Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/KOxcmvuWFzafCS9VAZgi8JLfZ_U.roa
File: KOxcmvuWFzafCS9VAZgi8JLfZ_U.roa (raw, json)
Hash identifier: 4dL+Q4o9Nn96uZQ9t5Ek+hifWy3bhU0ERR7nZTKg2RQ=
Subject key identifier: 28:EC:5C:9A:FB:96:17:36:9F:09:2F:55:01:98:22:F0:92:DF:67:F5
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01873646AF44A59BD07FB9A1870C55DAF1C8
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/KOxcmvuWFzafCS9VAZgi8JLfZ_U.roa
Signing time: Fri 31 Mar 2023 06:06:54 +0000
ROA not before: Fri 31 Mar 2023 06:06:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 188.241.243.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.241.182.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Apr 2023 15:25:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:36:46:af:44:a5:9b:d0:7f:b9:a1:87:0c:55:da:f1:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 31 06:06:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28ec5c9afb9617369f092f55019822f092df67f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7a:76:3f:bc:5e:83:8c:54:94:ff:13:4e:5c:
2c:be:fd:2f:91:86:73:a4:94:db:2c:2d:3d:da:84:
99:e0:9b:69:a0:6a:77:0f:32:7d:4c:7e:0f:c5:cd:
6a:0b:9f:bd:9e:c0:a6:23:c8:fb:9d:24:08:52:a0:
34:5d:d3:3b:45:3f:87:29:c7:a6:55:e5:d4:94:91:
65:f0:b6:9f:b7:4c:1f:c0:12:db:3d:b0:a5:24:20:
33:e0:65:69:82:2e:ec:7e:28:8f:61:40:79:06:af:
74:df:10:e3:5f:95:69:11:d0:2e:13:93:4b:08:6c:
97:13:81:a1:e0:c0:66:83:31:06:04:0b:ef:3b:7d:
d4:d5:13:33:a8:ce:32:39:57:a3:bc:2d:57:72:a3:
4c:60:98:f9:82:18:e0:5b:2e:eb:32:9c:01:1b:a6:
e3:ac:b8:6a:07:d1:d6:6e:6b:05:39:e2:27:a7:31:
46:af:36:07:1d:e3:0a:52:3c:57:47:3e:32:73:a4:
c6:8d:ef:25:6d:6a:03:b0:e3:e4:e3:a5:71:6b:1a:
3d:3c:4d:94:c2:e4:c6:cf:1f:fc:44:d9:e5:c7:f5:
ec:9d:00:6f:2a:b1:46:00:c5:3f:1b:7f:ef:4d:a9:
7e:85:b6:ba:9b:dd:a4:c8:d3:4e:0d:fb:bc:f1:43:
a8:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:EC:5C:9A:FB:96:17:36:9F:09:2F:55:01:98:22:F0:92:DF:67:F5
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/KOxcmvuWFzafCS9VAZgi8JLfZ_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.247.149.0/24
87.247.151.0/24
89.37.63.0/24
91.188.204.0/24
185.135.141.0/24
185.135.143.0/24
185.255.169.0/24
188.212.155.0/24
188.241.182.0/24
188.241.243.0/24
Signature Algorithm: sha256WithRSAEncryption
89:bf:cf:00:c3:0b:67:c2:e6:ca:99:aa:9f:43:cf:b3:f1:a0:
cd:35:55:e1:72:55:66:b4:24:7e:2b:09:bf:96:b0:de:9d:06:
0b:d7:ce:d5:18:b2:de:83:14:04:07:b1:22:5d:27:f6:af:bd:
8e:67:4b:56:51:e1:06:df:de:cb:df:b1:eb:f1:c1:8f:eb:ae:
f0:37:ef:6c:3b:59:30:75:0b:df:18:30:75:b3:d8:14:22:b6:
27:21:b6:cf:07:7f:b4:99:b6:42:82:f8:e4:e8:81:ec:1d:b8:
87:d9:53:c9:8a:7b:1c:26:70:2a:e6:b9:37:82:28:94:02:e1:
12:c3:bf:db:4d:02:83:3a:0e:2b:cc:02:cb:64:65:2e:01:cb:
f0:77:d3:f6:58:30:ea:24:f1:15:1c:52:e1:cc:73:f9:4f:57:
bf:5c:91:3c:59:b5:76:cc:71:78:f8:5f:0f:dc:4a:95:ee:e1:
a8:ec:84:db:bc:71:46:c5:60:c3:b4:dc:4a:58:5d:a0:4c:97:
6f:ce:d4:34:4a:b0:3b:e8:5f:dd:f2:c7:92:94:26:8f:85:0e:
0a:c5:a3:43:b0:60:62:0c:b8:87:a2:44:3b:be:df:ef:38:a5:
6a:da:8d:e7:84:36:9b:90:17:75:00:7c:13:cd:2e:05:1c:02:
94:fb:d6:3c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYc2Rq9EpZvQf7mhhwxV2vHIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzMxMDYwNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGVjNWM5YWZiOTYxNzM2OWYwOTJmNTUwMTk4MjJmMDkyZGY2N2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3p2P7xeg4xUlP8TTlwsvv0vkYZz
pJTbLC092oSZ4JtpoGp3DzJ9TH4Pxc1qC5+9nsCmI8j7nSQIUqA0XdM7RT+HKcem
VeXUlJFl8Laft0wfwBLbPbClJCAz4GVpgi7sfiiPYUB5Bq903xDjX5VpEdAuE5NL
CGyXE4Gh4MBmgzEGBAvvO33U1RMzqM4yOVejvC1XcqNMYJj5ghjgWy7rMpwBG6bj
rLhqB9HWbmsFOeInpzFGrzYHHeMKUjxXRz4yc6TGje8lbWoDsOPk46Vxaxo9PE2U
wuTGzx/8RNnlx/XsnQBvKrFGAMU/G3/vTal+hba6m92kyNNODfu88UOowQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFCjsXJr7lhc2nwkvVQGYIvCS32f1MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvS094Y212dVdGemFmQ1M5VkFaZ2k4SkxmWl9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAV/eVAwQA
V/eXAwQAWSU/AwQAW7zMAwQAuYeNAwQAuYePAwQAuf+pAwQAvNSbAwQAvPG2AwQA
vPHzMA0GCSqGSIb3DQEBCwUAA4IBAQCJv88AwwtnwubKmaqfQ8+z8aDNNVXhclVm
tCR+Kwm/lrDenQYL187VGLLegxQEB7EiXSf2r72OZ0tWUeEG397L37Hr8cGP667w
N+9sO1kwdQvfGDB1s9gUIrYnIbbPB3+0mbZCgvjk6IHsHbiH2VPJinscJnAq5rk3
giiUAuESw7/bTQKDOg4rzALLZGUuAcvwd9P2WDDqJPEVHFLhzHP5T1e/XJE8WbV2
zHF4+F8P3EqV7uGo7ITbvHFGxWDDtNxKWF2gTJdvztQ0SrA76F/d8seSlCaPhQ4K
xaNDsGBiDLiHokQ7vt/vOKVq2o3nhDabkBd1AHwTzS4FHAKU+9Y8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:10 2024 by rpki-client on console-ams.rpki-client.org