Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/XMbJY8gLlq0xlaQjyXI44tdA7tw.roa
File: XMbJY8gLlq0xlaQjyXI44tdA7tw.roa (raw, json)
Hash identifier: R6cP5IIrYUTs1ARjwaHNRhS1a7GZs/u3HC/NmV9kLEc=
Subject key identifier: 5C:C6:C9:63:C8:0B:96:AD:31:95:A4:23:C9:72:38:E2:D7:40:EE:DC
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0186568C7EDC14EFCA01F05593C4A9F64FD0
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/XMbJY8gLlq0xlaQjyXI44tdA7tw.roa
Signing time: Wed 15 Feb 2023 19:28:13 +0000
ROA not before: Wed 15 Feb 2023 19:28:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138687
IP address blocks: 185.255.38.0/24 maxlen: 24
185.255.171.0/24 maxlen: 24
185.238.9.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:56:8c:7e:dc:14:ef:ca:01:f0:55:93:c4:a9:f6:4f:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 15 19:28:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cc6c963c80b96ad3195a423c97238e2d740eedc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:fa:6b:02:a4:af:83:bf:a3:1c:27:67:32:3f:
6f:2d:83:d9:05:19:f1:45:2a:3c:9d:04:81:01:9c:
65:42:8e:4c:b7:0d:e3:b4:9e:9e:10:cb:5d:d0:e4:
4a:c8:58:12:11:4a:ed:d5:87:1e:20:14:ce:5f:3c:
43:9f:49:eb:19:95:69:f1:80:ca:91:7e:38:a7:76:
5c:12:bd:b7:cd:ba:c8:7b:9c:18:7f:9d:f5:a8:e6:
e7:dd:fe:49:66:30:6c:d8:e2:9d:10:4d:b9:1f:7b:
6c:5a:f3:2e:6e:37:2b:92:2c:66:a8:18:0a:18:89:
e4:cf:03:6b:8e:07:50:ce:c1:b3:43:b2:c9:73:88:
95:1a:12:03:e9:24:b2:2d:a5:c7:5e:2e:fc:25:6f:
4d:f2:d3:08:9b:98:f4:7a:e5:4f:3a:77:10:1f:12:
4e:ba:06:69:d1:a2:cb:86:1d:c7:71:35:41:16:45:
f0:03:12:b7:7c:57:13:f0:e8:ae:44:8e:bb:9c:2f:
0d:52:aa:98:82:51:c2:f3:bc:ae:00:a2:c5:32:65:
6b:47:97:37:87:be:9d:39:cf:7b:b6:d8:24:78:a5:
0d:76:1d:89:8b:94:e0:94:f6:f6:ad:8b:09:b4:24:
bf:7f:b0:29:35:0c:b7:d9:a8:9a:83:10:41:03:16:
cd:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:C6:C9:63:C8:0B:96:AD:31:95:A4:23:C9:72:38:E2:D7:40:EE:DC
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/XMbJY8gLlq0xlaQjyXI44tdA7tw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.205.0/24
185.238.9.0/24
185.255.38.0/24
185.255.171.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:2d:bb:25:e7:3c:9f:62:36:8e:74:f5:29:fe:88:45:dd:90:
7b:8a:d2:a3:b0:cb:ff:a5:de:68:d1:0e:51:4e:e7:c4:79:69:
83:41:f0:7f:a7:c5:43:f7:b8:f6:c6:ce:84:47:f3:b7:d7:9c:
6b:cb:69:0f:49:aa:9c:2f:7c:cd:93:8a:79:fb:63:1c:e4:8c:
c2:02:ee:fc:4a:16:6c:66:bd:eb:6e:d2:e8:06:e1:6a:2d:99:
fa:ee:96:f4:d9:3e:f9:00:5c:5d:d5:ae:3d:63:8e:17:63:0b:
9e:c4:fa:f1:7a:13:09:19:e1:d1:51:1b:6c:3b:07:fb:a3:d0:
a9:bd:25:c8:97:de:64:d0:45:4b:7f:a4:d4:76:17:c4:fa:14:
5a:fa:7a:15:7b:ea:af:07:75:ec:0c:0b:fd:75:8e:e2:9a:fc:
ba:9d:fb:e1:3b:e0:d5:a5:9e:cf:85:9b:e8:af:ca:e0:7b:c0:
ad:f4:e5:89:2f:24:d4:ee:55:6b:f9:20:7d:9e:e9:49:b9:15:
ff:e4:94:fa:7e:6c:b3:5f:49:55:fb:56:26:1e:95:38:24:f6:
b7:2e:ba:9b:67:a2:46:24:34:51:06:d9:d4:08:60:45:6e:66:
de:32:9f:45:e2:15:92:84:16:f5:0e:03:cc:bb:7c:65:56:fe:
ed:fb:20:3b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYZWjH7cFO/KAfBVk8Sp9k/QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjE1MTkyODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2M2Yzk2M2M4MGI5NmFkMzE5NWE0MjNjOTcyMzhlMmQ3NDBlZWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfprAqSvg7+jHCdnMj9vLYPZBRnx
RSo8nQSBAZxlQo5Mtw3jtJ6eEMtd0ORKyFgSEUrt1YceIBTOXzxDn0nrGZVp8YDK
kX44p3ZcEr23zbrIe5wYf531qObn3f5JZjBs2OKdEE25H3tsWvMubjcrkixmqBgK
GInkzwNrjgdQzsGzQ7LJc4iVGhID6SSyLaXHXi78JW9N8tMIm5j0euVPOncQHxJO
ugZp0aLLhh3HcTVBFkXwAxK3fFcT8OiuRI67nC8NUqqYglHC87yuAKLFMmVrR5c3
h76dOc97ttgkeKUNdh2Ji5TglPb2rYsJtCS/f7ApNQy32aiagxBBAxbNBwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFzGyWPIC5atMZWkI8lyOOLXQO7cMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWE1iSlk4Z0xscTB4bGFRanlYSTQ0dGRBN3R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW7zNAwQA
ue4JAwQAuf8mAwQAuf+rMA0GCSqGSIb3DQEBCwUAA4IBAQBLLbsl5zyfYjaOdPUp
/ohF3ZB7itKjsMv/pd5o0Q5RTufEeWmDQfB/p8VD97j2xs6ER/O315xry2kPSaqc
L3zNk4p5+2Mc5IzCAu78ShZsZr3rbtLoBuFqLZn67pb02T75AFxd1a49Y44XYwue
xPrxehMJGeHRURtsOwf7o9CpvSXIl95k0EVLf6TUdhfE+hRa+noVe+qvB3XsDAv9
dY7imvy6nfvhO+DVpZ7PhZvor8rge8Ct9OWJLyTU7lVr+SB9nulJuRX/5JT6fmyz
X0lV+1YmHpU4JPa3LrqbZ6JGJDRRBtnUCGBFbmbeMp9F4hWShBb1DgPMu3xlVv7t
+yA7
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:02 2023 by rpki-client on console-fra.rpki-client.org