Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/9jbpsqnmppCQTKMcB01HxGjB_ik.roa
File: 9jbpsqnmppCQTKMcB01HxGjB_ik.roa (raw, json)
Hash identifier: H+OkwH+w53Jq9QsRrF5F9MrGNFxwaROAvUNjhzY2KOo=
Subject key identifier: F6:36:E9:B2:A9:E6:A6:90:90:4C:A3:1C:07:4D:47:C4:68:C1:FE:29
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0185F1F07EE9F3B5F8D56E3F5F5DDF47AB9C
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/9jbpsqnmppCQTKMcB01HxGjB_ik.roa
Signing time: Fri 27 Jan 2023 06:35:48 +0000
ROA not before: Fri 27 Jan 2023 06:35:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38337
IP address blocks: 193.23.128.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Jan 2023 11:36:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f1:f0:7e:e9:f3:b5:f8:d5:6e:3f:5f:5d:df:47:ab:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 27 06:35:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f636e9b2a9e6a690904ca31c074d47c468c1fe29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:3f:86:7a:9f:4a:a5:b3:4d:c3:0a:1b:80:35:
ce:74:6c:ef:29:6d:d8:1d:2b:be:0e:e5:4e:2a:85:
dd:f2:60:a6:3c:5e:12:5d:10:95:47:e6:8b:16:02:
c8:33:a7:5d:46:e9:99:5a:0b:26:35:a7:d6:91:cd:
da:bf:a1:3a:49:fa:b2:66:dd:e5:19:63:c7:14:40:
bd:00:89:9a:0d:5b:ba:2f:3d:98:fc:29:2c:9f:d4:
4a:d3:74:a2:07:f9:c6:6a:50:e7:70:b4:86:87:90:
a4:2c:66:f1:78:63:de:cd:b7:09:41:7e:8e:4d:9b:
eb:fe:25:a5:8e:3b:36:87:17:42:f1:83:d4:75:08:
90:80:12:48:e9:32:e2:21:4f:3b:c2:78:08:4e:86:
e2:50:0a:c1:f4:ce:21:40:2f:c1:3d:8a:d7:57:83:
01:fd:c5:4c:bf:f0:6e:65:0a:b3:3c:13:0a:15:2b:
57:3c:72:ac:02:60:77:de:ca:33:fe:14:38:8e:5f:
fb:f5:59:42:9f:cb:2b:57:75:f0:16:1a:b1:d1:08:
b7:57:fb:ca:b9:b6:ca:5a:39:30:10:28:81:7e:2e:
07:de:24:f8:48:46:3b:80:05:05:25:13:af:8e:07:
8b:b6:de:be:ec:b5:35:29:18:d7:f3:1b:d9:61:79:
35:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:36:E9:B2:A9:E6:A6:90:90:4C:A3:1C:07:4D:47:C4:68:C1:FE:29
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/9jbpsqnmppCQTKMcB01HxGjB_ik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.143.0/24
188.240.225.0/24
193.23.128.0/24
Signature Algorithm: sha256WithRSAEncryption
75:6b:5c:71:78:96:21:58:6a:20:c5:7c:b3:0c:67:c0:80:90:
58:37:15:68:cd:fc:3e:cb:8b:29:8f:23:6a:3e:37:43:e0:84:
da:c2:40:eb:97:a2:42:ff:ee:55:55:0b:66:85:f5:00:f5:05:
ed:3a:a3:1b:62:41:2a:bb:42:49:07:f3:ff:82:af:07:29:81:
51:77:8c:c6:d3:4d:bd:d3:43:38:26:79:29:27:1a:16:6a:65:
30:7a:dd:0f:21:0c:4b:db:51:13:f9:66:45:85:b8:4b:d4:5e:
ba:a8:c8:24:da:0d:3c:e3:78:bc:e3:07:67:50:64:c8:60:82:
f2:7a:94:c6:c2:8d:96:a1:79:bc:ab:ff:69:ea:da:02:2f:d0:
04:59:e9:8e:a5:ea:61:d7:9f:59:e1:77:57:3f:73:d6:64:66:
80:3a:98:00:ca:78:f8:f8:98:ca:1d:98:51:4b:33:42:7e:26:
0f:99:93:14:5f:f9:37:2f:e3:d3:77:98:d8:0b:4a:34:8a:58:
16:ca:91:9e:b3:40:08:72:11:cd:30:5f:06:85:af:f7:bc:dd:
b1:b0:e6:b6:07:45:19:a8:ef:96:34:ef:74:a7:96:72:fd:28:
d5:46:0a:44:d8:81:34:cc:84:6f:99:3e:8a:fe:23:28:f4:b6:
cc:10:f7:dc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXx8H7p87X41W4/X13fR6ucMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTI3MDYzNTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjM2ZTliMmE5ZTZhNjkwOTA0Y2EzMWMwNzRkNDdjNDY4YzFmZTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjD+Gep9KpbNNwwobgDXOdGzvKW3Y
HSu+DuVOKoXd8mCmPF4SXRCVR+aLFgLIM6ddRumZWgsmNafWkc3av6E6SfqyZt3l
GWPHFEC9AImaDVu6Lz2Y/Cksn9RK03SiB/nGalDncLSGh5CkLGbxeGPezbcJQX6O
TZvr/iWljjs2hxdC8YPUdQiQgBJI6TLiIU87wngITobiUArB9M4hQC/BPYrXV4MB
/cVMv/BuZQqzPBMKFStXPHKsAmB33soz/hQ4jl/79VlCn8srV3XwFhqx0Qi3V/vK
ubbKWjkwECiBfi4H3iT4SEY7gAUFJROvjgeLtt6+7LU1KRjX8xvZYXk1pQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPY26bKp5qaQkEyjHAdNR8Rowf4pMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvOWpicHNxbm1wcENRVEtNY0IwMUh4R2pCX2lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuYePAwQA
vPDhAwQAwReAMA0GCSqGSIb3DQEBCwUAA4IBAQB1a1xxeJYhWGogxXyzDGfAgJBY
NxVozfw+y4spjyNqPjdD4ITawkDrl6JC/+5VVQtmhfUA9QXtOqMbYkEqu0JJB/P/
gq8HKYFRd4zG002900M4JnkpJxoWamUwet0PIQxL21ET+WZFhbhL1F66qMgk2g08
43i84wdnUGTIYILyepTGwo2WoXm8q/9p6toCL9AEWemOpeph159Z4XdXP3PWZGaA
OpgAynj4+JjKHZhRSzNCfiYPmZMUX/k3L+PTd5jYC0o0ilgWypGes0AIchHNMF8G
ha/3vN2xsOa2B0UZqO+WNO90p5Zy/SjVRgpE2IE0zIRvmT6K/iMo9LbMEPfc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:09 2024 by rpki-client on console-ams.rpki-client.org