Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/TX0_Y9a1FKgSX7OzwEkTCZgT3uA.roa
File: TX0_Y9a1FKgSX7OzwEkTCZgT3uA.roa (raw, json)
Hash identifier: kwAeMKrlDZtnyFVTQO2oXUArLjT6rykWrIiCDuYrnIQ=
Subject key identifier: 4D:7D:3F:63:D6:B5:14:A8:12:5F:B3:B3:C0:49:13:09:98:13:DE:E0
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018764E551F096A02BDB240FDC6968BC2F3B
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/TX0_Y9a1FKgSX7OzwEkTCZgT3uA.roa
Signing time: Sun 09 Apr 2023 07:22:42 +0000
ROA not before: Sun 09 Apr 2023 07:22:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:64:e5:51:f0:96:a0:2b:db:24:0f:dc:69:68:bc:2f:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 9 07:22:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d7d3f63d6b514a8125fb3b3c04913099813dee0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ab:83:48:5b:35:7f:c3:2a:76:85:20:b6:5d:
3c:e3:87:66:d4:50:b7:65:0d:63:15:50:e6:6c:f8:
5a:ea:e5:9d:5c:87:39:26:bb:16:42:e4:11:cf:46:
fb:05:d1:38:88:89:38:68:70:9c:8c:16:d2:76:70:
7b:43:dc:3d:a3:0e:f1:83:fe:4f:91:cd:68:27:02:
7b:80:b7:87:e0:bf:b9:b9:d9:99:24:3f:88:d0:4f:
6b:58:3e:81:35:88:ea:b4:5b:dd:ff:bf:0b:bc:df:
b5:32:6f:ad:ae:89:80:31:8e:3a:ca:f2:3a:e5:ce:
f7:16:87:d7:56:6a:12:c8:bc:75:95:92:c9:3c:76:
35:5b:e7:03:87:a2:44:e7:f7:5f:eb:81:9f:09:c0:
a5:7b:bb:07:ef:4c:dc:52:ee:b2:63:ce:af:84:c6:
88:45:c4:8f:a6:76:c9:52:48:b7:33:34:19:21:86:
de:f5:52:c1:2a:0a:a9:40:6a:05:4f:0d:77:b0:cc:
14:c0:e1:d6:ee:98:cd:6f:ed:0a:45:7c:d5:7b:44:
2d:07:4f:d0:08:f8:ed:28:58:e8:f8:b2:d7:dd:31:
06:96:21:64:4f:2c:83:1f:7e:93:29:8a:0b:d4:2b:
83:4d:54:8e:b9:45:fb:6e:6a:20:d1:5a:8a:0f:fc:
83:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:7D:3F:63:D6:B5:14:A8:12:5F:B3:B3:C0:49:13:09:98:13:DE:E0
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/TX0_Y9a1FKgSX7OzwEkTCZgT3uA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.205.0/24
188.240.225.0/24
193.23.128.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:67:68:0e:06:9f:d4:9a:f4:42:6d:3e:84:50:87:9e:af:76:
a7:7f:0b:cc:69:ac:00:d8:87:3a:8b:e8:6d:1a:b2:8e:ff:50:
a3:49:5c:53:11:7d:70:0d:f5:ad:ee:05:d0:5f:b4:aa:b0:6a:
94:23:46:67:e0:23:2d:5e:54:71:2a:e8:84:a3:c3:3e:e8:98:
09:74:bd:5c:59:61:39:1d:34:0f:63:28:83:8a:e2:25:b1:a8:
6f:27:e6:c6:2f:04:21:12:e2:39:93:58:29:b3:dd:ea:5b:bb:
07:c0:b1:53:14:83:96:68:1a:bf:60:fc:04:63:3e:f2:c0:78:
0c:8f:31:55:1e:61:e0:bb:80:7d:da:5c:b2:94:00:29:56:4c:
b3:17:e2:dc:10:cf:ed:84:00:7c:7b:b3:23:ab:d7:f7:e2:ff:
9d:fd:f6:30:07:89:42:17:c2:f9:dc:ba:1f:d8:b4:5d:b3:62:
69:7a:83:c9:3a:ff:1f:0f:25:61:76:39:f6:10:48:d7:b2:8b:
30:d5:d6:52:77:2c:bd:12:73:b1:3d:13:fa:25:3c:1c:a7:98:
46:14:f5:4d:ff:67:0a:9c:dd:9c:fa:3d:ac:3b:0d:2d:10:ac:
c0:ff:20:67:0e:06:d4:e5:70:14:70:a3:6b:88:36:a4:5a:fc:
65:3d:e3:8a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYdk5VHwlqAr2yQP3GlovC87MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDA5MDcyMjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDdkM2Y2M2Q2YjUxNGE4MTI1ZmIzYjNjMDQ5MTMwOTk4MTNkZWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKuDSFs1f8MqdoUgtl0844dm1FC3
ZQ1jFVDmbPha6uWdXIc5JrsWQuQRz0b7BdE4iIk4aHCcjBbSdnB7Q9w9ow7xg/5P
kc1oJwJ7gLeH4L+5udmZJD+I0E9rWD6BNYjqtFvd/78LvN+1Mm+tromAMY46yvI6
5c73FofXVmoSyLx1lZLJPHY1W+cDh6JE5/df64GfCcCle7sH70zcUu6yY86vhMaI
RcSPpnbJUki3MzQZIYbe9VLBKgqpQGoFTw13sMwUwOHW7pjNb+0KRXzVe0QtB0/Q
CPjtKFjo+LLX3TEGliFkTyyDH36TKYoL1CuDTVSOuUX7bmog0VqKD/yD8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE19P2PWtRSoEl+zs8BJEwmYE97gMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVFgwX1k5YTFGS2dTWDdPendFa1RDWmdUM3VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW7zNAwQA
vPDhAwQBwReAMA0GCSqGSIb3DQEBCwUAA4IBAQAaZ2gOBp/UmvRCbT6EUIeer3an
fwvMaawA2Ic6i+htGrKO/1CjSVxTEX1wDfWt7gXQX7SqsGqUI0Zn4CMtXlRxKuiE
o8M+6JgJdL1cWWE5HTQPYyiDiuIlsahvJ+bGLwQhEuI5k1gps93qW7sHwLFTFIOW
aBq/YPwEYz7ywHgMjzFVHmHgu4B92lyylAApVkyzF+LcEM/thAB8e7Mjq9f34v+d
/fYwB4lCF8L53Lof2LRds2JpeoPJOv8fDyVhdjn2EEjXsosw1dZSdyy9EnOxPRP6
JTwcp5hGFPVN/2cKnN2c+j2sOw0tEKzA/yBnDgbU5XAUcKNriDakWvxlPeOK
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:55 2023 by rpki-client on console-ams.rpki-client.org