Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/LJInUi71db1USdk6Dc0dloc0QJ8.roa
File: LJInUi71db1USdk6Dc0dloc0QJ8.roa (raw, json)
Hash identifier: SXnDvsFOtcCDYgf/kRbj6SYi/BuOfLICNf3KxD37zgs=
Subject key identifier: 2C:92:27:52:2E:F5:75:BD:54:49:D9:3A:0D:CD:1D:96:87:34:40:9F
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0186A6A4E4C00B70D4C7DB516D7A9F2FB520
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/LJInUi71db1USdk6Dc0dloc0QJ8.roa
Signing time: Fri 03 Mar 2023 08:44:29 +0000
ROA not before: Fri 03 Mar 2023 08:44:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 93.114.193.0/24 maxlen: 24
188.240.68.0/24 maxlen: 24
185.255.36.0/24 maxlen: 24
185.135.142.0/24 maxlen: 24
94.176.111.0/24 maxlen: 24
188.240.226.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a6:a4:e4:c0:0b:70:d4:c7:db:51:6d:7a:9f:2f:b5:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 3 08:44:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c9227522ef575bd5449d93a0dcd1d968734409f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:52:23:68:2f:60:21:eb:90:f2:37:07:97:f1:
cf:da:86:32:9e:2a:19:f8:bd:e4:8b:f5:82:63:28:
ee:91:14:ec:bb:75:69:d3:07:0f:8b:c3:c9:15:7b:
d9:41:4e:6c:c4:06:1d:1a:53:fd:48:c3:ab:8c:62:
df:aa:70:13:7b:7d:2d:1b:1a:36:1b:64:2f:0f:1c:
6c:16:e6:22:35:87:aa:f8:df:6f:63:d6:b2:74:18:
a0:fc:cb:44:47:cc:cf:8e:e3:76:f5:70:ec:03:f9:
cb:08:a2:3c:3b:e9:36:b9:8c:bc:95:bf:8d:3a:40:
aa:fd:99:57:ef:a3:35:f1:08:ca:fb:74:ae:71:67:
d5:d4:d6:c9:ba:66:62:4c:2f:76:ce:23:9b:5e:f4:
b4:90:d8:a5:2f:e1:13:51:34:00:06:95:77:92:a3:
73:70:b9:b7:37:86:30:bd:84:f0:30:a6:bb:41:ab:
5f:2e:a9:d7:35:5a:bf:98:9b:fd:42:0a:58:f9:4a:
43:15:9f:22:26:c5:10:70:fb:e7:d7:c6:36:ec:7d:
10:09:d6:47:2f:f5:50:aa:c9:cd:0d:fe:7e:b1:11:
83:c7:b5:0e:5c:c7:be:8f:68:c2:a9:77:3f:48:3b:
63:c0:5b:11:00:aa:fb:7e:19:54:7c:65:67:f3:5d:
9b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:92:27:52:2E:F5:75:BD:54:49:D9:3A:0D:CD:1D:96:87:34:40:9F
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/LJInUi71db1USdk6Dc0dloc0QJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.114.193.0/24
94.176.111.0/24
185.135.142.0/24
185.255.36.0/24
188.240.68.0/24
188.240.226.0/23
Signature Algorithm: sha256WithRSAEncryption
35:58:e8:4b:1e:19:84:2f:ef:2e:a3:e2:1f:e1:2b:f6:5c:54:
46:70:55:cf:a4:03:7b:13:fe:57:19:8f:93:d4:20:3b:02:3e:
30:10:6a:4e:02:8f:28:a3:70:3a:fc:e4:01:f8:0f:e9:bd:85:
d1:8b:fa:39:4d:3d:21:f1:0c:4c:b6:b2:77:01:e4:8c:8c:ee:
f3:73:1c:66:f1:fc:2e:b8:43:78:e5:8b:14:9c:df:b8:a7:1d:
12:4c:54:3f:91:cb:01:fa:11:46:2a:37:94:ef:33:76:60:3b:
80:7f:fb:af:d7:67:33:c2:ea:16:45:67:38:e5:ad:89:27:b1:
f0:25:4a:90:99:09:e0:eb:e6:4e:1c:b9:55:40:c6:04:e1:bc:
16:0a:87:a6:9e:cd:26:1e:84:95:af:20:77:a6:25:7b:f5:ed:
cd:13:55:6d:a2:28:14:ef:83:fa:9d:8c:f9:d2:39:90:25:96:
ae:57:79:14:67:6c:d5:75:0f:d1:b7:f1:53:f1:ba:fd:7b:fb:
5d:bd:14:62:c3:8f:bc:c6:ca:36:b4:1b:66:09:21:c4:29:9f:
ca:c2:f3:83:7e:25:01:85:57:ea:8e:aa:c5:e7:bc:17:66:f7:
c2:27:f3:24:2c:19:35:44:25:b4:f4:bd:58:aa:1a:b1:3c:91:
60:3f:79:87
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYampOTAC3DUx9tRbXqfL7UgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzAzMDg0NDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzkyMjc1MjJlZjU3NWJkNTQ0OWQ5M2EwZGNkMWQ5Njg3MzQ0MDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplIjaC9gIeuQ8jcHl/HP2oYynioZ
+L3ki/WCYyjukRTsu3Vp0wcPi8PJFXvZQU5sxAYdGlP9SMOrjGLfqnATe30tGxo2
G2QvDxxsFuYiNYeq+N9vY9aydBig/MtER8zPjuN29XDsA/nLCKI8O+k2uYy8lb+N
OkCq/ZlX76M18QjK+3SucWfV1NbJumZiTC92ziObXvS0kNilL+ETUTQABpV3kqNz
cLm3N4YwvYTwMKa7QatfLqnXNVq/mJv9QgpY+UpDFZ8iJsUQcPvn18Y27H0QCdZH
L/VQqsnNDf5+sRGDx7UOXMe+j2jCqXc/SDtjwFsRAKr7fhlUfGVn812blQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCySJ1Iu9XW9VEnZOg3NHZaHNECfMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvTEpJblVpNzFkYjFVU2RrNkRjMGRsb2MwUUo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAXXLBAwQA
XrBvAwQAuYeOAwQAuf8kAwQAvPBEAwQBvPDiMA0GCSqGSIb3DQEBCwUAA4IBAQA1
WOhLHhmEL+8uo+If4Sv2XFRGcFXPpAN7E/5XGY+T1CA7Aj4wEGpOAo8oo3A6/OQB
+A/pvYXRi/o5TT0h8QxMtrJ3AeSMjO7zcxxm8fwuuEN45YsUnN+4px0STFQ/kcsB
+hFGKjeU7zN2YDuAf/uv12czwuoWRWc45a2JJ7HwJUqQmQng6+ZOHLlVQMYE4bwW
Coemns0mHoSVryB3piV79e3NE1VtoigU74P6nYz50jmQJZauV3kUZ2zVdQ/Rt/FT
8br9e/tdvRRiw4+8xso2tBtmCSHEKZ/KwvODfiUBhVfqjqrF57wXZvfCJ/MkLBk1
RCW09L1YqhqxPJFgP3mH
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:54 2023 by rpki-client on console-ams.rpki-client.org