Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/XD6G_lGxUpM3uB2hMiOYhNhF2Dg.roa
File: XD6G_lGxUpM3uB2hMiOYhNhF2Dg.roa (raw, json)
Hash identifier: jgSbPxa577MvJ9jOSy3ktSw/IdJBzr1kovzSh59eyxc=
Subject key identifier: 5C:3E:86:FE:51:B1:52:93:37:B8:1D:A1:32:23:98:84:D8:45:D8:38
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B7507A25362EA3980F3096ADC48FFE22D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/XD6G_lGxUpM3uB2hMiOYhNhF2Dg.roa
Signing time: Sat 28 Oct 2023 06:45:16 +0000
ROA not before: Sat 28 Oct 2023 06:45:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47392
IP address blocks: 188.213.202.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:75:07:a2:53:62:ea:39:80:f3:09:6a:dc:48:ff:e2:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 28 06:45:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c3e86fe51b1529337b81da132239884d845d838
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ab:0c:1f:6e:ff:fc:2d:59:dc:3f:72:11:dd:
bb:e6:c7:82:82:a9:ba:a1:67:0e:7a:91:e4:e3:ba:
88:0c:33:31:11:75:ee:c9:08:fb:e2:29:4b:df:66:
f0:3f:99:42:4f:01:31:fe:8f:e0:9b:e0:c7:88:0b:
04:b4:34:5c:42:35:d4:00:ad:6b:52:a4:3f:76:4f:
02:83:e1:db:9d:a9:3f:61:87:43:74:d9:9e:bc:4c:
ff:0e:c5:6e:d4:6c:7a:7a:ac:e9:19:56:55:00:fb:
79:c6:a8:f8:0b:f5:ae:53:44:67:d2:f5:af:ea:8e:
81:ca:80:e4:e8:30:1e:c5:db:2b:5e:89:67:a6:f1:
2f:c6:79:14:39:eb:18:de:ab:1c:ba:45:c1:d3:15:
8a:e1:3f:37:e4:84:4a:35:a1:67:bc:0f:62:9b:05:
98:55:2c:18:8f:f5:e6:04:01:75:fd:d6:1f:3f:ec:
2c:30:28:a3:83:82:3a:ff:53:6a:6a:5b:b8:84:22:
34:b1:3e:26:f3:ca:0b:f2:f7:7d:bf:60:2b:5b:f7:
b2:cf:3f:fc:99:a2:41:12:03:f8:98:06:7a:e4:b6:
86:0e:9c:d8:b4:77:03:9c:64:1c:b1:40:77:f0:10:
1f:57:89:11:1a:0a:24:cf:07:1c:13:e3:f5:97:c2:
ea:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:3E:86:FE:51:B1:52:93:37:B8:1D:A1:32:23:98:84:D8:45:D8:38
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/XD6G_lGxUpM3uB2hMiOYhNhF2Dg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.212.155.0/24
188.213.202.0/24
188.240.233.0/24
Signature Algorithm: sha256WithRSAEncryption
14:3a:7e:b6:10:4a:14:2c:ae:a6:5f:33:19:eb:ba:ee:dc:fd:
10:07:61:ba:64:3a:46:b9:93:07:5b:50:dd:d4:3c:b3:13:c7:
16:26:4d:f4:ad:8c:93:55:64:d0:c1:44:77:20:2b:c3:0f:a0:
6b:75:05:62:fe:2c:f1:b0:8f:0e:05:d7:ad:de:6f:2e:43:e3:
38:d8:8e:fe:10:7e:0c:78:25:40:41:ca:ba:3e:31:94:96:1f:
c7:7d:de:21:7e:d1:e2:d3:a6:4a:12:af:dd:e2:67:90:dc:16:
6c:d9:6f:b0:eb:96:98:16:51:1e:19:08:74:ab:0c:a5:c6:4b:
7f:1a:14:3f:e2:77:ae:7e:4f:e8:76:1f:d6:41:72:7a:f6:10:
0b:35:b4:36:fa:0c:29:52:39:27:d0:6f:9b:47:c1:9f:2d:6f:
aa:57:aa:db:f4:13:11:1a:38:20:c5:88:b3:e9:34:47:4a:b0:
dc:4c:51:2e:2d:1f:54:9d:17:3d:7d:58:5d:7a:b7:a5:b5:81:
5b:7d:3d:ac:04:ed:3d:8b:e0:44:50:ca:3a:9f:7e:da:f5:07:
a1:22:55:bb:86:23:3e:34:6a:0f:de:66:25:b1:9d:3c:2f:c1:
92:b5:2a:8e:2a:93:5c:84:e3:47:49:4d:26:57:b7:fe:41:3a:
81:01:dd:08
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYt1B6JTYuo5gPMJatxI/+ItMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDI4MDY0NTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzNlODZmZTUxYjE1MjkzMzdiODFkYTEzMjIzOTg4NGQ4NDVkODM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKsMH27//C1Z3D9yEd275seCgqm6
oWcOepHk47qIDDMxEXXuyQj74ilL32bwP5lCTwEx/o/gm+DHiAsEtDRcQjXUAK1r
UqQ/dk8Cg+Hbnak/YYdDdNmevEz/DsVu1Gx6eqzpGVZVAPt5xqj4C/WuU0Rn0vWv
6o6ByoDk6DAexdsrXolnpvEvxnkUOesY3qscukXB0xWK4T835IRKNaFnvA9imwWY
VSwYj/XmBAF1/dYfP+wsMCijg4I6/1Nqalu4hCI0sT4m88oL8vd9v2ArW/eyzz/8
maJBEgP4mAZ65LaGDpzYtHcDnGQcsUB38BAfV4kRGgokzwccE+P1l8Lq/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFw+hv5RsVKTN7gdoTIjmITYRdg4MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWEQ2R19sR3hVcE0zdUIyaE1pT1loTmhGMkRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAvNSbAwQA
vNXKAwQAvPDpMA0GCSqGSIb3DQEBCwUAA4IBAQAUOn62EEoULK6mXzMZ67ru3P0Q
B2G6ZDpGuZMHW1Dd1DyzE8cWJk30rYyTVWTQwUR3ICvDD6BrdQVi/izxsI8OBdet
3m8uQ+M42I7+EH4MeCVAQcq6PjGUlh/Hfd4hftHi06ZKEq/d4meQ3BZs2W+w65aY
FlEeGQh0qwylxkt/GhQ/4neufk/odh/WQXJ69hALNbQ2+gwpUjkn0G+bR8GfLW+q
V6rb9BMRGjggxYiz6TRHSrDcTFEuLR9UnRc9fVhdereltYFbfT2sBO09i+BEUMo6
n37a9QehIlW7hiM+NGoP3mYlsZ08L8GStSqOKpNchONHSU0mV7f+QTqBAd0I
-----END CERTIFICATE-----
Generated at Mon Nov 6 19:44:14 2023 by rpki-client on console-fra.rpki-client.org