Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NWvFwhvVaA23Kkax4rG7DQ4mGGQ.roa
File: NWvFwhvVaA23Kkax4rG7DQ4mGGQ.roa (raw, json)
Hash identifier: l1dNX6M8NXAvE/QZkevOO1bJyYsH0AgWxL5P67Uudu4=
Subject key identifier: 35:6B:C5:C2:1B:D5:68:0D:B7:2A:46:B1:E2:B1:BB:0D:0E:26:18:64
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01869430B63B28B32F3D7A97A76D10803041
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NWvFwhvVaA23Kkax4rG7DQ4mGGQ.roa
Signing time: Mon 27 Feb 2023 18:44:25 +0000
ROA not before: Mon 27 Feb 2023 18:44:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 188.241.243.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.241.182.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:94:30:b6:3b:28:b3:2f:3d:7a:97:a7:6d:10:80:30:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 27 18:44:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=356bc5c21bd5680db72a46b1e2b1bb0d0e261864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b5:b1:5b:60:55:80:93:25:d4:33:fa:50:78:
05:e8:29:d2:9e:5e:e1:d9:5b:cb:0a:8f:8b:56:db:
a1:a7:d6:d0:9e:fc:1b:d2:b1:23:02:48:5f:45:09:
38:6c:42:5e:35:68:80:06:42:05:36:33:1f:70:dc:
3a:40:ac:ec:1c:09:c0:af:58:f5:2c:38:ae:58:80:
f2:05:40:9f:01:c7:42:63:35:a2:08:09:be:6a:89:
34:a1:c6:b9:97:c7:3b:f4:f2:f8:79:5e:9c:61:df:
e6:72:9f:e7:7a:3f:73:d8:ea:a0:bc:57:cd:ca:e3:
0b:1d:5c:cb:63:ec:09:6d:00:55:e3:ed:16:21:9e:
95:ba:9f:a8:3b:45:77:f2:5a:22:be:5f:5a:2f:ef:
97:27:fb:fd:10:a9:4c:91:cb:77:5f:41:00:38:2c:
0d:df:36:c4:f7:72:b1:e2:dc:72:5d:96:eb:8e:7d:
24:d5:71:b7:40:7d:f1:9b:15:8b:0a:16:00:77:2f:
1f:c3:e2:db:80:24:af:ac:d6:45:9a:55:1b:4e:1b:
e2:ce:a5:c0:d4:dc:28:22:37:b0:14:11:20:04:95:
cd:f2:b1:00:aa:ed:4d:27:3b:a2:18:b6:8b:4f:09:
fc:e8:6b:86:dd:a0:39:ca:f7:3f:d8:d2:4e:bb:26:
4c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:6B:C5:C2:1B:D5:68:0D:B7:2A:46:B1:E2:B1:BB:0D:0E:26:18:64
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NWvFwhvVaA23Kkax4rG7DQ4mGGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.247.149.0/24
87.247.151.0/24
188.241.182.0/24
188.241.243.0/24
Signature Algorithm: sha256WithRSAEncryption
35:a1:84:a6:c3:e7:95:e7:0a:04:a4:1d:40:45:02:bf:e7:ad:
52:29:f2:73:a7:50:ae:7a:88:32:3e:38:6d:22:96:fd:8c:d0:
75:37:13:5e:cf:2c:1d:c0:b4:78:e3:75:5f:39:56:7f:14:ef:
9a:43:55:0a:c0:54:ef:2b:ea:f3:72:65:51:bd:a1:30:78:65:
17:e1:6a:3c:60:84:6b:5e:57:1d:a3:0b:1b:0f:ea:01:4b:ab:
83:e1:68:75:59:81:1a:e9:f2:d9:bc:fb:86:7c:7e:4e:3d:55:
0b:37:81:6c:0e:ca:ab:69:04:51:47:e8:41:d6:a4:b9:cb:63:
da:46:fa:16:91:96:1e:72:bb:c3:09:7f:39:88:31:b2:08:98:
74:aa:67:ac:4f:50:9d:e9:f5:90:de:39:a4:08:7a:0b:ef:6b:
f1:5a:50:e3:4d:d3:33:97:62:bc:5e:88:44:b2:a5:4c:08:65:
ee:95:a3:90:54:60:f5:ca:80:61:36:02:aa:ac:f3:a9:ad:e4:
c9:6e:cc:6c:94:89:79:74:96:79:1a:64:70:a9:62:f3:a8:ef:
b1:cf:c8:b8:81:98:d6:88:aa:dd:ff:b4:eb:a2:44:d0:3f:75:
21:51:da:9d:eb:a8:46:50:f4:1a:6a:a4:43:0b:6e:4c:0d:a3:
a3:e1:f2:26
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYaUMLY7KLMvPXqXp20QgDBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjI3MTg0NDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTZiYzVjMjFiZDU2ODBkYjcyYTQ2YjFlMmIxYmIwZDBlMjYxODY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprWxW2BVgJMl1DP6UHgF6CnSnl7h
2VvLCo+LVtuhp9bQnvwb0rEjAkhfRQk4bEJeNWiABkIFNjMfcNw6QKzsHAnAr1j1
LDiuWIDyBUCfAcdCYzWiCAm+aok0oca5l8c79PL4eV6cYd/mcp/nej9z2OqgvFfN
yuMLHVzLY+wJbQBV4+0WIZ6Vup+oO0V38loivl9aL++XJ/v9EKlMkct3X0EAOCwN
3zbE93Kx4txyXZbrjn0k1XG3QH3xmxWLChYAdy8fw+LbgCSvrNZFmlUbThvizqXA
1NwoIjewFBEgBJXN8rEAqu1NJzuiGLaLTwn86GuG3aA5yvc/2NJOuyZMhwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDVrxcIb1WgNtypGseKxuw0OJhhkMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvTld2RndodlZhQTIzS2theDRyRzdEUTRtR0dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAV/eVAwQA
V/eXAwQAvPG2AwQAvPHzMA0GCSqGSIb3DQEBCwUAA4IBAQA1oYSmw+eV5woEpB1A
RQK/561SKfJzp1CueogyPjhtIpb9jNB1NxNezywdwLR443VfOVZ/FO+aQ1UKwFTv
K+rzcmVRvaEweGUX4Wo8YIRrXlcdowsbD+oBS6uD4Wh1WYEa6fLZvPuGfH5OPVUL
N4FsDsqraQRRR+hB1qS5y2PaRvoWkZYecrvDCX85iDGyCJh0qmesT1Cd6fWQ3jmk
CHoL72vxWlDjTdMzl2K8XohEsqVMCGXulaOQVGD1yoBhNgKqrPOpreTJbsxslIl5
dJZ5GmRwqWLzqO+xz8i4gZjWiKrd/7TrokTQP3UhUdqd66hGUPQaaqRDC25MDaOj
4fIm
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:01 2023 by rpki-client on console-fra.rpki-client.org