Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ApzB5qLL4Efghxb59p5AFuPWx3U.roa
File: ApzB5qLL4Efghxb59p5AFuPWx3U.roa (raw, json)
Hash identifier: zTeBfYG76WlDQm0vTYOUYEie/CO4NEVk/4N227vdyT4=
Subject key identifier: 02:9C:C1:E6:A2:CB:E0:47:E0:87:16:F9:F6:9E:40:16:E3:D6:C7:75
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01873BBCB6CE5D3981344C077ADD935D56A7
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ApzB5qLL4Efghxb59p5AFuPWx3U.roa
Signing time: Sat 01 Apr 2023 07:33:56 +0000
ROA not before: Sat 01 Apr 2023 07:33:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38337
IP address blocks: 92.114.85.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
188.240.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Apr 2023 08:26:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:3b:bc:b6:ce:5d:39:81:34:4c:07:7a:dd:93:5d:56:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 1 07:33:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=029cc1e6a2cbe047e08716f9f69e4016e3d6c775
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:52:60:b2:c5:78:5c:e4:9c:e6:12:4a:d3:27:
7d:78:0a:ea:58:d0:ee:e0:01:b5:b2:d0:e8:d4:1f:
62:ca:51:3e:c0:c1:7f:8c:2a:b0:07:05:16:3e:37:
70:20:49:72:d0:e6:6f:ed:ce:47:ac:de:d9:54:62:
f7:24:8b:a8:e3:fe:ae:5e:45:a1:f8:2b:d5:21:85:
1c:7a:cc:54:65:2d:a2:96:57:2a:83:eb:f5:c4:3a:
6c:2c:92:f0:4a:7d:4f:79:f5:fa:3f:b5:71:8f:e9:
de:31:49:2d:58:cf:fb:24:63:67:61:ed:3c:46:3b:
2e:09:c5:f5:56:42:6e:5d:d1:09:13:b7:31:25:68:
29:da:5a:fa:66:40:5e:03:f2:75:9c:ab:b3:0f:99:
a4:06:0c:ee:e4:1e:03:5e:1d:e5:e5:cf:7c:60:b4:
fd:a7:69:9a:ee:6e:f2:48:3c:52:44:0f:4e:7e:88:
ea:d5:66:a4:8e:12:30:c2:08:5e:50:e8:98:3e:48:
4e:b4:f2:db:71:ed:ae:22:51:65:cf:06:21:03:ee:
64:6c:d7:7d:61:fd:4d:4a:43:f8:10:8b:6a:81:3b:
8d:a2:4d:c6:27:7d:eb:2b:e6:71:2b:8f:3e:0c:20:
69:ec:46:71:7a:68:08:60:15:d8:e8:17:4a:01:54:
22:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:9C:C1:E6:A2:CB:E0:47:E0:87:16:F9:F6:9E:40:16:E3:D6:C7:75
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ApzB5qLL4Efghxb59p5AFuPWx3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.114.85.0/24
188.240.230.0/24
188.241.243.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:af:fa:d3:1e:0b:56:fb:24:f0:01:df:cb:52:0f:da:cb:72:
8c:19:fa:49:1e:d9:80:2a:26:73:6c:33:41:61:ab:67:b5:d7:
e3:73:a0:a9:30:02:5d:99:d3:a8:af:7d:4e:70:75:2c:8b:f6:
53:e2:d8:68:e9:72:e1:32:72:d6:8b:c0:62:47:a1:f9:31:3a:
38:df:e5:2b:ea:d0:8e:9c:18:53:81:91:dc:65:0c:1a:51:43:
63:d6:8d:af:28:66:ce:0a:3c:db:0b:46:fd:cc:5a:a1:8c:fd:
23:41:b7:6d:6c:8c:e6:51:52:6a:f3:57:c1:0c:58:97:53:27:
07:8e:63:13:6e:56:c0:44:eb:2c:11:40:d5:9e:e7:70:17:cd:
20:6e:42:07:00:f4:d2:21:ac:47:71:0d:49:db:75:dd:ec:df:
80:a1:4b:94:d1:d9:54:eb:c8:ee:de:dc:9e:7e:99:6f:75:f6:
81:21:f5:e5:c1:37:2f:4e:36:d7:4d:a9:c8:81:f1:6f:ea:fe:
0a:b0:8e:ec:75:db:bf:21:06:d6:7b:c8:f0:8b:27:ec:36:1d:
ff:3d:32:1c:6b:98:56:e6:2f:44:94:ea:67:e3:67:43:a5:b2:
f7:91:90:9f:53:ff:eb:af:87:e8:7e:00:9b:e4:98:94:c9:4d:
50:29:92:4b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYc7vLbOXTmBNEwHet2TXVanMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDAxMDczMzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjljYzFlNmEyY2JlMDQ3ZTA4NzE2ZjlmNjllNDAxNmUzZDZjNzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllJgssV4XOSc5hJK0yd9eArqWNDu
4AG1stDo1B9iylE+wMF/jCqwBwUWPjdwIEly0OZv7c5HrN7ZVGL3JIuo4/6uXkWh
+CvVIYUcesxUZS2illcqg+v1xDpsLJLwSn1PefX6P7Vxj+neMUktWM/7JGNnYe08
RjsuCcX1VkJuXdEJE7cxJWgp2lr6ZkBeA/J1nKuzD5mkBgzu5B4DXh3l5c98YLT9
p2ma7m7ySDxSRA9Ofojq1WakjhIwwgheUOiYPkhOtPLbce2uIlFlzwYhA+5kbNd9
Yf1NSkP4EItqgTuNok3GJ33rK+ZxK48+DCBp7EZxemgIYBXY6BdKAVQiVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAKcweaiy+BH4IcW+faeQBbj1sd1MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvQXB6QjVxTEw0RWZnaHhiNTlwNUFGdVBXeDNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXHJVAwQA
vPDmAwQAvPHzMA0GCSqGSIb3DQEBCwUAA4IBAQBfr/rTHgtW+yTwAd/LUg/ay3KM
GfpJHtmAKiZzbDNBYatntdfjc6CpMAJdmdOor31OcHUsi/ZT4tho6XLhMnLWi8Bi
R6H5MTo43+Ur6tCOnBhTgZHcZQwaUUNj1o2vKGbOCjzbC0b9zFqhjP0jQbdtbIzm
UVJq81fBDFiXUycHjmMTblbAROssEUDVnudwF80gbkIHAPTSIaxHcQ1J23Xd7N+A
oUuU0dlU68ju3tyefplvdfaBIfXlwTcvTjbXTanIgfFv6v4KsI7sddu/IQbWe8jw
iyfsNh3/PTIca5hW5i9ElOpn42dDpbL3kZCfU//rr4fofgCb5JiUyU1QKZJL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org