e1:a0:cf:8a:9a:3d:25:c5:
01:0b:22:62:90:f5:43:93:4d:87:6e:72:e3:9c:ec:fd:60:84:
3a:fd:74:a7
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYYvcvsgwA12pi8EyB3T0VWAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjA4MDUxNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTAxZWRjMmJmYTBhODVmOTBkYzE2NzhjYWU4ZDk1OTBlMjA0ZGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnv1/BS4McXQEV5fndEp/ryvjlRAu
olyRx1KcrCOj74+j70CwCzOxsZCNc0LwEzKRypVuo7ku/hR0tFkOu/mpR3Ho3l5F
ZyUC/2DTMFffgWL23puvpPpWI62vu0Fl3FUA618k164lXTOX5xZmCdfiTkmYOwSw
lWHr7UkNzHnNwsiDrpgQhpR7zdNBGJTXwaD1bp6WJisSnbS+Sx3/y7CGgrI/BZGT
rgbSlk09sJ7JLU0WR6FuHJ1xVFK09kiqkbal4/fIheu8AyxZX07aLxY/yvLC5IOU
USQ3aY8rmUQ+qOmdAlykca46j9tuGKrAgxixiI21WSDArQgRFIi/+sQJewIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFPUB7cK/oKhfkNwWeMro2VkOIE3FMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvOVFIdHdyLWdxRi1RM0JaNHl1alpXUTRnVGNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAWSJ+AwQA
XrBvAwQAue4IAwQAue4LAwQAvPDgAwQAvPGfAwQAvPH4AwQA1ehcMA0GCSqGSIb3
DQEBCwUAA4IBAQAlc34NbcKdTD0g+3vIoYTNJWv4srxVAWT6bsPWRbg27A+6wFYs
BT0op5v+HONSRy+NldlgC/57/7xPaBACC5pMRBgCvA18X4TxSxR34TwNMopl/OsX
+eifnkYNDL/4vKA+pd5/q3qnBe92kD+Zfpa6azVr/LFjlBuzHa3xd3GsnyEl+ECJ
BPioOOwrQykzzv+DOw6HiW6i2EtWN50eX1ealKzvyxkfEPz2lH3/xCpVMyZSReIb
L/f/lvrBB7yD0Hqn8I2QPp97BOrsIi5v7ECQ6r85nNxiN0uoJGi2TmYyLHMn4aDP
ipo9JcUBCyJikPVDk02HbnLjnOz9YIQ6/XSn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org