Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YAbW4jbyX1-2DWEN1RE4nzPxPyA.roa
File: YAbW4jbyX1-2DWEN1RE4nzPxPyA.roa (raw, json)
Hash identifier: 6a9FY4yZMCBxQ7K0dmt03kWQotqQxhS4UYJyujyDvW0=
Subject key identifier: 60:06:D6:E2:36:F2:5F:5F:B6:0D:61:0D:D5:11:38:9F:33:F1:3F:20
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0189D4CAF5FD1D2BF536603B2DF722440AA0
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YAbW4jbyX1-2DWEN1RE4nzPxPyA.roa
Signing time: Tue 08 Aug 2023 10:56:58 +0000
ROA not before: Tue 08 Aug 2023 10:56:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 140736
IP address blocks: 193.23.128.0/22 maxlen: 24
213.232.92.0/22 maxlen: 24
185.255.36.0/22 maxlen: 24
188.240.224.0/22 maxlen: 24
91.188.204.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d4:ca:f5:fd:1d:2b:f5:36:60:3b:2d:f7:22:44:0a:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 8 10:56:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6006d6e236f25f5fb60d610dd511389f33f13f20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:60:9c:d8:b0:ec:c8:ac:71:be:d1:f0:13:7b:
35:13:e5:96:75:65:2a:9d:61:82:39:5d:83:01:78:
24:21:ba:9c:a0:f1:85:0d:4b:41:53:08:af:58:3f:
37:33:98:29:2d:db:20:cc:2b:b9:7b:61:76:7e:da:
b7:b9:9e:b3:ce:3f:62:88:2b:3a:f8:86:d0:bb:77:
67:ff:41:d6:bc:04:0a:7f:e9:49:64:0f:cb:21:96:
b5:18:24:0d:5e:47:9c:03:42:73:04:eb:e2:f5:59:
28:8d:99:76:29:3d:ae:13:22:9c:07:aa:1d:44:c7:
4a:94:52:04:73:52:45:d1:b9:0b:97:03:85:8d:76:
ed:9b:2d:02:74:b4:b3:56:08:88:08:29:71:09:4d:
be:07:83:db:2f:79:eb:05:0d:34:c0:d2:40:1c:32:
82:36:2d:09:fc:27:ac:da:88:6c:4c:b1:5f:e9:89:
35:3b:8f:c7:1d:04:72:9b:b1:8b:15:1b:ec:ba:cf:
74:74:99:cd:1a:91:52:60:f7:6f:e3:fa:bd:eb:47:
8c:5d:0b:3f:ef:e1:1c:f8:70:0d:99:b3:68:4e:1a:
81:72:27:05:e7:b9:eb:2a:b3:be:6f:23:9d:43:1c:
1d:1b:db:23:1e:5b:57:41:a9:ca:d2:07:77:0a:e5:
b5:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:06:D6:E2:36:F2:5F:5F:B6:0D:61:0D:D5:11:38:9F:33:F1:3F:20
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YAbW4jbyX1-2DWEN1RE4nzPxPyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.204.0/22
185.255.36.0/22
188.240.224.0/22
193.23.128.0/22
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
24:fc:69:29:e6:dd:01:21:bd:6f:8a:9f:8d:62:de:88:0c:36:
e3:a3:db:bd:0f:20:65:ea:9b:f0:d3:28:36:a6:00:8f:5b:c7:
79:f9:2e:f5:09:6a:2b:bf:33:eb:00:91:f8:d5:cd:56:b0:c5:
34:c9:c8:7c:a5:a7:22:75:44:fb:b8:eb:4e:b4:86:61:6b:90:
98:b9:a4:65:c2:44:31:fe:9c:b5:63:53:a7:6d:ba:ba:6c:61:
97:c6:f9:a4:c0:c8:41:23:b4:15:60:2a:b1:1d:61:72:a9:36:
53:51:75:54:ba:57:1f:38:7b:2e:ed:2f:22:b4:14:2a:6e:5b:
7d:9c:ed:71:ec:55:09:5f:bb:8b:ca:7b:35:70:01:ba:f6:12:
1d:b9:54:4a:e8:41:5c:bc:25:10:0a:03:9c:fd:cb:cd:d0:66:
db:8d:a4:81:28:86:ca:bd:cd:16:06:88:b9:f8:09:b5:6e:fb:
87:f2:6f:60:49:b3:9f:b0:d5:45:62:31:cf:ba:6e:a1:45:76:
6d:e4:f6:2f:d7:0d:65:cf:16:7e:aa:1a:a1:de:0c:3f:65:67:
dc:30:20:5b:f4:f8:66:71:79:12:16:bd:27:79:c8:05:99:fa:
83:f9:bb:8a:9b:e8:1d:d6:da:bc:04:f2:5b:5b:d5:b6:dd:f0:
4b:e1:8a:ab
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYnUyvX9HSv1NmA7LfciRAqgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwODA4MTA1NjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDA2ZDZlMjM2ZjI1ZjVmYjYwZDYxMGRkNTExMzg5ZjMzZjEzZjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2Cc2LDsyKxxvtHwE3s1E+WWdWUq
nWGCOV2DAXgkIbqcoPGFDUtBUwivWD83M5gpLdsgzCu5e2F2ftq3uZ6zzj9iiCs6
+IbQu3dn/0HWvAQKf+lJZA/LIZa1GCQNXkecA0JzBOvi9VkojZl2KT2uEyKcB6od
RMdKlFIEc1JF0bkLlwOFjXbtmy0CdLSzVgiICClxCU2+B4PbL3nrBQ00wNJAHDKC
Ni0J/Ces2ohsTLFf6Yk1O4/HHQRym7GLFRvsus90dJnNGpFSYPdv4/q960eMXQs/
7+Ec+HANmbNoThqBcicF57nrKrO+byOdQxwdG9sjHltXQanK0gd3CuW1pwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGAG1uI28l9ftg1hDdUROJ8z8T8gMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWUFiVzRqYnlYMS0yRFdFTjFSRTRuelB4UHlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCW7zMAwQC
uf8kAwQCvPDgAwQCwReAAwQC1ehcMA0GCSqGSIb3DQEBCwUAA4IBAQAk/Gkp5t0B
Ib1vip+NYt6IDDbjo9u9DyBl6pvw0yg2pgCPW8d5+S71CWorvzPrAJH41c1WsMU0
ych8pacidUT7uOtOtIZha5CYuaRlwkQx/py1Y1Onbbq6bGGXxvmkwMhBI7QVYCqx
HWFyqTZTUXVUulcfOHsu7S8itBQqblt9nO1x7FUJX7uLyns1cAG69hIduVRK6EFc
vCUQCgOc/cvN0GbbjaSBKIbKvc0WBoi5+Am1bvuH8m9gSbOfsNVFYjHPum6hRXZt
5PYv1w1lzxZ+qhqh3gw/ZWfcMCBb9PhmcXkSFr0necgFmfqD+buKm+gd1tq8BPJb
W9W23fBL4Yqr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:11 2024 by rpki-client on console-ams.rpki-client.org