Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/DD6Io_2WEMtt2ssT0vysJ4NXkCk.roa
File: DD6Io_2WEMtt2ssT0vysJ4NXkCk.roa (raw, json)
Hash identifier: Xnf9IPHbiB1fJk4kxcd+5BT0GpIuMtx0fwPsBhZqOGk=
Subject key identifier: 0C:3E:88:A3:FD:96:10:CB:6D:DA:CB:13:D2:FC:AC:27:83:57:90:29
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B5DA415C2D80BC2529CFDF46B7064EEA4
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/DD6Io_2WEMtt2ssT0vysJ4NXkCk.roa
Signing time: Mon 23 Oct 2023 17:45:16 +0000
ROA not before: Mon 23 Oct 2023 17:45:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203639
IP address blocks: 188.240.68.0/24 maxlen: 24
188.213.203.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5d:a4:15:c2:d8:0b:c2:52:9c:fd:f4:6b:70:64:ee:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 23 17:45:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c3e88a3fd9610cb6ddacb13d2fcac2783579029
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:9f:bb:5e:f3:e0:a2:2e:2d:15:73:ba:1b:1d:
b6:35:48:11:3c:2a:fc:6f:6f:18:d3:c3:fa:51:f4:
22:34:ad:be:e7:d0:4e:19:48:f1:d0:c8:ce:6b:c3:
6b:b8:ec:02:4e:3a:89:aa:b7:63:6f:82:21:e7:93:
a0:fe:ab:f2:bf:be:51:2e:5e:3f:83:31:4b:a3:e6:
73:0d:f7:8c:83:28:a0:78:8f:cc:b9:83:6e:78:61:
25:05:e4:58:d0:3b:da:04:f2:76:2a:00:f6:80:47:
9c:a5:95:0a:25:77:3b:e7:23:f2:e0:dc:e5:ee:a3:
71:1f:4f:a0:88:1a:d2:98:5c:7b:5c:57:ce:7b:dc:
d2:95:33:a5:1e:dd:49:76:84:7e:fe:54:5a:b0:7b:
1f:3f:c9:a0:ac:96:cb:10:5f:7d:ba:be:1d:e6:27:
87:34:f9:e8:de:c5:30:40:37:87:cc:03:fe:8a:f8:
f1:61:3e:a6:ea:87:4d:3b:0a:65:ff:a7:c9:97:c3:
65:aa:c7:0f:ab:68:65:39:d0:c2:f0:4d:69:05:e4:
79:f6:61:ae:45:ac:51:e5:4e:1f:ca:3c:cc:20:89:
d3:2b:1d:74:35:54:71:ee:6e:a9:e9:0d:b1:a1:7d:
69:16:4e:d1:b8:fa:1b:fa:3b:ae:fa:34:4f:ac:13:
ca:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:3E:88:A3:FD:96:10:CB:6D:DA:CB:13:D2:FC:AC:27:83:57:90:29
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/DD6Io_2WEMtt2ssT0vysJ4NXkCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.213.203.0/24
188.240.68.0/24
Signature Algorithm: sha256WithRSAEncryption
78:53:a8:39:1a:41:55:44:45:78:7f:99:6a:7c:bf:93:f3:dd:
d5:d5:8f:a3:bf:c2:55:66:ab:4d:c1:0e:60:f2:7e:43:c5:3e:
fd:9d:eb:30:e3:5b:d9:1c:4e:26:8f:bc:d1:ed:ac:68:eb:7a:
27:6e:80:3b:bb:8c:1d:35:a2:eb:d2:ae:aa:fc:e1:e8:06:aa:
0c:bd:99:e1:d9:b3:d9:62:07:bc:01:9b:11:fc:21:e7:28:e6:
d7:f4:fd:78:03:36:fc:18:40:83:c3:30:87:b5:74:61:30:2e:
16:04:f3:6e:9a:41:b4:75:fa:34:6c:6a:cf:ec:52:c9:2e:0e:
cf:c8:de:fc:62:bf:66:d4:58:6e:1b:3d:3c:e0:4c:5c:6c:3d:
aa:b4:00:1a:67:1c:bf:7d:05:ea:9f:a4:57:4b:66:79:ad:a0:
8a:ba:11:33:cf:5f:94:8c:c7:b3:53:21:ee:0c:dc:63:2b:b4:
ca:8f:70:1f:7e:47:82:92:c5:7f:60:4b:e7:e8:d2:e8:86:61:
2f:e6:53:1a:30:73:28:56:ab:58:a7:c2:03:58:1f:2a:dc:20:
70:ef:c6:0d:8b:7a:be:3c:b4:c0:9f:89:15:1e:16:6f:32:76:
9d:10:6b:05:da:73:13:1b:52:2b:2d:26:be:37:12:cb:b8:54:
cd:2c:14:4c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYtdpBXC2AvCUpz99GtwZO6kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDIzMTc0NTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzNlODhhM2ZkOTYxMGNiNmRkYWNiMTNkMmZjYWMyNzgzNTc5MDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZ+7XvPgoi4tFXO6Gx22NUgRPCr8
b28Y08P6UfQiNK2+59BOGUjx0MjOa8NruOwCTjqJqrdjb4Ih55Og/qvyv75RLl4/
gzFLo+ZzDfeMgyigeI/MuYNueGElBeRY0DvaBPJ2KgD2gEecpZUKJXc75yPy4Nzl
7qNxH0+giBrSmFx7XFfOe9zSlTOlHt1JdoR+/lRasHsfP8mgrJbLEF99ur4d5ieH
NPno3sUwQDeHzAP+ivjxYT6m6odNOwpl/6fJl8NlqscPq2hlOdDC8E1pBeR59mGu
RaxR5U4fyjzMIInTKx10NVRx7m6p6Q2xoX1pFk7RuPob+juu+jRPrBPK8wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAw+iKP9lhDLbdrLE9L8rCeDV5ApMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvREQ2SW9fMldFTXR0MnNzVDB2eXNKNE5Ya0NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvNXLAwQA
vPBEMA0GCSqGSIb3DQEBCwUAA4IBAQB4U6g5GkFVREV4f5lqfL+T893V1Y+jv8JV
ZqtNwQ5g8n5DxT79nesw41vZHE4mj7zR7axo63onboA7u4wdNaLr0q6q/OHoBqoM
vZnh2bPZYge8AZsR/CHnKObX9P14Azb8GECDwzCHtXRhMC4WBPNumkG0dfo0bGrP
7FLJLg7PyN78Yr9m1FhuGz084ExcbD2qtAAaZxy/fQXqn6RXS2Z5raCKuhEzz1+U
jMezUyHuDNxjK7TKj3AffkeCksV/YEvn6NLohmEv5lMaMHMoVqtYp8IDWB8q3CBw
78YNi3q+PLTAn4kVHhZvMnadEGsF2nMTG1IrLSa+NxLLuFTNLBRM
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:17 2024 by rpki-client on console-ams.rpki-client.org