Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/H8ifZ_eqiCe-BlJJu8wTskx1Tkc.roa
File: H8ifZ_eqiCe-BlJJu8wTskx1Tkc.roa (raw, json)
Hash identifier: 1CfgaVYq9G91HjgJ8clXXiBMpiREtlpS4UiVrqZXjyM=
Subject key identifier: 1F:C8:9F:67:F7:AA:88:27:BE:06:52:49:BB:CC:13:B2:4C:75:4E:47
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01866B0B726AB4C5B519CDA1E36B8A164A10
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/H8ifZ_eqiCe-BlJJu8wTskx1Tkc.roa
Signing time: Sun 19 Feb 2023 18:59:17 +0000
ROA not before: Sun 19 Feb 2023 18:59:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 93.114.193.0/24 maxlen: 24
188.240.68.0/24 maxlen: 24
185.255.36.0/24 maxlen: 24
185.135.142.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.240.226.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6b:0b:72:6a:b4:c5:b5:19:cd:a1:e3:6b:8a:16:4a:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 19 18:59:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1fc89f67f7aa8827be065249bbcc13b24c754e47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:51:ee:ac:89:bf:6b:73:21:1b:77:d8:bd:0e:
2b:d1:03:0c:b3:f1:c3:84:6d:7e:ad:ce:42:31:64:
3f:12:33:1f:e5:55:25:32:ed:68:47:76:b1:b1:b3:
b4:75:5a:1c:5e:3f:a4:a5:7c:b6:e6:02:0f:70:23:
7c:82:4d:35:ed:e2:de:dc:53:8e:d9:4a:4b:ee:80:
47:4e:5a:93:aa:13:ec:99:0d:d4:b4:88:f8:82:2a:
df:6f:0b:96:59:bc:b4:08:43:91:81:fe:93:2d:25:
3b:49:01:75:c9:cc:e5:16:7a:b1:3e:8c:b5:b7:cf:
ec:b1:bd:a7:ff:54:f4:7e:43:c1:e4:5f:e0:db:18:
81:be:4a:9c:98:f0:36:02:de:c8:9e:dc:54:ab:d5:
4a:15:c5:49:c1:7b:f8:c7:bc:1d:26:1d:16:a9:f3:
d4:f0:7d:ed:bc:25:8a:37:56:6e:61:32:97:e4:94:
30:05:18:98:99:31:f8:67:01:b1:c4:5d:ba:be:bf:
14:6f:19:a2:41:1e:6c:74:be:3d:0e:b8:09:97:a0:
c0:f7:13:16:17:f9:a7:97:59:6a:a8:fc:b8:40:9d:
1e:08:3d:02:17:13:19:88:d5:ee:bd:7a:dc:7b:2a:
f5:b0:24:c5:bd:80:6f:6e:a5:60:ca:2d:0a:88:98:
d8:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:C8:9F:67:F7:AA:88:27:BE:06:52:49:BB:CC:13:B2:4C:75:4E:47
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/H8ifZ_eqiCe-BlJJu8wTskx1Tkc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.114.193.0/24
185.135.142.0/24
185.255.36.0/24
185.255.39.0/24
188.240.68.0/24
188.240.226.0/23
Signature Algorithm: sha256WithRSAEncryption
07:d0:bc:62:15:45:3c:85:f1:6b:fc:60:6d:ef:44:47:a3:9c:
c1:06:2d:41:4c:4f:b6:85:ba:45:7e:52:e7:19:7c:48:4d:94:
83:97:c7:ba:3b:67:37:46:25:58:b7:c2:01:9b:3a:85:50:7c:
a9:e0:25:ce:b7:19:8c:59:6e:98:37:0e:e7:0a:b6:c6:e0:2b:
54:0e:9d:17:f4:65:80:7c:cc:5c:dd:34:c3:1f:ed:ba:a0:cb:
b0:8b:dd:15:b6:fc:28:07:53:79:df:ab:27:12:56:53:1d:89:
21:e7:6e:d9:15:5d:9e:6c:de:45:44:a2:00:e8:81:20:31:05:
ca:69:89:13:45:45:ee:ac:9f:8d:fc:3a:97:23:ed:d4:04:84:
50:79:38:10:86:ac:f9:ca:f2:c0:82:02:8f:b4:47:d7:ee:8e:
57:02:ce:b1:3c:48:e3:7e:8d:be:bf:a3:82:c3:c0:34:22:10:
60:ae:2f:3d:2c:4a:7b:b4:ba:02:e2:78:36:04:e2:a5:63:0b:
29:2e:09:64:f7:2a:7f:10:cb:23:45:9e:1d:94:09:bb:9b:0e:
e8:34:12:05:af:f1:14:e3:df:0d:a4:72:b3:70:c1:0a:4a:71:
27:f8:8d:78:db:01:72:f1:d6:e3:c6:36:f4:4e:b8:23:26:72:
d5:ee:b9:c9
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYZrC3JqtMW1Gc2h42uKFkoQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjE5MTg1OTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmM4OWY2N2Y3YWE4ODI3YmUwNjUyNDliYmNjMTNiMjRjNzU0ZTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlHurIm/a3MhG3fYvQ4r0QMMs/HD
hG1+rc5CMWQ/EjMf5VUlMu1oR3axsbO0dVocXj+kpXy25gIPcCN8gk017eLe3FOO
2UpL7oBHTlqTqhPsmQ3UtIj4girfbwuWWby0CEORgf6TLSU7SQF1yczlFnqxPoy1
t8/ssb2n/1T0fkPB5F/g2xiBvkqcmPA2At7IntxUq9VKFcVJwXv4x7wdJh0WqfPU
8H3tvCWKN1ZuYTKX5JQwBRiYmTH4ZwGxxF26vr8UbxmiQR5sdL49DrgJl6DA9xMW
F/mnl1lqqPy4QJ0eCD0CFxMZiNXuvXrceyr1sCTFvYBvbqVgyi0KiJjYMwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFB/In2f3qognvgZSSbvME7JMdU5HMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSDhpZlpfZXFpQ2UtQmxKSnU4d1Rza3gxVGtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAXXLBAwQA
uYeOAwQAuf8kAwQAuf8nAwQAvPBEAwQBvPDiMA0GCSqGSIb3DQEBCwUAA4IBAQAH
0LxiFUU8hfFr/GBt70RHo5zBBi1BTE+2hbpFflLnGXxITZSDl8e6O2c3RiVYt8IB
mzqFUHyp4CXOtxmMWW6YNw7nCrbG4CtUDp0X9GWAfMxc3TTDH+26oMuwi90Vtvwo
B1N536snElZTHYkh527ZFV2ebN5FRKIA6IEgMQXKaYkTRUXurJ+N/DqXI+3UBIRQ
eTgQhqz5yvLAggKPtEfX7o5XAs6xPEjjfo2+v6OCw8A0IhBgri89LEp7tLoC4ng2
BOKlYwspLglk9yp/EMsjRZ4dlAm7mw7oNBIFr/EU498NpHKzcMEKSnEn+I142wFy
8dbjxjb0TrgjJnLV7rnJ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:01 2023 by rpki-client on console-fra.rpki-client.org