Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/XYFkSgEUl3gdMRQVhu2AnvmJPFs.roa
File: XYFkSgEUl3gdMRQVhu2AnvmJPFs.roa (raw, json)
Hash identifier: 6hFDIZBgHXxzoYGJ2NJ8MP1/jKAPsX/rVY5xiZHW4+s=
Subject key identifier: 5D:81:64:4A:01:14:97:78:1D:31:14:15:86:ED:80:9E:F9:89:3C:5B
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01878001EAAD06D27DFD4E7E1E2C37D17C66
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/XYFkSgEUl3gdMRQVhu2AnvmJPFs.roa
Signing time: Fri 14 Apr 2023 13:43:41 +0000
ROA not before: Fri 14 Apr 2023 13:43:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 178.239.202.0/24 maxlen: 24
178.239.201.0/24 maxlen: 24
93.114.195.0/24 maxlen: 24
185.229.107.0/24 maxlen: 24
89.43.209.0/24 maxlen: 24
89.46.92.0/24 maxlen: 24
193.42.54.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:80:01:ea:ad:06:d2:7d:fd:4e:7e:1e:2c:37:d1:7c:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 14 13:43:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d81644a011497781d31141586ed809ef9893c5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2a:af:ea:db:e0:0e:74:7d:be:7e:13:1b:fd:
6c:fc:ca:83:26:96:4a:5e:30:6e:97:cd:99:95:10:
41:60:90:cd:90:d1:e8:e7:70:0c:7a:78:07:bc:6c:
57:7a:61:76:3d:cf:fe:28:8d:26:db:83:0b:89:e7:
9f:73:c0:5e:e8:d8:b9:95:46:fc:91:98:58:60:5c:
4e:fd:d6:1f:33:b8:e1:c0:2a:a8:26:be:fd:26:eb:
1f:97:53:0a:62:cc:4a:b4:c3:08:95:ad:3f:63:31:
04:cc:e7:54:18:62:0f:bf:00:d1:6a:9b:2e:5c:14:
35:02:c8:1d:c8:b1:08:b0:83:40:58:cf:e0:c1:17:
f6:02:62:9e:cb:b0:d6:4d:00:bd:55:b2:0e:c8:e7:
ed:09:5e:a3:d3:bb:d4:e2:7e:4f:7f:23:fe:81:5d:
98:7b:2e:ea:00:07:21:bf:14:1f:27:2c:84:6b:35:
f4:ac:f9:c4:75:c9:aa:b6:33:09:df:6a:ed:14:59:
9f:69:a5:cb:7a:07:a8:a8:1b:49:58:0d:90:e8:cc:
bd:fd:90:6b:d8:1a:48:7b:b0:7c:dd:cd:f0:af:35:
c3:1e:26:26:8c:3e:dd:3a:1b:35:39:c4:0e:1d:53:
24:c0:d9:b6:48:26:30:a3:a4:5b:fb:5d:06:4a:ff:
db:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:81:64:4A:01:14:97:78:1D:31:14:15:86:ED:80:9E:F9:89:3C:5B
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/XYFkSgEUl3gdMRQVhu2AnvmJPFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.43.209.0/24
89.46.92.0/24
93.114.195.0/24
178.239.201.0-178.239.202.255
185.229.107.0/24
193.42.54.0/23
Signature Algorithm: sha256WithRSAEncryption
60:7f:2f:ff:ef:31:5e:86:2d:15:c7:26:6c:78:13:10:72:34:
90:78:c9:02:ab:99:10:5b:8c:d9:21:3a:29:01:1f:24:e2:07:
b5:68:c9:2d:39:49:ce:8b:7f:c7:cb:4f:5a:76:7c:69:39:57:
57:bd:d5:ce:4a:f5:57:2b:56:e7:c9:f0:ec:5b:01:e1:ca:b1:
d0:6b:79:54:65:41:fa:80:c5:f7:2d:6f:fe:82:64:81:5a:1b:
31:89:b4:a1:8a:69:5c:82:36:e4:98:14:e0:19:73:4e:4d:40:
55:95:88:68:63:b8:ca:89:1a:88:c5:aa:3e:c6:1f:a2:71:0e:
d0:98:b6:0e:b5:c5:97:28:81:ba:c6:1e:6d:cb:08:73:ef:34:
09:77:46:b8:9c:d7:ea:a3:1a:69:5e:03:07:2f:02:66:83:5c:
54:c9:59:f9:6c:34:2a:a4:eb:28:2f:fd:88:9d:94:9a:72:31:
6a:06:d3:4b:ca:27:f9:79:75:36:81:c8:29:22:73:f7:c2:25:
ce:a4:c7:ca:1b:0e:72:17:92:ac:56:12:53:35:dc:c2:51:4a:
fb:13:8c:99:97:7a:64:73:59:33:7a:d9:e8:af:38:7b:31:57:
5b:59:25:67:66:d8:70:8a:7b:18:92:06:3e:9f:3f:84:1b:c8:
cb:14:e8:0c
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYeAAeqtBtJ9/U5+Hiw30XxmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDE0MTM0MzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDgxNjQ0YTAxMTQ5Nzc4MWQzMTE0MTU4NmVkODA5ZWY5ODkzYzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAniqv6tvgDnR9vn4TG/1s/MqDJpZK
XjBul82ZlRBBYJDNkNHo53AMengHvGxXemF2Pc/+KI0m24MLieefc8Be6Ni5lUb8
kZhYYFxO/dYfM7jhwCqoJr79Jusfl1MKYsxKtMMIla0/YzEEzOdUGGIPvwDRapsu
XBQ1AsgdyLEIsINAWM/gwRf2AmKey7DWTQC9VbIOyOftCV6j07vU4n5PfyP+gV2Y
ey7qAAchvxQfJyyEazX0rPnEdcmqtjMJ32rtFFmfaaXLegeoqBtJWA2Q6My9/ZBr
2BpIe7B83c3wrzXDHiYmjD7dOhs1OcQOHVMkwNm2SCYwo6Rb+10GSv/bWwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFF2BZEoBFJd4HTEUFYbtgJ75iTxbMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWFlGa1NnRVVsM2dkTVJRVmh1MkFudm1KUEZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAWSvRAwQA
WS5cAwQAXXLDMAwDBACy78kDBACy78oDBAC55WsDBAHBKjYwDQYJKoZIhvcNAQEL
BQADggEBAGB/L//vMV6GLRXHJmx4ExByNJB4yQKrmRBbjNkhOikBHyTiB7VoyS05
Sc6Lf8fLT1p2fGk5V1e91c5K9VcrVufJ8OxbAeHKsdBreVRlQfqAxfctb/6CZIFa
GzGJtKGKaVyCNuSYFOAZc05NQFWViGhjuMqJGojFqj7GH6JxDtCYtg61xZcogbrG
Hm3LCHPvNAl3Rric1+qjGmleAwcvAmaDXFTJWflsNCqk6ygv/YidlJpyMWoG00vK
J/l5dTaByCkic/fCJc6kx8obDnIXkqxWElM13MJRSvsTjJmXemRzWTN62eivOHsx
V1tZJWdm2HCKexiSBj6fP4QbyMsU6Aw=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:55 2023 by rpki-client on console-ams.rpki-client.org