Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JhMAcGDl245DC545pUir3XnzEhY.roa
File: JhMAcGDl245DC545pUir3XnzEhY.roa (raw, json)
Hash identifier: FhzLMmlhdZJgL95OPjZEgxhUeJ394f6e25XR5MwCjHQ=
Subject key identifier: 26:13:00:70:60:E5:DB:8E:43:0B:9E:39:A5:48:AB:DD:79:F3:12:16
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0188D89D906D299FBC3CD736C9394933F0CE
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JhMAcGDl245DC545pUir3XnzEhY.roa
Signing time: Tue 20 Jun 2023 11:43:04 +0000
ROA not before: Tue 20 Jun 2023 11:43:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211373
IP address blocks: 93.115.254.0/24 maxlen: 24
178.239.204.0/24 maxlen: 24
93.114.193.0/24 maxlen: 24
185.135.140.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d8:9d:90:6d:29:9f:bc:3c:d7:36:c9:39:49:33:f0:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jun 20 11:43:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2613007060e5db8e430b9e39a548abdd79f31216
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b6:7e:f4:0b:cb:a9:a3:62:eb:db:e5:6b:f4:
1e:e3:29:f8:4f:81:58:53:59:3d:2d:56:f9:28:61:
a7:c1:35:06:48:b4:4b:1f:45:bf:b7:15:94:63:f1:
aa:1d:84:05:68:88:c5:32:fb:bc:d6:b4:11:54:c1:
a7:14:d4:c9:bd:8a:4d:9f:e1:8a:4e:dd:d3:7a:f0:
90:9c:52:c7:c9:6c:5c:b9:ff:48:c0:1a:a0:93:e2:
f8:7f:61:92:01:d3:3c:3f:0a:35:07:cb:92:cb:60:
e6:18:f3:a7:1d:25:6c:b4:53:9e:7a:fc:4b:63:d1:
3b:de:57:50:52:f1:dd:ac:ef:04:58:b6:54:1f:f9:
ba:53:c3:3c:c7:d5:04:83:80:88:bd:5f:e5:83:7d:
df:4e:97:39:28:1c:aa:aa:1b:1b:54:22:69:8d:79:
bf:08:2f:9f:1a:95:04:dc:d6:42:22:45:d9:7f:d4:
94:36:6c:83:1d:05:95:47:27:5f:c0:56:c7:f9:9c:
01:4e:fe:5d:dd:01:90:57:30:59:f2:d5:f1:02:2e:
46:3d:01:a8:08:fd:b9:da:2b:25:88:26:3b:5c:ba:
94:61:6e:a7:53:44:29:6a:9f:08:b2:a1:f6:ba:36:
38:6e:fa:f6:29:d7:2e:4a:3f:d8:26:77:3e:16:df:
86:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:13:00:70:60:E5:DB:8E:43:0B:9E:39:A5:48:AB:DD:79:F3:12:16
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JhMAcGDl245DC545pUir3XnzEhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.114.193.0/24
93.115.254.0/24
178.239.204.0/24
185.135.140.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:0b:e6:6f:27:04:28:36:ef:72:d1:ff:58:6c:6c:f3:e4:cc:
5f:43:ee:12:ec:bf:0a:ce:8f:b7:94:7a:1b:37:ad:33:7b:11:
a2:62:e0:d8:cf:e6:af:a8:c8:6e:1d:f3:5a:49:32:66:0e:0c:
47:99:e0:df:e6:60:f5:33:e9:40:9c:19:31:f5:dc:16:e5:93:
4d:ea:ee:9b:39:47:d0:22:b4:6c:aa:87:1d:0f:9f:a7:e3:a0:
04:be:6e:c9:3d:5b:46:be:14:de:cf:15:7a:54:0a:9b:b8:58:
2d:59:3a:7f:dc:8c:94:ba:71:45:b8:8d:2d:9f:82:c2:b6:43:
4d:c7:49:45:63:14:07:34:b6:dd:f1:17:e2:61:37:75:9e:2f:
ad:c8:99:6d:97:62:e9:47:1e:54:c3:cb:fd:68:ac:00:fc:2d:
3f:ca:a5:4c:28:50:76:91:03:d6:39:b4:ae:df:27:0d:11:bb:
d5:31:2b:98:6a:2c:d1:a5:4c:8a:83:8b:c7:f0:6f:3a:b1:08:
cf:46:bb:fb:c9:31:78:5d:39:a9:5f:b0:37:2f:8c:9b:82:2c:
f5:88:dd:60:cf:cb:c1:27:4a:9c:6f:e9:03:f0:5d:84:f7:25:
ae:f2:f0:df:14:c8:2d:65:1e:39:67:57:98:86:70:f8:81:78:
ac:c3:6d:19
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYjYnZBtKZ+8PNc2yTlJM/DOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNjIwMTE0MzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjEzMDA3MDYwZTVkYjhlNDMwYjllMzlhNTQ4YWJkZDc5ZjMxMjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbZ+9AvLqaNi69vla/Qe4yn4T4FY
U1k9LVb5KGGnwTUGSLRLH0W/txWUY/GqHYQFaIjFMvu81rQRVMGnFNTJvYpNn+GK
Tt3TevCQnFLHyWxcuf9IwBqgk+L4f2GSAdM8Pwo1B8uSy2DmGPOnHSVstFOeevxL
Y9E73ldQUvHdrO8EWLZUH/m6U8M8x9UEg4CIvV/lg33fTpc5KByqqhsbVCJpjXm/
CC+fGpUE3NZCIkXZf9SUNmyDHQWVRydfwFbH+ZwBTv5d3QGQVzBZ8tXxAi5GPQGo
CP252isliCY7XLqUYW6nU0Qpap8IsqH2ujY4bvr2KdcuSj/YJnc+Ft+GPwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCYTAHBg5duOQwueOaVIq9158xIWMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSmhNQWNHRGwyNDVEQzU0NXBVaXIzWG56RWhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXXLBAwQA
XXP+AwQAsu/MAwQAuYeMMA0GCSqGSIb3DQEBCwUAA4IBAQBvC+ZvJwQoNu9y0f9Y
bGzz5MxfQ+4S7L8Kzo+3lHobN60zexGiYuDYz+avqMhuHfNaSTJmDgxHmeDf5mD1
M+lAnBkx9dwW5ZNN6u6bOUfQIrRsqocdD5+n46AEvm7JPVtGvhTezxV6VAqbuFgt
WTp/3IyUunFFuI0tn4LCtkNNx0lFYxQHNLbd8RfiYTd1ni+tyJltl2LpRx5Uw8v9
aKwA/C0/yqVMKFB2kQPWObSu3ycNEbvVMSuYaizRpUyKg4vH8G86sQjPRrv7yTF4
XTmpX7A3L4ybgiz1iN1gz8vBJ0qcb+kD8F2E9yWu8vDfFMgtZR45Z1eYhnD4gXis
w20Z
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:54 2023 by rpki-client on console-ams.rpki-client.org