Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JVFI3XQ6wsZof28qq0X83Ryzcj4.roa
File: JVFI3XQ6wsZof28qq0X83Ryzcj4.roa (raw, json)
Hash identifier: gOs17taiCB7FeXQedokq/vSoEvgzaOuTNl0d9nfW+Oc=
Subject key identifier: 25:51:48:DD:74:3A:C2:C6:68:7F:6F:2A:AB:45:FC:DD:1C:B3:72:3E
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018628324A176FC99EEC1FE2D737E1179B05
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JVFI3XQ6wsZof28qq0X83Ryzcj4.roa
Signing time: Mon 06 Feb 2023 19:27:09 +0000
ROA not before: Mon 06 Feb 2023 19:27:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 188.212.133.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.95.0/24 maxlen: 24
94.176.110.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
188.214.208.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:28:32:4a:17:6f:c9:9e:ec:1f:e2:d7:37:e1:17:9b:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 6 19:27:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=255148dd743ac2c6687f6f2aab45fcdd1cb3723e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:0d:84:b7:99:09:b1:a5:84:9f:a1:4d:59:34:
18:7e:31:07:39:97:71:b2:49:fb:f8:23:59:5a:c4:
f7:f6:01:06:f0:05:22:81:24:32:7f:b1:78:b0:1a:
96:02:0a:a3:7f:ae:17:42:7b:58:fd:8d:03:4b:3a:
3d:02:89:6c:bf:35:d3:b6:f3:c4:34:6b:20:c8:a2:
e2:43:a9:9d:c7:67:db:f4:be:d5:f6:2d:aa:3d:ae:
d3:9a:02:35:25:e0:6d:01:21:86:38:9d:f4:d1:1b:
24:51:76:88:cd:aa:1e:cd:30:60:ff:47:62:54:3d:
09:e4:1d:1b:17:a1:0c:d0:65:79:73:97:12:ad:7d:
b9:e7:29:50:a7:f6:bf:b3:61:88:1c:c7:7a:df:84:
b9:9c:59:55:17:52:9a:74:ba:11:15:a6:bd:68:0c:
b9:66:ac:b0:9d:a6:df:ae:e4:11:41:3d:6e:a0:a1:
73:74:0a:cd:ed:01:44:79:60:c3:ba:00:d5:d0:80:
95:00:7b:2f:77:7e:68:81:5c:d2:1f:09:c4:45:58:
c1:98:14:10:f9:71:21:cd:27:be:57:e3:82:3a:b2:
bc:49:2e:43:97:e3:e6:d4:12:12:7d:71:a9:5a:26:
39:4f:06:ec:07:e1:1f:2d:1d:f8:08:79:58:85:b4:
e2:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:51:48:DD:74:3A:C2:C6:68:7F:6F:2A:AB:45:FC:DD:1C:B3:72:3E
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JVFI3XQ6wsZof28qq0X83Ryzcj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.207.0/24
94.176.110.0/24
185.238.10.0/24
185.255.168.0/24
188.212.133.0/24
188.214.208.0/23
213.232.93.0/24
213.232.95.0/24
Signature Algorithm: sha256WithRSAEncryption
12:55:53:63:f2:1b:bf:28:1c:be:c6:06:67:8c:30:27:2b:3d:
f4:48:37:7b:0a:fd:f9:56:23:5d:6e:13:83:41:27:01:e9:c6:
16:be:6a:10:4b:f2:a1:0e:6e:02:a4:6e:02:2b:1d:42:cd:a2:
95:08:34:5c:bd:10:96:a4:d5:4f:e3:53:d6:b7:59:3e:5e:c9:
d4:ef:e8:01:18:2b:02:a9:ad:2c:ae:95:32:a2:b4:ea:b1:e0:
ec:8b:57:dd:da:10:d9:08:36:50:73:c2:1f:fb:b8:d8:cf:cb:
91:d6:06:ca:98:b0:4b:a6:7f:7a:d7:10:75:09:a3:a7:c3:a7:
49:99:ba:f0:27:9e:8c:16:fe:00:e4:57:f8:6e:ac:e9:0d:04:
43:d1:5f:60:14:d5:33:69:c2:25:92:b2:e9:3a:5c:7c:48:fa:
3a:f9:af:43:72:b2:22:75:7a:ca:db:cf:d5:51:c0:36:c6:c9:
63:92:87:28:34:b9:e6:a9:76:c2:27:5f:e9:a8:57:da:9b:11:
5f:43:ec:7a:86:3c:ed:cb:31:9f:df:c5:d8:45:ef:f2:af:eb:
14:67:c3:3a:48:08:51:3f:33:ab:08:86:42:69:d8:77:cf:1b:
df:cb:e5:f2:09:3d:03:a6:3b:50:83:af:c1:e4:e3:65:a4:aa:
12:ff:b5:ba
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYYoMkoXb8me7B/i1zfhF5sFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjA2MTkyNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTUxNDhkZDc0M2FjMmM2Njg3ZjZmMmFhYjQ1ZmNkZDFjYjM3MjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiA2Et5kJsaWEn6FNWTQYfjEHOZdx
skn7+CNZWsT39gEG8AUigSQyf7F4sBqWAgqjf64XQntY/Y0DSzo9AolsvzXTtvPE
NGsgyKLiQ6mdx2fb9L7V9i2qPa7TmgI1JeBtASGGOJ300RskUXaIzaoezTBg/0di
VD0J5B0bF6EM0GV5c5cSrX255ylQp/a/s2GIHMd634S5nFlVF1KadLoRFaa9aAy5
ZqywnabfruQRQT1uoKFzdArN7QFEeWDDugDV0ICVAHsvd35ogVzSHwnERVjBmBQQ
+XEhzSe+V+OCOrK8SS5Dl+Pm1BISfXGpWiY5TwbsB+EfLR34CHlYhbTizwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFCVRSN10OsLGaH9vKqtF/N0cs3I+MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSlZGSTNYUTZ3c1pvZjI4cXEwWDgzUnl6Y2o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAW7zPAwQA
XrBuAwQAue4KAwQAuf+oAwQAvNSFAwQBvNbQAwQA1ehdAwQA1ehfMA0GCSqGSIb3
DQEBCwUAA4IBAQASVVNj8hu/KBy+xgZnjDAnKz30SDd7Cv35ViNdbhODQScB6cYW
vmoQS/KhDm4CpG4CKx1CzaKVCDRcvRCWpNVP41PWt1k+XsnU7+gBGCsCqa0srpUy
orTqseDsi1fd2hDZCDZQc8If+7jYz8uR1gbKmLBLpn961xB1CaOnw6dJmbrwJ56M
Fv4A5Ff4bqzpDQRD0V9gFNUzacIlkrLpOlx8SPo6+a9DcrIidXrK28/VUcA2xslj
kocoNLnmqXbCJ1/pqFfamxFfQ+x6hjztyzGf38XYRe/yr+sUZ8M6SAhRPzOrCIZC
adh3zxvfy+XyCT0DpjtQg6/B5ONlpKoS/7W6
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:01 2023 by rpki-client on console-fra.rpki-client.org