Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/OuBxb2q1xTOtD97mDKZj21wL9J4.roa
File: OuBxb2q1xTOtD97mDKZj21wL9J4.roa (raw, json)
Hash identifier: NR0ARC2qkTzAGbITwrbXGmb7aw9bWh6VNaymFV+e21I=
Subject key identifier: 3A:E0:71:6F:6A:B5:C5:33:AD:0F:DE:E6:0C:A6:63:DB:5C:0B:F4:9E
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187DFF4510EB8633A13D60F960B6E93D747
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/OuBxb2q1xTOtD97mDKZj21wL9J4.roa
Signing time: Wed 03 May 2023 04:52:23 +0000
ROA not before: Wed 03 May 2023 04:52:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 93.115.255.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Jul 2023 17:40:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:df:f4:51:0e:b8:63:3a:13:d6:0f:96:0b:6e:93:d7:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 3 04:52:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ae0716f6ab5c533ad0fdee60ca663db5c0bf49e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:20:3d:e4:ac:fa:18:d2:27:86:c3:49:55:06:
fa:ee:f7:84:5e:70:0b:e6:71:7c:a2:33:29:e2:d9:
eb:55:fb:4b:20:20:ac:6f:db:9a:2b:09:06:61:ce:
48:d0:fe:34:f3:33:8d:bd:c3:f3:ec:e0:b1:5b:4b:
c0:93:27:38:e0:d7:82:4b:1a:fb:63:b5:4c:fe:98:
42:3c:aa:eb:1e:8c:96:0b:a9:59:78:a5:4a:cc:d6:
b0:99:82:e4:cc:36:f9:bd:fd:d9:da:5c:77:56:33:
a2:d9:00:90:d1:4d:2e:05:6c:c8:76:02:1d:75:c1:
99:4f:25:fc:23:a9:b2:1c:3e:3c:21:7f:b2:38:f2:
97:dc:39:f2:00:83:40:98:20:a4:87:36:f3:a2:af:
a2:7f:c8:41:d1:42:33:d8:ba:9e:33:a3:1b:74:bb:
2b:06:b8:42:87:ca:eb:8a:64:dc:05:a0:be:3f:31:
e7:9a:6e:9e:4c:d9:6d:51:6c:d5:be:b1:12:de:a5:
c8:5c:8a:b4:38:ce:99:a6:51:84:da:c7:eb:0e:f3:
25:f1:07:1a:3c:f9:72:fb:94:53:91:51:ac:de:d2:
3e:d4:5b:f9:9b:33:c2:82:36:69:f4:59:c6:0c:03:
77:2b:9b:50:c0:e0:ef:45:eb:80:b4:7d:b1:b4:75:
77:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:E0:71:6F:6A:B5:C5:33:AD:0F:DE:E6:0C:A6:63:DB:5C:0B:F4:9E
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/OuBxb2q1xTOtD97mDKZj21wL9J4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.115.255.0/24
188.213.202.0/24
188.214.209.0/24
Signature Algorithm: sha256WithRSAEncryption
97:1b:08:6c:95:ab:9a:fa:cb:25:0e:0c:4d:b7:7f:54:70:12:
c1:04:7a:a3:5c:0e:52:31:bc:88:2b:d0:f9:ab:96:dc:da:5a:
f0:38:ed:ee:fd:e9:3e:96:5a:b2:ff:94:cd:df:34:8e:d2:48:
90:0a:2e:85:ac:56:8c:83:c5:36:60:7a:3d:ed:e3:6d:bf:90:
cb:30:c3:8a:3a:18:5b:44:85:a0:4d:ca:12:5e:77:54:b5:be:
de:d9:c6:71:6c:36:1c:30:77:1c:33:cf:ed:2f:7d:52:5b:b1:
03:da:1d:3d:f3:dc:13:dd:cb:64:d5:ef:9b:60:70:7f:80:05:
84:3f:f9:aa:ea:72:4c:ec:e2:80:2e:1c:91:84:cf:46:1c:d6:
aa:b0:d2:9c:86:68:5b:4b:b9:23:a7:47:f5:a1:3f:c9:b0:b0:
70:28:dc:73:bc:10:ea:e7:5c:63:42:f6:d5:50:df:5b:7b:d6:
2a:b7:b7:13:ba:f4:07:99:57:c8:1d:17:0f:6e:0f:3b:fb:49:
06:8c:f0:67:63:59:19:eb:ef:4a:61:b6:c6:f4:bd:9a:e3:bc:
cd:b2:cb:f8:cf:4d:57:3e:e4:3a:f5:a4:94:da:ad:de:8b:d0:
80:3e:5d:d1:e4:03:ff:5d:75:08:20:6b:0f:03:51:e9:34:3a:
18:36:3d:25
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYff9FEOuGM6E9YPlgtuk9dHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTAzMDQ1MjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWUwNzE2ZjZhYjVjNTMzYWQwZmRlZTYwY2E2NjNkYjVjMGJmNDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0iA95Kz6GNInhsNJVQb67veEXnAL
5nF8ojMp4tnrVftLICCsb9uaKwkGYc5I0P408zONvcPz7OCxW0vAkyc44NeCSxr7
Y7VM/phCPKrrHoyWC6lZeKVKzNawmYLkzDb5vf3Z2lx3VjOi2QCQ0U0uBWzIdgId
dcGZTyX8I6myHD48IX+yOPKX3DnyAINAmCCkhzbzoq+if8hB0UIz2LqeM6MbdLsr
BrhCh8rrimTcBaC+PzHnmm6eTNltUWzVvrES3qXIXIq0OM6ZplGE2sfrDvMl8Qca
PPly+5RTkVGs3tI+1Fv5mzPCgjZp9FnGDAN3K5tQwODvReuAtH2xtHV30QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDrgcW9qtcUzrQ/e5gymY9tcC/SeMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvT3VCeGIycTF4VE90RDk3bURLWmoyMXdMOUo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXXP/AwQA
vNXKAwQAvNbRMA0GCSqGSIb3DQEBCwUAA4IBAQCXGwhslaua+sslDgxNt39UcBLB
BHqjXA5SMbyIK9D5q5bc2lrwOO3u/ek+llqy/5TN3zSO0kiQCi6FrFaMg8U2YHo9
7eNtv5DLMMOKOhhbRIWgTcoSXndUtb7e2cZxbDYcMHccM8/tL31SW7ED2h0989wT
3ctk1e+bYHB/gAWEP/mq6nJM7OKALhyRhM9GHNaqsNKchmhbS7kjp0f1oT/JsLBw
KNxzvBDq51xjQvbVUN9be9Yqt7cTuvQHmVfIHRcPbg87+0kGjPBnY1kZ6+9KYbbG
9L2a47zNssv4z01XPuQ69aSU2q3ei9CAPl3R5AP/XXUIIGsPA1HpNDoYNj0l
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:45 2024 by rpki-client on console-fra.rpki-client.org