Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Z4KiktOiicInE2j1SWwFVy2oDj4.roa
File: Z4KiktOiicInE2j1SWwFVy2oDj4.roa (raw, json)
Hash identifier: K8qB3MTwNEoh6nEw1yj8hF2ANomuDaNQe8YF5ZugQ40=
Subject key identifier: 67:82:A2:92:D3:A2:89:C2:27:13:68:F5:49:6C:05:57:2D:A8:0E:3E
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CACA8948A792D8A9ABCEAADAAC9E53A46
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Z4KiktOiicInE2j1SWwFVy2oDj4.roa
Signing time: Wed 27 Dec 2023 19:02:58 +0000
ROA not before: Wed 27 Dec 2023 19:02:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 188.241.243.0/24 maxlen: 24
188.241.214.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ac:a8:94:8a:79:2d:8a:9a:bc:ea:ad:aa:c9:e5:3a:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Dec 27 19:02:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6782a292d3a289c2271368f5496c05572da80e3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:73:8d:a2:f0:70:5b:8c:59:74:53:05:20:ea:
6e:00:3a:c2:ac:27:ae:72:39:1f:e7:92:5c:f7:20:
01:1f:f7:df:46:74:37:e2:71:bc:af:69:40:07:d1:
0b:f0:89:57:7a:3a:4f:a7:bf:7a:75:1a:b5:d7:9c:
61:f2:86:3b:ef:ff:ce:c9:07:69:d0:c2:4b:e0:c5:
3e:06:56:40:8d:c4:77:4d:f3:45:df:2e:ec:c7:1d:
3a:99:23:49:f1:aa:b9:f9:81:94:0d:8e:f3:6b:6a:
2f:8b:36:43:2c:09:6f:9e:6d:f5:78:1d:55:9a:e5:
79:da:1e:4d:7b:7f:8b:72:60:46:05:f6:60:ab:00:
4c:db:74:db:d2:3a:99:19:f8:dc:c5:16:b3:40:2c:
3c:4f:43:7a:03:10:f9:f7:5d:56:7a:14:26:16:c1:
0c:c8:18:96:9f:f1:2d:04:1e:f5:e2:ee:87:8f:ed:
26:a4:aa:aa:f7:c9:0f:db:9d:77:be:e6:e7:37:08:
29:78:7d:08:db:64:35:98:8c:2f:4c:9e:50:ac:a0:
5e:ef:5e:f5:b1:16:a2:eb:a2:f9:35:46:7f:c5:d7:
a6:a5:19:91:47:40:80:db:cb:7f:eb:c2:69:72:be:
e3:45:3d:12:bc:e3:ad:7a:91:a3:e0:11:65:29:ef:
c7:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:82:A2:92:D3:A2:89:C2:27:13:68:F5:49:6C:05:57:2D:A8:0E:3E
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Z4KiktOiicInE2j1SWwFVy2oDj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.241.214.0/24
188.241.243.0/24
Signature Algorithm: sha256WithRSAEncryption
57:90:b0:2c:65:6e:3f:6b:9d:91:b1:37:18:2b:49:9c:ff:ac:
6a:6e:0b:e8:1e:07:2f:a5:ad:c9:88:9c:3f:5b:33:cd:d9:07:
d1:00:98:20:cb:bd:20:7f:37:1e:a8:a8:e0:69:fc:9d:8f:a0:
3b:3f:c8:18:84:1a:db:8e:50:9b:44:3e:cd:b4:a0:52:ac:23:
34:fd:93:6f:26:5f:0c:ce:14:ce:7f:7f:3f:02:11:4f:ab:74:
a9:06:ab:6e:d6:87:5c:35:e1:41:62:ab:16:a4:70:ab:8b:4b:
a7:f3:0b:3a:cb:3a:0b:c1:f1:73:8d:99:f7:73:e9:c3:0a:5b:
38:f1:d3:33:d9:36:c2:36:4d:0a:37:66:5a:ca:97:b0:4d:a5:
84:f5:44:46:f5:60:c9:06:32:cc:25:c4:96:8a:e7:44:d5:94:
c6:47:89:d3:7c:86:8a:96:35:21:6d:95:62:76:f0:b9:d5:a9:
6d:1b:9f:94:7b:81:9e:6c:82:31:65:52:8c:eb:17:93:c6:3d:
d4:a7:f5:93:6b:6a:3b:9b:d4:9a:1a:86:89:40:35:54:bf:af:
d7:54:da:46:4f:9f:fd:6f:9f:6b:8b:ce:f4:8f:5a:64:42:35:
19:66:dc:c8:a3:d7:58:34:0c:83:00:bf:ce:17:78:7c:ab:e4:
0e:1b:73:d4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYysqJSKeS2KmrzqrarJ5TpGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMjI3MTkwMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzgyYTI5MmQzYTI4OWMyMjcxMzY4ZjU0OTZjMDU1NzJkYTgwZTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnONovBwW4xZdFMFIOpuADrCrCeu
cjkf55Jc9yABH/ffRnQ34nG8r2lAB9EL8IlXejpPp796dRq115xh8oY77//OyQdp
0MJL4MU+BlZAjcR3TfNF3y7sxx06mSNJ8aq5+YGUDY7za2ovizZDLAlvnm31eB1V
muV52h5Ne3+LcmBGBfZgqwBM23Tb0jqZGfjcxRazQCw8T0N6AxD5911WehQmFsEM
yBiWn/EtBB714u6Hj+0mpKqq98kP2513vubnNwgpeH0I22Q1mIwvTJ5QrKBe7171
sRai66L5NUZ/xdempRmRR0CA28t/68Jpcr7jRT0SvOOtepGj4BFlKe/HqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGeCopLToonCJxNo9UlsBVctqA4+MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWjRLaWt0T2lpY0luRTJqMVNXd0ZWeTJvRGo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvPHWAwQA
vPHzMA0GCSqGSIb3DQEBCwUAA4IBAQBXkLAsZW4/a52RsTcYK0mc/6xqbgvoHgcv
pa3JiJw/WzPN2QfRAJggy70gfzceqKjgafydj6A7P8gYhBrbjlCbRD7NtKBSrCM0
/ZNvJl8MzhTOf38/AhFPq3SpBqtu1odcNeFBYqsWpHCri0un8ws6yzoLwfFzjZn3
c+nDCls48dMz2TbCNk0KN2ZaypewTaWE9URG9WDJBjLMJcSWiudE1ZTGR4nTfIaK
ljUhbZVidvC51altG5+Ue4GebIIxZVKM6xeTxj3Up/WTa2o7m9SaGoaJQDVUv6/X
VNpGT5/9b59ri870j1pkQjUZZtzIo9dYNAyDAL/OF3h8q+QOG3PU
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:28 2024 by rpki-client on console-fra.rpki-client.org