Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Jxab3jMNRd7fNMgV7epQwYg1J_U.roa
File: Jxab3jMNRd7fNMgV7epQwYg1J_U.roa (raw, json)
Hash identifier: Xp/GjO7+bywe8a5ONF7XigLRP4/7u/HmfbVWUiZOMqo=
Subject key identifier: 27:16:9B:DE:33:0D:45:DE:DF:34:C8:15:ED:EA:50:C1:88:35:27:F5
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0188DC1FB019414D0EFB6FAC5C39FA537CDE
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Jxab3jMNRd7fNMgV7epQwYg1J_U.roa
Signing time: Wed 21 Jun 2023 04:04:04 +0000
ROA not before: Wed 21 Jun 2023 04:04:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 188.241.243.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
185.135.141.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.241.182.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:dc:1f:b0:19:41:4d:0e:fb:6f:ac:5c:39:fa:53:7c:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jun 21 04:04:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=27169bde330d45dedf34c815edea50c1883527f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:85:a5:46:ed:01:a6:d5:06:49:39:5c:5a:71:
b8:ef:56:c5:01:6a:f7:e6:f1:1a:c2:6d:66:85:e7:
b7:fe:0d:cf:b7:96:68:2f:5a:66:af:96:d7:ea:07:
26:6d:26:1d:9e:03:e1:20:55:12:5b:c6:d1:a6:92:
59:1a:18:cc:46:88:be:fc:15:af:41:07:d7:51:77:
34:57:be:73:ec:64:ca:c3:d2:24:2d:cd:04:6a:70:
b4:cf:60:69:32:c3:09:71:72:2c:81:f5:74:84:fa:
d3:4e:ad:73:1f:0d:5f:b0:30:ad:3c:20:09:62:4f:
ea:84:a4:29:f0:16:62:3f:e6:86:2a:f9:9b:1f:32:
10:a8:16:d5:e5:02:4b:b5:16:cc:81:53:e3:28:b7:
e3:2f:12:5c:dd:03:10:0d:46:17:4f:36:6e:59:f1:
38:59:37:ad:94:f9:9e:42:42:77:89:a1:75:fa:16:
2d:0b:1c:ee:ec:40:37:7e:e0:c8:da:e9:11:7f:39:
e0:f5:c1:e9:a0:d6:86:ec:15:79:02:e3:52:27:f8:
f6:3f:cc:8c:03:a9:12:e0:e7:65:4a:d7:58:0f:48:
88:5a:d8:53:41:f9:4b:24:58:94:a4:a9:6e:a4:67:
91:57:c5:a5:44:5b:7a:56:c2:f8:79:b6:19:be:1c:
90:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:16:9B:DE:33:0D:45:DE:DF:34:C8:15:ED:EA:50:C1:88:35:27:F5
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Jxab3jMNRd7fNMgV7epQwYg1J_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.62.0/23
91.188.204.0/24
185.135.141.0/24
188.212.155.0/24
188.241.182.0/24
188.241.243.0/24
213.232.94.0/23
Signature Algorithm: sha256WithRSAEncryption
36:e4:d6:a2:e3:22:ad:a3:e8:bd:19:3c:88:67:fe:9f:ec:f2:
7b:d8:88:66:ff:ad:13:14:15:3f:92:14:0c:60:09:1d:23:f7:
79:d0:e5:22:2f:04:44:dc:b6:84:dc:5f:8c:81:a1:80:47:e1:
fb:15:80:13:42:cc:c8:af:8d:13:cc:ae:5b:1a:ff:df:a3:08:
cc:a7:2f:f1:3c:4c:be:04:2e:90:23:1a:44:02:94:ac:5d:9d:
ab:73:0e:91:d6:f2:6f:d5:80:c1:1d:75:92:6a:26:0e:06:6c:
63:f9:0e:4f:e8:1a:f1:50:fd:cc:3e:c2:0d:18:06:75:4d:9b:
d5:30:5f:4a:d7:3d:e0:25:64:9e:3e:9c:d4:55:8f:b2:2f:12:
b5:87:c6:e4:ea:82:6b:d5:56:51:0d:8a:44:5e:bf:39:2b:3e:
9d:8d:b3:c5:88:49:2d:4d:96:88:d4:ad:2d:84:83:6f:34:82:
ab:40:54:22:c8:23:35:05:6c:0e:50:d8:bb:0a:9a:e1:da:94:
ce:1e:04:ce:df:4d:87:06:d6:3f:a3:be:98:47:15:93:5b:e3:
88:12:47:e5:56:af:d4:4a:c5:40:d9:8f:29:e3:a7:c2:c8:03:
4b:b0:32:2e:e6:4a:26:32:8c:37:24:25:cd:e9:ba:e0:11:2c:
b8:3c:03:f3
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYjcH7AZQU0O+2+sXDn6U3zeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNjIxMDQwNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzE2OWJkZTMzMGQ0NWRlZGYzNGM4MTVlZGVhNTBjMTg4MzUyN2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoWlRu0BptUGSTlcWnG471bFAWr3
5vEawm1mhee3/g3Pt5ZoL1pmr5bX6gcmbSYdngPhIFUSW8bRppJZGhjMRoi+/BWv
QQfXUXc0V75z7GTKw9IkLc0EanC0z2BpMsMJcXIsgfV0hPrTTq1zHw1fsDCtPCAJ
Yk/qhKQp8BZiP+aGKvmbHzIQqBbV5QJLtRbMgVPjKLfjLxJc3QMQDUYXTzZuWfE4
WTetlPmeQkJ3iaF1+hYtCxzu7EA3fuDI2ukRfzng9cHpoNaG7BV5AuNSJ/j2P8yM
A6kS4OdlStdYD0iIWthTQflLJFiUpKlupGeRV8WlRFt6VsL4ebYZvhyQUQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCcWm94zDUXe3zTIFe3qUMGINSf1MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSnhhYjNqTU5SZDdmTk1nVjdlcFF3WWcxSl9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBWSU+AwQA
W7zMAwQAuYeNAwQAvNSbAwQAvPG2AwQAvPHzAwQB1eheMA0GCSqGSIb3DQEBCwUA
A4IBAQA25Nai4yKto+i9GTyIZ/6f7PJ72Ihm/60TFBU/khQMYAkdI/d50OUiLwRE
3LaE3F+MgaGAR+H7FYATQszIr40TzK5bGv/fowjMpy/xPEy+BC6QIxpEApSsXZ2r
cw6R1vJv1YDBHXWSaiYOBmxj+Q5P6BrxUP3MPsINGAZ1TZvVMF9K1z3gJWSePpzU
VY+yLxK1h8bk6oJr1VZRDYpEXr85Kz6djbPFiEktTZaI1K0thINvNIKrQFQiyCM1
BWwOUNi7Cprh2pTOHgTO302HBtY/o76YRxWTW+OIEkflVq/USsVA2Y8p46fCyANL
sDIu5komMow3JCXN6brgESy4PAPz
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:54 2023 by rpki-client on console-ams.rpki-client.org