Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/CqKoYRdAZoBwbMT6MHntvfkG0V0.roa
File: CqKoYRdAZoBwbMT6MHntvfkG0V0.roa (raw, json)
Hash identifier: 0jIXm3WHlEmHeXtIdwodeqhg8FkaPlboYav6dMWZScY=
Subject key identifier: 0A:A2:A8:61:17:40:66:80:70:6C:C4:FA:30:79:ED:BD:F9:06:D1:5D
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0186DC4724A76B30C01FCD8CF3376D18972B
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/CqKoYRdAZoBwbMT6MHntvfkG0V0.roa
Signing time: Mon 13 Mar 2023 18:41:35 +0000
ROA not before: Mon 13 Mar 2023 18:41:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138687
IP address blocks: 188.212.133.0/24 maxlen: 24
185.255.38.0/24 maxlen: 24
185.255.171.0/24 maxlen: 24
185.238.9.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 01 Apr 2023 07:33:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:dc:47:24:a7:6b:30:c0:1f:cd:8c:f3:37:6d:18:97:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 13 18:41:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0aa2a86117406680706cc4fa3079edbdf906d15d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e1:4b:ab:6e:67:87:ce:83:71:a7:a3:d2:12:
27:3e:7a:89:37:f2:16:77:e5:f5:b3:dd:04:df:1a:
9f:34:1c:95:5d:4d:07:ab:6f:5c:08:83:05:4b:8b:
32:bc:49:e3:da:53:31:8c:bd:37:dc:bd:85:52:31:
3b:99:1a:2f:eb:c8:a2:2e:36:0b:74:bb:01:1e:41:
cc:26:2b:a6:89:58:0e:65:1a:57:76:cc:a6:59:43:
0f:c8:12:7f:8f:f0:33:a8:29:52:c8:f1:37:38:e4:
a5:7e:bb:f0:44:cd:4c:23:e0:ab:57:9a:6e:68:7b:
ad:65:95:ef:2b:22:f1:5d:ce:a8:3d:93:36:27:42:
0a:07:b2:1c:54:c8:1e:dd:12:ee:f4:18:6d:2b:b6:
0b:e1:31:18:b6:eb:a6:cf:43:e5:63:ea:19:53:77:
be:b9:c6:a1:78:76:12:31:12:bc:52:62:00:83:d7:
06:36:9d:6d:c6:ca:c2:e7:2c:c2:8e:ad:86:ba:40:
51:27:23:b9:90:1d:bb:45:c8:94:64:dd:60:0b:be:
6d:b2:13:79:0f:83:a1:79:bc:31:87:24:5b:45:51:
24:b6:d4:bc:16:2d:97:86:09:96:b7:93:6f:be:d7:
f4:3d:2b:10:7b:11:5f:11:67:0a:dc:59:ab:89:92:
fe:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:A2:A8:61:17:40:66:80:70:6C:C4:FA:30:79:ED:BD:F9:06:D1:5D
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/CqKoYRdAZoBwbMT6MHntvfkG0V0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.205.0/24
185.238.9.0/24
185.255.38.0/24
185.255.171.0/24
188.212.133.0/24
Signature Algorithm: sha256WithRSAEncryption
89:25:54:eb:94:1e:71:6c:32:85:39:e9:fa:97:32:9e:82:bd:
be:65:1d:9a:92:57:af:c2:21:05:e6:c7:e5:86:95:80:82:bc:
45:b1:73:f5:17:18:db:b6:e2:4b:5a:91:7b:67:49:89:ed:ac:
62:e6:e9:55:16:da:4f:f1:d5:d5:22:74:ec:35:69:57:be:17:
9c:60:45:83:3d:d5:25:d1:dd:4f:e2:71:56:08:d6:15:e7:68:
5a:fb:ef:9a:d1:84:41:29:2b:f2:ad:7f:c9:56:25:a3:fc:08:
3b:0f:b8:f5:ff:de:eb:82:8b:fd:cf:0f:99:c2:00:aa:20:0e:
7b:ed:8a:70:20:a0:ff:59:cd:a4:8c:f0:39:e6:89:26:a4:bf:
94:41:ad:98:3c:de:3e:fa:ef:f7:12:59:d1:11:94:75:30:e9:
b9:e9:c5:a0:94:9c:2c:f3:71:ba:77:18:d0:6b:c2:9e:51:5d:
2c:8f:03:26:5b:30:40:33:53:5c:6b:11:a4:af:b9:b5:d7:18:
e8:c7:41:1d:5d:c4:37:52:05:ec:cd:71:61:a9:0a:ec:dc:f6:
3e:97:e3:4f:64:a3:0b:02:6f:0e:fd:fc:53:55:51:07:07:4f:
46:84:7f:93:e9:9a:72:37:53:4c:b2:a6:7c:b9:53:48:f1:7e:
09:e3:32:04
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYbcRySnazDAH82M8zdtGJcrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzEzMTg0MTM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWEyYTg2MTE3NDA2NjgwNzA2Y2M0ZmEzMDc5ZWRiZGY5MDZkMTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeFLq25nh86Dcaej0hInPnqJN/IW
d+X1s90E3xqfNByVXU0Hq29cCIMFS4syvEnj2lMxjL033L2FUjE7mRov68iiLjYL
dLsBHkHMJiumiVgOZRpXdsymWUMPyBJ/j/AzqClSyPE3OOSlfrvwRM1MI+CrV5pu
aHutZZXvKyLxXc6oPZM2J0IKB7IcVMge3RLu9BhtK7YL4TEYtuumz0PlY+oZU3e+
ucaheHYSMRK8UmIAg9cGNp1txsrC5yzCjq2GukBRJyO5kB27RciUZN1gC75tshN5
D4OhebwxhyRbRVEkttS8Fi2XhgmWt5Nvvtf0PSsQexFfEWcK3FmriZL+jwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAqiqGEXQGaAcGzE+jB57b35BtFdMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvQ3FLb1lSZEFab0J3Yk1UNk1IbnR2ZmtHMFYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW7zNAwQA
ue4JAwQAuf8mAwQAuf+rAwQAvNSFMA0GCSqGSIb3DQEBCwUAA4IBAQCJJVTrlB5x
bDKFOen6lzKegr2+ZR2aklevwiEF5sflhpWAgrxFsXP1FxjbtuJLWpF7Z0mJ7axi
5ulVFtpP8dXVInTsNWlXvhecYEWDPdUl0d1P4nFWCNYV52ha+++a0YRBKSvyrX/J
ViWj/Ag7D7j1/97rgov9zw+ZwgCqIA577YpwIKD/Wc2kjPA55okmpL+UQa2YPN4+
+u/3ElnREZR1MOm56cWglJws83G6dxjQa8KeUV0sjwMmWzBAM1NcaxGkr7m11xjo
x0EdXcQ3UgXszXFhqQrs3PY+l+NPZKMLAm8O/fxTVVEHB09GhH+T6ZpyN1NMsqZ8
uVNI8X4J4zIE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org