Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Ueh9q4eygcZu9PtOEX2gZ9TonO0.roa
File: Ueh9q4eygcZu9PtOEX2gZ9TonO0.roa (raw, json)
Hash identifier: J3ioB9XV0yM1QnSzRoP6O+H2C/QA9YHzWLFmUrNHYJ8=
Subject key identifier: 51:E8:7D:AB:87:B2:81:C6:6E:F4:FB:4E:11:7D:A0:67:D4:E8:9C:ED
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0186A31C5996DF3E2BB80D0CAAF83D4F3223
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Ueh9q4eygcZu9PtOEX2gZ9TonO0.roa
Signing time: Thu 02 Mar 2023 16:16:29 +0000
ROA not before: Thu 02 Mar 2023 16:16:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 93.115.255.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.95.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
94.176.110.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
188.214.208.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a3:1c:59:96:df:3e:2b:b8:0d:0c:aa:f8:3d:4f:32:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 2 16:16:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51e87dab87b281c66ef4fb4e117da067d4e89ced
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9d:66:49:12:70:55:be:9b:af:9b:c7:6f:06:
4d:49:d6:d1:8e:6d:cc:7d:cf:62:5d:bb:4c:18:15:
02:ed:4b:48:d4:7f:f5:13:02:9b:8c:c7:41:bd:80:
81:05:86:de:41:51:0b:2a:d8:5b:bd:96:c5:3c:f4:
18:84:72:89:b9:29:3a:ae:f4:ed:c0:7b:11:39:89:
a6:74:67:0e:86:bd:9a:80:d0:13:f5:be:ec:cd:44:
06:df:8a:75:c0:a3:ba:7d:2f:05:78:a1:b3:73:82:
42:09:f0:98:39:d6:4a:75:8b:e1:34:20:6e:77:17:
8b:79:36:ae:6a:6a:e3:77:f2:5b:09:d9:d3:d8:66:
15:2c:d8:1b:40:a2:cc:43:b5:ab:4a:55:45:6a:f5:
5e:6a:4e:7e:46:36:f7:4d:df:c5:c4:c4:c2:71:72:
cd:78:b5:55:5f:fb:d6:50:48:df:c4:b0:40:26:db:
32:15:27:2a:fb:12:c3:5f:3e:0b:bd:b4:fc:eb:37:
69:2b:5f:5a:7e:c9:10:b5:4e:a3:4e:bc:a3:d2:06:
76:a2:c3:ea:59:69:b1:38:81:8d:3b:0a:d7:b1:a8:
ea:25:c6:53:8c:37:c2:8f:aa:a2:59:46:23:ba:c5:
17:45:0a:6a:93:18:94:6c:a1:c0:79:90:e4:f3:f0:
67:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:E8:7D:AB:87:B2:81:C6:6E:F4:FB:4E:11:7D:A0:67:D4:E8:9C:ED
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Ueh9q4eygcZu9PtOEX2gZ9TonO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.115.255.0/24
94.176.110.0/24
185.255.168.0/24
188.212.132.0/23
188.212.159.0/24
188.213.202.0/24
188.214.208.0/23
213.232.93.0/24
213.232.95.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:d4:09:b6:f9:47:62:f8:29:04:23:07:65:4a:a0:33:a9:8a:
9e:8d:8f:e1:b9:1b:f6:df:7a:aa:e6:1c:21:38:83:27:4a:31:
62:54:29:a3:8a:a1:6e:0a:ba:d3:bd:f8:a0:54:25:7c:2b:45:
db:2c:76:82:a7:9b:46:a0:8b:00:e6:fc:a2:90:90:92:4f:79:
a6:9b:9b:3b:f5:51:b4:93:dd:90:f2:59:2c:29:02:ad:a4:a0:
62:2c:7f:d3:bc:8c:19:9e:21:27:57:1a:90:fb:90:8c:cf:46:
cb:92:3a:15:12:83:75:ba:e7:5b:9e:36:44:d2:b3:eb:f6:db:
e7:da:2a:27:06:ed:48:8f:30:ce:82:d6:d1:46:0e:b3:6f:8f:
e9:64:1a:f1:a8:c1:63:65:83:75:55:18:cf:a1:8e:95:6f:45:
17:55:29:69:60:a9:a5:db:de:52:57:69:0b:24:1d:6b:49:40:
6f:37:c6:e9:2d:5c:38:99:83:8f:c3:ec:7d:f0:f4:b3:eb:95:
24:5b:40:d6:7e:58:b1:00:ac:58:2e:d8:e1:30:4e:1e:db:52:
c7:c1:11:fd:c0:99:2a:66:eb:04:08:d2:24:62:ae:a3:f1:a2:
49:7e:66:40:61:ef:b5:3c:36:f5:d9:bd:6c:e7:1a:1a:ee:38:
a6:30:1b:4d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYajHFmW3z4ruA0Mqvg9TzIjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzAyMTYxNjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWU4N2RhYjg3YjI4MWM2NmVmNGZiNGUxMTdkYTA2N2Q0ZTg5Y2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApp1mSRJwVb6br5vHbwZNSdbRjm3M
fc9iXbtMGBUC7UtI1H/1EwKbjMdBvYCBBYbeQVELKthbvZbFPPQYhHKJuSk6rvTt
wHsROYmmdGcOhr2agNAT9b7szUQG34p1wKO6fS8FeKGzc4JCCfCYOdZKdYvhNCBu
dxeLeTauamrjd/JbCdnT2GYVLNgbQKLMQ7WrSlVFavVeak5+Rjb3Td/FxMTCcXLN
eLVVX/vWUEjfxLBAJtsyFScq+xLDXz4LvbT86zdpK19afskQtU6jTryj0gZ2osPq
WWmxOIGNOwrXsajqJcZTjDfCj6qiWUYjusUXRQpqkxiUbKHAeZDk8/BnBwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFFHofauHsoHGbvT7ThF9oGfU6JztMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVWVoOXE0ZXlnY1p1OVB0T0VYMmdaOVRvbk8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAXXP/AwQA
XrBuAwQAuf+oAwQBvNSEAwQAvNSfAwQAvNXKAwQBvNbQAwQA1ehdAwQA1ehfMA0G
CSqGSIb3DQEBCwUAA4IBAQAa1Am2+Udi+CkEIwdlSqAzqYqejY/huRv233qq5hwh
OIMnSjFiVCmjiqFuCrrTvfigVCV8K0XbLHaCp5tGoIsA5vyikJCST3mmm5s79VG0
k92Q8lksKQKtpKBiLH/TvIwZniEnVxqQ+5CMz0bLkjoVEoN1uudbnjZE0rPr9tvn
2ionBu1IjzDOgtbRRg6zb4/pZBrxqMFjZYN1VRjPoY6Vb0UXVSlpYKml295SV2kL
JB1rSUBvN8bpLVw4mYOPw+x98PSz65UkW0DWflixAKxYLtjhME4e21LHwRH9wJkq
ZusECNIkYq6j8aJJfmZAYe+1PDb12b1s5xoa7jimMBtN
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:55 2023 by rpki-client on console-ams.rpki-client.org