Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/CYSxi5HM5dMcXZRDgLyhzx5T7nQ.roa
File: CYSxi5HM5dMcXZRDgLyhzx5T7nQ.roa (raw, json)
Hash identifier: zk+LZiDydCCm5G13akNP92RqCBNhTdBiTx3pWObNexM=
Subject key identifier: 09:84:B1:8B:91:CC:E5:D3:1C:5D:94:43:80:BC:A1:CF:1E:53:EE:74
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187ACAB05D4FCACC8B8000D2C78CD5F2D44
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/CYSxi5HM5dMcXZRDgLyhzx5T7nQ.roa
Signing time: Sun 23 Apr 2023 05:51:41 +0000
ROA not before: Sun 23 Apr 2023 05:51:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 188.240.68.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ac:ab:05:d4:fc:ac:c8:b8:00:0d:2c:78:cd:5f:2d:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 23 05:51:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0984b18b91cce5d31c5d944380bca1cf1e53ee74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f7:1e:94:25:10:f9:3a:52:29:2e:1f:b8:ed:
ed:e5:ad:30:f8:32:cf:39:94:5b:9c:55:e7:cb:a5:
73:07:a3:5b:1b:29:a9:92:f8:d6:f3:41:eb:3a:c7:
db:68:5f:8c:49:92:6a:32:7e:91:9c:06:36:a0:c0:
e4:ba:9d:5e:80:36:73:f3:dd:10:19:8e:24:e7:7a:
a6:4e:94:bc:8c:b7:c7:6d:50:7e:80:4c:c0:c6:31:
60:d3:99:97:0d:16:dc:65:fa:ff:6e:60:dc:7d:4a:
f8:7b:a5:25:e8:32:e1:90:14:1b:d8:35:54:0e:00:
e6:b1:46:ce:3b:eb:47:f2:21:92:8e:ed:4f:80:df:
c2:fc:22:42:b7:b8:f9:ab:76:bd:7a:7f:4c:7e:79:
1a:70:46:ed:59:a9:80:90:53:46:58:46:dd:3f:3a:
d2:a3:9f:9f:0a:f7:cd:79:7d:41:3c:13:de:cc:96:
c9:15:c3:28:04:c8:b8:96:cc:d3:b9:80:7b:fb:54:
12:c3:e2:6e:a7:65:ec:1a:3d:64:64:4c:68:44:6b:
f8:bb:ad:a7:4c:e0:8f:4b:97:bd:74:f6:f8:c9:9e:
fa:2c:20:9e:49:da:87:e6:54:2a:2a:8e:64:e1:cc:
59:eb:63:7c:da:4e:62:80:43:36:ae:8a:dc:e3:45:
b8:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:84:B1:8B:91:CC:E5:D3:1C:5D:94:43:80:BC:A1:CF:1E:53:EE:74
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/CYSxi5HM5dMcXZRDgLyhzx5T7nQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.207.0/24
188.212.132.0/24
188.212.159.0/24
188.240.68.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:e9:f3:74:9d:7c:32:46:8d:cf:de:5c:d2:74:a0:77:f0:cd:
06:36:24:25:e6:57:72:05:22:cb:b2:73:6a:37:93:10:22:5d:
b0:d2:29:9f:24:8f:4a:1b:fc:6a:ef:23:85:8a:6d:6a:ba:ca:
08:22:87:8d:eb:c3:51:cd:b6:15:9a:71:ad:51:96:15:d8:6e:
e1:5a:31:cc:61:9e:4c:72:b8:22:33:27:30:b0:18:db:40:76:
b5:66:92:dd:4c:ce:a3:97:41:e4:79:22:c3:99:a3:c1:00:a1:
90:90:05:70:48:2a:bb:11:1e:c5:c9:de:42:41:11:9e:85:86:
31:97:0d:1c:4d:5e:16:ea:a1:1b:05:26:75:d5:80:45:bc:7e:
52:11:e7:93:60:ba:4b:ec:d5:1b:13:1f:b9:5a:c6:46:67:9e:
1a:e3:8c:95:cd:4f:e5:a3:e6:7d:b5:0b:46:2f:ac:f4:e6:89:
22:7b:04:d0:3e:28:33:36:f6:40:16:51:53:76:66:9a:89:23:
74:77:a9:f8:d3:db:5b:f3:55:7a:33:1f:47:e5:b0:e1:fa:aa:
5a:c3:27:5a:1c:3a:f1:b8:db:d4:d5:a3:71:4b:7d:66:46:e3:
78:09:85:9a:ae:c8:32:9e:12:06:0a:dd:b5:ef:39:6b:35:09:
95:57:4f:f4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYesqwXU/KzIuAANLHjNXy1EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDIzMDU1MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTg0YjE4YjkxY2NlNWQzMWM1ZDk0NDM4MGJjYTFjZjFlNTNlZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/celCUQ+TpSKS4fuO3t5a0w+DLP
OZRbnFXny6VzB6NbGympkvjW80HrOsfbaF+MSZJqMn6RnAY2oMDkup1egDZz890Q
GY4k53qmTpS8jLfHbVB+gEzAxjFg05mXDRbcZfr/bmDcfUr4e6Ul6DLhkBQb2DVU
DgDmsUbOO+tH8iGSju1PgN/C/CJCt7j5q3a9en9MfnkacEbtWamAkFNGWEbdPzrS
o5+fCvfNeX1BPBPezJbJFcMoBMi4lszTuYB7+1QSw+Jup2XsGj1kZExoRGv4u62n
TOCPS5e9dPb4yZ76LCCeSdqH5lQqKo5k4cxZ62N82k5igEM2rorc40W4uQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAmEsYuRzOXTHF2UQ4C8oc8eU+50MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvQ1lTeGk1SE01ZE1jWFpSRGdMeWh6eDVUN25RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW7zPAwQA
vNSEAwQAvNSfAwQAvPBEMA0GCSqGSIb3DQEBCwUAA4IBAQCN6fN0nXwyRo3P3lzS
dKB38M0GNiQl5ldyBSLLsnNqN5MQIl2w0imfJI9KG/xq7yOFim1qusoIIoeN68NR
zbYVmnGtUZYV2G7hWjHMYZ5McrgiMycwsBjbQHa1ZpLdTM6jl0HkeSLDmaPBAKGQ
kAVwSCq7ER7Fyd5CQRGehYYxlw0cTV4W6qEbBSZ11YBFvH5SEeeTYLpL7NUbEx+5
WsZGZ54a44yVzU/lo+Z9tQtGL6z05okiewTQPigzNvZAFlFTdmaaiSN0d6n409tb
81V6Mx9H5bDh+qpawydaHDrxuNvU1aNxS31mRuN4CYWarsgynhIGCt217zlrNQmV
V0/0
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:53 2023 by rpki-client on console-ams.rpki-client.org