Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/CuyMQJpgK5FW6sH6VOIKf2MsSVA.roa
File: CuyMQJpgK5FW6sH6VOIKf2MsSVA.roa (raw, json)
Hash identifier: 7dBKYvBzniCzTzf/C2OCb70oJz3cW5B9E85xugvLcBo=
Subject key identifier: 0A:EC:8C:40:9A:60:2B:91:56:EA:C1:FA:54:E2:0A:7F:63:2C:49:50
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01882086B9F50160F15D9734CDD215A82DE0
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/CuyMQJpgK5FW6sH6VOIKf2MsSVA.roa
Signing time: Mon 15 May 2023 17:48:00 +0000
ROA not before: Mon 15 May 2023 17:48:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7393
IP address blocks: 89.38.136.0/24 maxlen: 24
91.209.12.0/24 maxlen: 24
78.142.243.0/24 maxlen: 24
188.241.248.0/24 maxlen: 24
188.241.159.0/24 maxlen: 24
62.197.128.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Jul 2023 11:54:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:20:86:b9:f5:01:60:f1:5d:97:34:cd:d2:15:a8:2d:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 15 17:48:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0aec8c409a602b9156eac1fa54e20a7f632c4950
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:59:eb:cb:d6:77:f2:f2:1b:0b:db:cb:fd:61:
a8:98:dc:fe:39:f6:af:d6:65:a5:0a:c4:d3:0f:17:
dc:94:fa:55:e2:1b:4b:5a:87:17:ba:6c:ff:8a:a1:
76:73:da:cb:ff:f4:5c:59:40:94:ee:da:44:b5:00:
1e:21:00:12:08:e7:39:0d:3e:31:48:bc:5d:c3:81:
1d:fd:1a:e7:05:0a:82:bc:cb:ed:ea:b8:10:f1:96:
c1:a9:81:2c:2a:9a:15:5d:c0:b7:c5:22:a2:45:df:
39:9a:53:e5:ea:76:ac:28:1f:77:8d:8b:81:6c:70:
20:a0:d3:60:05:7d:d6:df:32:23:bd:b6:8b:be:16:
64:23:e0:36:fc:b6:0a:cb:42:19:34:61:a3:b8:0b:
ac:07:a7:17:e7:f3:20:8b:0b:06:47:32:04:25:b9:
90:f6:c5:15:6c:ef:50:86:ca:89:75:f2:da:e2:a3:
0e:29:dc:39:b6:8d:42:88:d4:43:85:64:b8:3f:42:
c7:bb:58:c0:6d:6c:2f:0c:88:48:da:75:f3:8b:bf:
5a:69:11:fc:5a:82:ed:2b:ae:72:3d:61:ca:12:fc:
71:d8:ea:13:31:17:9a:d4:d7:11:f3:c9:df:ae:f2:
d7:8e:67:25:f0:c9:b3:f5:fa:0b:e0:df:51:51:fb:
c9:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:EC:8C:40:9A:60:2B:91:56:EA:C1:FA:54:E2:0A:7F:63:2C:49:50
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/CuyMQJpgK5FW6sH6VOIKf2MsSVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.197.128.0/24
78.142.243.0/24
89.38.136.0/24
91.209.12.0/24
188.241.159.0/24
188.241.248.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:65:00:19:40:d4:b8:06:80:20:5f:43:31:62:1b:60:f9:8b:
47:e3:71:c7:fe:10:b2:54:25:85:93:7a:2d:cc:de:a3:81:25:
f2:a7:48:01:8f:f9:6b:43:96:94:b9:fa:d5:97:9a:d8:78:2c:
c8:cf:4a:4f:95:2c:7e:af:ad:c5:6b:1b:ec:3d:fb:96:ff:e8:
eb:e8:ea:0c:e1:fa:e8:63:be:4a:1d:10:32:61:c4:cc:d4:a0:
68:ed:8c:ec:d0:b5:16:9a:3c:51:c5:26:01:ae:c7:5d:78:18:
2f:c9:21:69:6a:0c:08:02:12:49:35:c6:44:68:26:fc:ba:d8:
bf:18:33:a9:64:95:2d:11:99:ea:8f:9b:bf:32:c9:d0:0e:31:
0d:e9:e1:27:21:6d:ae:7a:e0:68:ba:9a:a9:02:6d:a6:19:07:
1a:d3:4b:0f:12:a6:38:0c:c6:27:37:09:11:2d:c1:b1:73:54:
e2:11:f8:02:d5:10:c6:d5:00:b2:ee:7e:0a:98:7c:5a:f5:ca:
b2:ec:5f:a1:78:b9:0e:1a:8e:51:56:66:c4:ee:df:8a:da:79:
07:89:97:92:aa:cb:00:7b:24:df:e2:06:52:04:74:04:21:f4:
cb:eb:30:4d:51:6c:05:40:e8:b9:56:dc:22:06:5c:e3:38:0b:
e7:68:c2:e0
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYgghrn1AWDxXZc0zdIVqC3gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTE1MTc0ODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWVjOGM0MDlhNjAyYjkxNTZlYWMxZmE1NGUyMGE3ZjYzMmM0OTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVnry9Z38vIbC9vL/WGomNz+Ofav
1mWlCsTTDxfclPpV4htLWocXumz/iqF2c9rL//RcWUCU7tpEtQAeIQASCOc5DT4x
SLxdw4Ed/RrnBQqCvMvt6rgQ8ZbBqYEsKpoVXcC3xSKiRd85mlPl6nasKB93jYuB
bHAgoNNgBX3W3zIjvbaLvhZkI+A2/LYKy0IZNGGjuAusB6cX5/MgiwsGRzIEJbmQ
9sUVbO9QhsqJdfLa4qMOKdw5to1CiNRDhWS4P0LHu1jAbWwvDIhI2nXzi79aaRH8
WoLtK65yPWHKEvxx2OoTMRea1NcR88nfrvLXjmcl8Mmz9foL4N9RUfvJPQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFArsjECaYCuRVurB+lTiCn9jLElQMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvQ3V5TVFKcGdLNUZXNnNINlZPSUtmMk1zU1ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAPsWAAwQA
To7zAwQAWSaIAwQAW9EMAwQAvPGfAwQAvPH4MA0GCSqGSIb3DQEBCwUAA4IBAQCL
ZQAZQNS4BoAgX0MxYhtg+YtH43HH/hCyVCWFk3otzN6jgSXyp0gBj/lrQ5aUufrV
l5rYeCzIz0pPlSx+r63FaxvsPfuW/+jr6OoM4froY75KHRAyYcTM1KBo7Yzs0LUW
mjxRxSYBrsddeBgvySFpagwIAhJJNcZEaCb8uti/GDOpZJUtEZnqj5u/MsnQDjEN
6eEnIW2ueuBoupqpAm2mGQca00sPEqY4DMYnNwkRLcGxc1TiEfgC1RDG1QCy7n4K
mHxa9cqy7F+heLkOGo5RVmbE7t+K2nkHiZeSqssAeyTf4gZSBHQEIfTL6zBNUWwF
QOi5VtwiBlzjOAvnaMLg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org