Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/X6P0dv0bhuyU90v5XTQmgrZx2tI.roa
File: X6P0dv0bhuyU90v5XTQmgrZx2tI.roa (raw, json)
Hash identifier: 5O5M+ZDCbE/R2KYYruRtTtS9Z087vitPOuMN4ClSEuU=
Subject key identifier: 5F:A3:F4:76:FD:1B:86:EC:94:F7:4B:F9:5D:34:26:82:B6:71:DA:D2
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01862F72FBD8E4EC9D0EF9FCD900B1AAF7A3
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/X6P0dv0bhuyU90v5XTQmgrZx2tI.roa
Signing time: Wed 08 Feb 2023 05:15:10 +0000
ROA not before: Wed 08 Feb 2023 05:15:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 188.240.68.0/24 maxlen: 24
185.255.36.0/24 maxlen: 24
185.135.142.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.240.226.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2f:72:fb:d8:e4:ec:9d:0e:f9:fc:d9:00:b1:aa:f7:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 8 05:15:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5fa3f476fd1b86ec94f74bf95d342682b671dad2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:5d:e8:50:6e:24:06:3b:e8:24:b0:a2:4c:03:
af:ba:03:51:84:6e:ae:3d:9d:f7:ee:c4:9e:d4:f4:
10:a7:de:d9:58:b5:c1:cf:57:32:9d:c7:5c:87:14:
e8:3b:1b:60:cf:7b:e4:81:eb:89:08:7f:cb:49:97:
14:d9:19:da:b9:12:90:5e:f3:52:b4:d9:ea:d2:23:
c7:fa:09:a2:4d:1f:a4:10:77:5f:fd:8e:bd:b3:0a:
c6:da:7c:3e:01:56:9c:cc:50:cc:1d:85:3f:e1:8d:
43:a3:23:e5:86:b7:c6:bf:4a:95:de:2c:b9:c9:5b:
96:35:95:8a:c7:b9:9d:a2:e5:3a:56:9c:a6:c1:8e:
df:86:dd:6b:b0:40:b2:0f:09:02:fb:ca:30:5a:23:
dc:37:72:d6:79:fd:b5:11:2e:6e:d4:ed:93:30:15:
91:aa:12:34:90:a1:1e:7e:85:73:ce:ab:18:2d:f8:
76:19:b2:1e:c2:f6:cd:27:ba:4c:27:ba:49:65:41:
2f:14:ae:2b:44:66:1d:4d:3d:f6:d0:5c:de:fe:e1:
9a:f0:ec:70:db:b1:b7:41:5c:c8:43:69:99:f3:76:
c1:9a:6d:16:8b:67:eb:10:9e:63:db:97:c2:bc:a6:
6e:58:86:14:3f:54:5b:7b:bf:cf:4e:5e:e6:9d:db:
44:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:A3:F4:76:FD:1B:86:EC:94:F7:4B:F9:5D:34:26:82:B6:71:DA:D2
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/X6P0dv0bhuyU90v5XTQmgrZx2tI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.142.0/24
185.255.36.0/24
185.255.39.0/24
188.240.68.0/24
188.240.226.0/23
Signature Algorithm: sha256WithRSAEncryption
10:18:89:ae:bc:7e:01:3e:c9:34:ec:b5:62:88:c5:c7:14:36:
88:c9:42:5b:43:7a:22:19:69:f7:17:fa:3c:8d:38:50:21:ff:
fd:46:2d:cf:7d:9d:f3:54:5b:7b:67:f1:69:dc:cc:e9:42:a7:
a6:88:cd:27:df:68:ef:4a:34:35:6e:fe:df:6e:13:0f:4c:db:
a5:01:bf:2b:de:0b:94:74:2b:d3:e0:19:e4:31:41:81:1c:55:
9d:af:9e:73:5d:64:de:b8:0c:f6:1a:53:80:6b:9a:ed:2e:a1:
c2:45:d2:11:61:2e:bb:c4:33:12:e1:fb:66:92:cc:ad:aa:94:
95:3a:f1:8e:25:9f:17:e1:f6:cf:a2:ca:d7:8f:5e:4a:ab:48:
c2:a0:bf:4b:2b:ae:e7:5b:a3:9a:60:9e:8d:1e:f0:eb:98:88:
69:8f:62:b9:6b:5e:b2:c6:5a:70:49:6c:c1:f1:54:0d:05:99:
5d:ad:4b:45:8e:b8:4c:ad:d0:c5:41:44:43:ae:7a:b7:d1:49:
a6:79:8b:7a:60:fa:25:d0:2c:20:80:c7:29:e9:d6:60:4e:fb:
f7:33:4e:d2:bf:31:45:94:42:75:7b:99:c2:cd:6a:fe:87:f2:
5c:85:40:81:92:cc:10:15:6f:c1:87:25:9f:b1:5c:49:3e:8d:
c7:27:b3:39
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYYvcvvY5OydDvn82QCxqvejMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjA4MDUxNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmEzZjQ3NmZkMWI4NmVjOTRmNzRiZjk1ZDM0MjY4MmI2NzFkYWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAml3oUG4kBjvoJLCiTAOvugNRhG6u
PZ337sSe1PQQp97ZWLXBz1cyncdchxToOxtgz3vkgeuJCH/LSZcU2RnauRKQXvNS
tNnq0iPH+gmiTR+kEHdf/Y69swrG2nw+AVaczFDMHYU/4Y1DoyPlhrfGv0qV3iy5
yVuWNZWKx7mdouU6VpymwY7fht1rsECyDwkC+8owWiPcN3LWef21ES5u1O2TMBWR
qhI0kKEefoVzzqsYLfh2GbIewvbNJ7pMJ7pJZUEvFK4rRGYdTT320Fze/uGa8Oxw
27G3QVzIQ2mZ83bBmm0Wi2frEJ5j25fCvKZuWIYUP1Rbe7/PTl7mndtE3QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFF+j9Hb9G4bslPdL+V00JoK2cdrSMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWDZQMGR2MGJodXlVOTB2NVhUUW1nclp4MnRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAuYeOAwQA
uf8kAwQAuf8nAwQAvPBEAwQBvPDiMA0GCSqGSIb3DQEBCwUAA4IBAQAQGImuvH4B
Psk07LViiMXHFDaIyUJbQ3oiGWn3F/o8jThQIf/9Ri3PfZ3zVFt7Z/Fp3MzpQqem
iM0n32jvSjQ1bv7fbhMPTNulAb8r3guUdCvT4BnkMUGBHFWdr55zXWTeuAz2GlOA
a5rtLqHCRdIRYS67xDMS4ftmksytqpSVOvGOJZ8X4fbPosrXj15Kq0jCoL9LK67n
W6OaYJ6NHvDrmIhpj2K5a16yxlpwSWzB8VQNBZldrUtFjrhMrdDFQURDrnq30Umm
eYt6YPol0CwggMcp6dZgTvv3M07SvzFFlEJ1e5nCzWr+h/JchUCBkswQFW/BhyWf
sVxJPo3HJ7M5
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:55 2023 by rpki-client on console-ams.rpki-client.org