Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/X9J2rko5VKYxQJpg6vgeAq7KRYY.roa
File: X9J2rko5VKYxQJpg6vgeAq7KRYY.roa (raw, json)
Hash identifier: d3tH1fS4ICtZOFVgFZuQaLR5HgOwf9t+OL/fj8PPj40=
Subject key identifier: 5F:D2:76:AE:4A:39:54:A6:31:40:9A:60:EA:F8:1E:02:AE:CA:45:86
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01863670D0B5554D651A9D1606ED82494851
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/X9J2rko5VKYxQJpg6vgeAq7KRYY.roa
Signing time: Thu 09 Feb 2023 13:50:08 +0000
ROA not before: Thu 09 Feb 2023 13:50:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 188.241.243.0/24 maxlen: 24
188.241.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Feb 2023 17:42:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:36:70:d0:b5:55:4d:65:1a:9d:16:06:ed:82:49:48:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 9 13:50:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5fd276ae4a3954a631409a60eaf81e02aeca4586
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:2b:de:0b:3f:d7:d9:73:64:5e:85:37:21:ab:
96:25:87:df:35:4c:11:0d:ac:82:27:12:b4:aa:95:
e9:8c:8e:d4:73:c7:ca:8b:12:51:1b:63:94:7d:54:
e0:a9:dd:31:30:d2:98:fe:79:f8:30:e3:df:e4:8e:
50:30:61:01:6f:72:e6:89:c7:0b:ed:aa:97:7a:77:
2e:28:f5:6b:2c:9e:7f:8b:84:7f:e7:99:19:5b:7e:
cf:41:06:cf:34:81:4e:ac:1e:0d:7f:24:4c:26:33:
d4:f8:d8:88:e0:0e:f8:63:2b:81:7e:ac:a2:d2:be:
6b:f5:4a:22:5c:0c:8a:d4:ca:7a:e6:76:ea:cf:c5:
66:c3:eb:ce:c5:a9:b8:a2:e0:2c:e0:53:e6:14:e8:
3c:4c:7f:31:bd:5e:47:6c:b0:29:ec:34:7d:1d:f0:
31:7b:48:e1:67:60:33:c5:df:11:a0:54:cf:2a:60:
1e:0a:28:22:1d:23:4d:dd:16:7d:fe:98:8e:a2:25:
60:a0:17:ac:23:05:3d:4d:5e:49:28:95:36:b2:3c:
0e:4c:9d:ca:1a:62:03:4e:db:80:c9:26:d1:1c:d5:
57:49:1f:ea:0e:46:c8:0c:af:99:51:70:d1:18:a1:
ba:90:ed:0d:a0:22:4b:8b:64:7a:d2:38:8a:33:b2:
46:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:D2:76:AE:4A:39:54:A6:31:40:9A:60:EA:F8:1E:02:AE:CA:45:86
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/X9J2rko5VKYxQJpg6vgeAq7KRYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.241.182.0/24
188.241.243.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:64:7e:85:fb:63:68:47:3c:b5:1c:07:d2:46:cf:f4:af:36:
ba:ac:e7:b3:1b:0f:ce:84:26:ad:32:d4:bf:13:da:85:42:c7:
f4:3a:c7:c9:ab:4d:57:a9:0b:d1:40:61:c5:e0:32:a1:bd:93:
6b:3f:b7:d7:53:60:f2:f7:15:04:ac:1d:05:a3:9f:6d:b2:68:
90:37:eb:12:13:cc:8f:ae:25:4f:6e:ae:3f:4f:e9:de:3a:6d:
66:21:5a:43:eb:36:5e:8a:37:a2:58:f2:c1:f1:cc:ad:f0:83:
ce:43:b7:ad:be:39:00:97:0d:7d:5c:11:bc:31:c0:bf:16:09:
65:e9:2a:f3:f1:50:29:f3:6d:92:a4:08:28:9c:68:60:42:53:
51:f9:12:7f:02:ad:27:cd:81:2c:6c:ae:2d:40:80:a8:7a:88:
a8:f5:e2:0e:6d:4e:c8:ea:26:cc:fe:1e:94:be:0d:96:c7:69:
ea:b6:ce:1e:45:42:19:13:df:15:1a:a8:08:97:5d:a6:51:59:
d3:31:b5:a3:1f:d0:62:d5:7d:9e:f0:3c:dd:f7:08:62:d3:43:
f1:5c:7c:1c:3f:b8:56:72:77:8e:22:c9:25:b8:37:9e:f3:10:
d8:5c:66:43:51:d7:40:36:e0:c1:a7:4d:6a:85:97:9f:0e:7a:
80:ac:1d:0b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYY2cNC1VU1lGp0WBu2CSUhRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjA5MTM1MDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmQyNzZhZTRhMzk1NGE2MzE0MDlhNjBlYWY4MWUwMmFlY2E0NTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyveCz/X2XNkXoU3IauWJYffNUwR
DayCJxK0qpXpjI7Uc8fKixJRG2OUfVTgqd0xMNKY/nn4MOPf5I5QMGEBb3LmiccL
7aqXencuKPVrLJ5/i4R/55kZW37PQQbPNIFOrB4NfyRMJjPU+NiI4A74YyuBfqyi
0r5r9UoiXAyK1Mp65nbqz8Vmw+vOxam4ouAs4FPmFOg8TH8xvV5HbLAp7DR9HfAx
e0jhZ2Azxd8RoFTPKmAeCigiHSNN3RZ9/piOoiVgoBesIwU9TV5JKJU2sjwOTJ3K
GmIDTtuAySbRHNVXSR/qDkbIDK+ZUXDRGKG6kO0NoCJLi2R60jiKM7JGBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF/Sdq5KOVSmMUCaYOr4HgKuykWGMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWDlKMnJrbzVWS1l4UUpwZzZ2Z2VBcTdLUllZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvPG2AwQA
vPHzMA0GCSqGSIb3DQEBCwUAA4IBAQAsZH6F+2NoRzy1HAfSRs/0rza6rOezGw/O
hCatMtS/E9qFQsf0OsfJq01XqQvRQGHF4DKhvZNrP7fXU2Dy9xUErB0Fo59tsmiQ
N+sSE8yPriVPbq4/T+neOm1mIVpD6zZeijeiWPLB8cyt8IPOQ7etvjkAlw19XBG8
McC/Fgll6Srz8VAp822SpAgonGhgQlNR+RJ/Aq0nzYEsbK4tQICoeoio9eIObU7I
6ibM/h6Uvg2Wx2nqts4eRUIZE98VGqgIl12mUVnTMbWjH9Bi1X2e8Dzd9whi00Px
XHwcP7hWcneOIskluDee8xDYXGZDUddANuDBp01qhZefDnqArB0L
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:46 2024 by rpki-client on console-fra.rpki-client.org