Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/E1J3asfySSUWAhe0TtJLbl-f9XM.roa
File: E1J3asfySSUWAhe0TtJLbl-f9XM.roa (raw, json)
Hash identifier: aLQHEX4nEy/HLrRevGHVbUuVjm1uTBrsonsIV2uL08M=
Subject key identifier: 13:52:77:6A:C7:F2:49:25:16:02:17:B4:4E:D2:4B:6E:5F:9F:F5:73
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018612F40E7A1844C8EF047892EDAD3EE2C7
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/E1J3asfySSUWAhe0TtJLbl-f9XM.roa
Signing time: Thu 02 Feb 2023 16:27:09 +0000
ROA not before: Thu 02 Feb 2023 16:27:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 213.232.93.0/24 maxlen: 24
213.232.95.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
188.214.208.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:12:f4:0e:7a:18:44:c8:ef:04:78:92:ed:ad:3e:e2:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 2 16:27:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1352776ac7f24925160217b44ed24b6e5f9ff573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a6:26:7a:f3:ac:bb:00:43:6c:8e:5d:66:5f:
3c:12:41:6d:ba:85:91:fb:0b:58:15:ac:d9:59:f8:
98:4b:16:1b:62:6c:01:eb:1b:e0:35:80:f5:4e:86:
6f:6a:4f:87:23:14:27:66:9e:64:f1:15:d6:17:8f:
c5:91:79:f0:f8:19:be:7d:0f:73:40:14:1c:10:8e:
86:16:4d:16:37:44:89:79:94:1d:5c:c2:e9:13:76:
c7:d9:95:fb:81:ba:5b:66:10:4d:d5:44:52:b8:dc:
d4:d0:37:00:af:bd:92:40:bb:b1:b2:c4:87:41:20:
1c:82:0a:50:d4:71:bd:89:8a:9e:fd:3f:70:72:41:
c1:71:ed:7e:0f:76:07:be:82:72:04:18:5d:fe:d1:
32:33:97:4c:f6:1b:12:af:fe:71:09:2e:72:34:a7:
26:ed:cd:9e:d6:0b:34:8d:5b:9a:da:92:88:f5:47:
af:fb:66:2a:8f:09:73:c6:1a:a9:48:09:0c:34:30:
83:2e:06:5e:11:27:8e:57:8b:bc:c3:d5:46:94:ca:
22:f4:4d:10:28:c1:1b:65:d0:60:54:c8:01:1a:87:
e3:95:8d:61:31:c2:f3:7a:e3:7d:16:07:5a:ad:c2:
25:fb:bd:60:7f:99:aa:3e:71:41:6f:ce:eb:da:ae:
85:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:52:77:6A:C7:F2:49:25:16:02:17:B4:4E:D2:4B:6E:5F:9F:F5:73
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/E1J3asfySSUWAhe0TtJLbl-f9XM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.207.0/24
185.238.10.0/24
185.255.168.0/24
188.214.208.0/24
213.232.93.0/24
213.232.95.0/24
Signature Algorithm: sha256WithRSAEncryption
81:ac:76:8e:72:73:28:27:5f:25:7f:c8:a1:77:5b:bf:86:54:
92:82:22:f1:ef:8d:dc:a1:00:5e:a9:16:11:9f:64:98:40:9b:
f4:9a:60:48:80:e1:02:27:7d:0d:92:aa:9e:ad:38:ed:9f:54:
88:2e:ed:cd:1a:a3:9a:6a:d1:20:dc:94:18:bd:bc:b3:29:81:
b3:f4:e0:14:3e:f3:d9:fe:13:91:16:26:81:86:88:ba:54:98:
f0:7b:64:4b:0b:6c:d8:c2:fc:bd:93:5c:ac:9e:a8:87:f8:ee:
c1:d6:45:2e:e1:de:65:9a:dc:7e:d1:0a:42:fc:87:85:a2:8b:
70:04:49:ac:08:e3:8a:07:bb:78:91:2b:b3:29:17:08:0d:6b:
86:1a:bb:a1:48:30:9c:f7:7c:0e:28:43:d9:b1:5f:f2:84:b1:
b4:0d:1c:78:09:c4:a2:2f:51:5a:c6:68:c7:9d:3a:92:3e:07:
9a:c3:4a:7a:83:c9:6b:0d:2c:7c:18:f2:76:f2:56:7e:2c:6e:
5e:a4:46:ba:d2:ef:82:e5:f4:b5:cc:58:34:71:34:09:e0:91:
a1:1d:83:0c:7c:07:46:ad:c3:cd:1e:8b:1a:a0:8a:4f:5a:e8:
10:84:80:23:97:0e:a9:77:4b:cf:ee:51:17:15:db:0d:e7:d3:
85:7a:b1:73
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYYS9A56GETI7wR4ku2tPuLHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjAyMTYyNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzUyNzc2YWM3ZjI0OTI1MTYwMjE3YjQ0ZWQyNGI2ZTVmOWZmNTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaYmevOsuwBDbI5dZl88EkFtuoWR
+wtYFazZWfiYSxYbYmwB6xvgNYD1ToZvak+HIxQnZp5k8RXWF4/FkXnw+Bm+fQ9z
QBQcEI6GFk0WN0SJeZQdXMLpE3bH2ZX7gbpbZhBN1URSuNzU0DcAr72SQLuxssSH
QSAcggpQ1HG9iYqe/T9wckHBce1+D3YHvoJyBBhd/tEyM5dM9hsSr/5xCS5yNKcm
7c2e1gs0jVua2pKI9Uev+2YqjwlzxhqpSAkMNDCDLgZeESeOV4u8w9VGlMoi9E0Q
KMEbZdBgVMgBGofjlY1hMcLzeuN9FgdarcIl+71gf5mqPnFBb87r2q6F0wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBNSd2rH8kklFgIXtE7SS25fn/VzMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvRTFKM2FzZnlTU1VXQWhlMFR0SkxibC1mOVhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAW7zPAwQA
ue4KAwQAuf+oAwQAvNbQAwQA1ehdAwQA1ehfMA0GCSqGSIb3DQEBCwUAA4IBAQCB
rHaOcnMoJ18lf8ihd1u/hlSSgiLx743coQBeqRYRn2SYQJv0mmBIgOECJ30Nkqqe
rTjtn1SILu3NGqOaatEg3JQYvbyzKYGz9OAUPvPZ/hORFiaBhoi6VJjwe2RLC2zY
wvy9k1ysnqiH+O7B1kUu4d5lmtx+0QpC/IeFootwBEmsCOOKB7t4kSuzKRcIDWuG
GruhSDCc93wOKEPZsV/yhLG0DRx4CcSiL1FaxmjHnTqSPgeaw0p6g8lrDSx8GPJ2
8lZ+LG5epEa60u+C5fS1zFg0cTQJ4JGhHYMMfAdGrcPNHosaoIpPWugQhIAjlw6p
d0vP7lEXFdsN59OFerFz
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:58 2023 by rpki-client on console-fra.rpki-client.org