Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/IV5oQIPT6YtxipEN4elYa2DWs-I.roa
File: IV5oQIPT6YtxipEN4elYa2DWs-I.roa (raw, json)
Hash identifier: cdRyKbdhi/gIwP0iNcN5n22JiUM81eY27iDvGwWz/QQ=
Subject key identifier: 21:5E:68:40:83:D3:E9:8B:71:8A:91:0D:E1:E9:58:6B:60:D6:B3:E2
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018AF1950DC5C104991458B920952755F2B2
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/IV5oQIPT6YtxipEN4elYa2DWs-I.roa
Signing time: Mon 02 Oct 2023 18:09:51 +0000
ROA not before: Mon 02 Oct 2023 18:09:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199760
IP address blocks: 188.212.132.0/24 maxlen: 24
188.241.182.0/24 maxlen: 24
93.115.109.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f1:95:0d:c5:c1:04:99:14:58:b9:20:95:27:55:f2:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 2 18:09:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=215e684083d3e98b718a910de1e9586b60d6b3e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:3e:17:d4:39:2e:42:1a:cf:0a:92:9b:e8:64:
4a:ab:4d:d9:5a:4d:bb:97:f9:88:6b:91:3c:0c:ff:
58:95:73:59:2a:97:04:4e:38:ea:3f:37:5a:c3:2a:
57:8c:3f:55:1a:20:c9:47:8c:84:a7:0d:bf:ef:f3:
bc:fb:bc:8e:0b:88:2f:f9:15:70:3d:d7:80:f9:37:
53:c5:de:6c:92:90:9e:53:c3:df:8d:ba:47:8a:60:
5b:f1:48:8f:00:b4:84:ea:26:73:4b:17:90:30:3c:
2f:2f:a6:94:16:84:ac:02:62:14:04:9f:2f:11:61:
c9:a4:5d:17:ba:9e:22:14:02:51:21:fd:9c:03:73:
e1:6f:d6:ac:8d:bc:93:7b:d9:24:45:69:8c:c6:06:
30:4c:37:07:bb:1d:ed:21:d9:b9:26:ab:8b:2e:2b:
42:0b:c6:9c:d8:3d:1c:1d:f1:2a:a1:0a:f5:43:31:
55:3a:b3:df:78:64:21:1e:e1:d2:d4:7b:97:8b:d1:
25:2e:96:57:5d:1b:fb:58:11:20:26:44:1c:99:ae:
53:ad:ae:d4:98:7f:34:93:09:7a:4e:65:fc:08:17:
86:a4:c2:a9:bd:c2:fc:83:46:f0:c5:30:39:42:be:
76:3c:20:d4:c5:71:2a:b1:f5:94:bc:14:a6:a2:07:
cf:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:5E:68:40:83:D3:E9:8B:71:8A:91:0D:E1:E9:58:6B:60:D6:B3:E2
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/IV5oQIPT6YtxipEN4elYa2DWs-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.115.109.0/24
188.212.132.0/24
188.241.182.0/24
Signature Algorithm: sha256WithRSAEncryption
83:be:4e:a4:c0:ec:55:e3:c9:07:70:cd:a7:5b:49:db:a9:96:
44:12:aa:93:52:b6:52:0f:44:12:aa:97:af:9e:75:d9:f4:59:
8d:cb:8b:80:4b:54:51:80:6c:b3:15:bc:68:c1:06:2e:a8:c9:
77:86:e4:ca:33:ab:52:f5:cf:a4:c0:b5:14:1d:ba:59:e4:50:
b1:be:e2:bb:15:ef:7f:6b:00:c0:a9:09:11:46:5b:1c:59:d1:
9b:97:7e:e0:57:36:0a:90:c7:8c:f2:b5:2d:fe:6d:ee:5d:b3:
56:28:2c:11:e1:81:59:2d:cf:cf:64:03:d2:76:1a:79:26:99:
0b:16:73:45:01:65:d0:70:09:a6:aa:a9:97:21:66:49:0a:dc:
fe:87:b2:f7:dd:b4:f5:45:d2:83:ed:ad:a0:3a:16:7b:86:1b:
76:28:95:f4:88:17:51:8d:18:2e:1a:24:c2:a0:db:b4:0d:38:
5a:b1:9a:a9:7b:be:b6:7a:94:1b:38:08:33:7a:ec:e3:56:c0:
40:e5:af:33:70:e5:01:50:84:e5:b2:e5:5e:1f:4c:c9:cd:04:
0b:5a:c7:7e:ea:2d:fe:34:8a:2a:cd:68:5f:f2:2d:85:17:a7:
9a:b5:f9:01:c3:6d:fe:2b:6e:f1:8f:6b:ae:56:b8:d6:15:d6:
97:04:c9:39
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYrxlQ3FwQSZFFi5IJUnVfKyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDAyMTgwOTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTVlNjg0MDgzZDNlOThiNzE4YTkxMGRlMWU5NTg2YjYwZDZiM2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoD4X1DkuQhrPCpKb6GRKq03ZWk27
l/mIa5E8DP9YlXNZKpcETjjqPzdawypXjD9VGiDJR4yEpw2/7/O8+7yOC4gv+RVw
PdeA+TdTxd5skpCeU8PfjbpHimBb8UiPALSE6iZzSxeQMDwvL6aUFoSsAmIUBJ8v
EWHJpF0Xup4iFAJRIf2cA3Phb9asjbyTe9kkRWmMxgYwTDcHux3tIdm5JquLLitC
C8ac2D0cHfEqoQr1QzFVOrPfeGQhHuHS1HuXi9ElLpZXXRv7WBEgJkQcma5Tra7U
mH80kwl6TmX8CBeGpMKpvcL8g0bwxTA5Qr52PCDUxXEqsfWUvBSmogfPhwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCFeaECD0+mLcYqRDeHpWGtg1rPiMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSVY1b1FJUFQ2WXR4aXBFTjRlbFlhMkRXcy1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXXNtAwQA
vNSEAwQAvPG2MA0GCSqGSIb3DQEBCwUAA4IBAQCDvk6kwOxV48kHcM2nW0nbqZZE
EqqTUrZSD0QSqpevnnXZ9FmNy4uAS1RRgGyzFbxowQYuqMl3huTKM6tS9c+kwLUU
HbpZ5FCxvuK7Fe9/awDAqQkRRlscWdGbl37gVzYKkMeM8rUt/m3uXbNWKCwR4YFZ
Lc/PZAPSdhp5JpkLFnNFAWXQcAmmqqmXIWZJCtz+h7L33bT1RdKD7a2gOhZ7hht2
KJX0iBdRjRguGiTCoNu0DThasZqpe762epQbOAgzeuzjVsBA5a8zcOUBUITlsuVe
H0zJzQQLWsd+6i3+NIoqzWhf8i2FF6eatfkBw23+K27xj2uuVrjWFdaXBMk5
-----END CERTIFICATE-----
Generated at Mon Oct 9 10:44:38 2023 by rpki-client on console-ams.rpki-client.org