Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Z6pFbDVxLJcP0s8p5pmbxPcxu_s.roa
File: Z6pFbDVxLJcP0s8p5pmbxPcxu_s.roa (raw, json)
Hash identifier: mInTE0EXcuGyLe2NR5HXofmZm3bMJMycAIcni0rjEFQ=
Subject key identifier: 67:AA:45:6C:35:71:2C:97:0F:D2:CF:29:E6:99:9B:C4:F7:31:BB:FB
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01873BBCB71A8989B8BB979ABBA1D5BE22FC
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Z6pFbDVxLJcP0s8p5pmbxPcxu_s.roa
Signing time: Sat 01 Apr 2023 07:33:56 +0000
ROA not before: Sat 01 Apr 2023 07:33:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138687
IP address blocks: 188.212.133.0/24 maxlen: 24
185.255.171.0/24 maxlen: 24
185.238.9.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:3b:bc:b7:1a:89:89:b8:bb:97:9a:bb:a1:d5:be:22:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 1 07:33:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67aa456c35712c970fd2cf29e6999bc4f731bbfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ac:b0:62:98:d4:d6:cc:5b:15:ef:aa:2f:f8:
a2:4d:9e:b9:55:15:c0:40:ba:d4:0c:a1:d6:6b:83:
5c:52:07:d3:f8:8a:61:f0:08:01:f6:a3:98:d8:62:
9d:0a:fa:1f:31:9a:5a:f4:fa:d0:87:79:e7:6c:74:
9f:b8:e4:fb:f6:6b:c8:26:54:57:6f:8d:2f:4a:1d:
84:8b:af:bf:a3:10:27:cc:c1:e2:f4:61:4b:e7:70:
01:f5:5e:51:94:e6:1b:64:7c:21:b4:84:e7:50:7f:
6d:3f:38:aa:e8:28:29:36:b4:7e:ae:a7:a3:94:e6:
39:7d:a0:27:51:6b:df:50:69:bd:50:9d:b6:1e:11:
8d:7c:6c:cd:f8:09:8b:85:60:04:12:4c:64:b3:a6:
ef:e4:b7:ad:03:cc:50:11:ba:1f:a0:73:cb:6b:bd:
e5:ab:2b:8a:89:5d:fe:a3:a9:6b:d4:ca:85:58:d6:
a3:3e:53:81:73:ba:a9:fa:94:51:43:5b:62:3c:ab:
97:a1:df:a1:91:de:f2:df:3a:b2:e2:bf:f3:bf:1c:
de:44:8b:1e:47:e2:25:89:cf:93:e5:bc:f8:87:50:
5a:ed:5d:eb:c3:78:b1:ed:85:75:7c:c5:f3:ce:1d:
a0:69:f2:2e:c3:2d:40:99:fd:45:52:bf:83:23:8d:
9a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:AA:45:6C:35:71:2C:97:0F:D2:CF:29:E6:99:9B:C4:F7:31:BB:FB
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Z6pFbDVxLJcP0s8p5pmbxPcxu_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.9.0/24
185.255.171.0/24
188.212.133.0/24
Signature Algorithm: sha256WithRSAEncryption
95:64:5f:86:25:2c:f0:31:c7:b0:1e:a6:93:50:c1:b3:73:55:
60:09:5d:1a:d0:d9:7c:c5:21:5e:61:d8:d6:12:6f:f6:f1:41:
b5:15:0d:e9:57:25:a4:a2:1e:99:4b:37:5a:cc:e0:c1:34:3b:
ac:e6:82:df:45:87:45:25:62:39:b7:77:38:07:3a:66:17:7f:
83:5e:f2:4b:8f:dc:ff:19:0c:c5:94:6f:b9:9a:58:f6:d7:62:
f5:8d:20:d7:2c:fa:19:e4:93:a4:6c:92:8d:03:ff:9e:7f:71:
42:aa:e6:b9:93:3f:d5:92:6d:ce:2a:0c:e2:04:34:31:fa:99:
b7:99:62:64:8f:d7:2d:93:af:50:51:3b:e5:cf:99:6c:47:46:
84:9e:f5:60:05:f2:f2:e9:6a:8b:dd:09:83:4f:9a:81:d5:26:
b2:95:b0:1e:4b:73:36:ca:4f:30:99:1e:d7:6d:c2:bb:fa:33:
3c:82:35:1a:3e:2e:dc:c5:b2:b0:98:9c:f8:e5:5d:e9:7b:a0:
0f:ce:9b:6b:b1:82:5d:e6:3b:e1:5d:01:83:59:e3:ee:36:ac:
50:c1:e9:a2:cd:2f:72:7d:ff:a2:a6:ef:82:63:f4:f6:7e:96:
07:23:e0:02:d2:a9:d4:06:8d:38:66:8b:9a:b9:7c:32:7c:8c:
74:bd:7a:f0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYc7vLcaiYm4u5eau6HVviL8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDAxMDczMzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2FhNDU2YzM1NzEyYzk3MGZkMmNmMjllNjk5OWJjNGY3MzFiYmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6ywYpjU1sxbFe+qL/iiTZ65VRXA
QLrUDKHWa4NcUgfT+Iph8AgB9qOY2GKdCvofMZpa9PrQh3nnbHSfuOT79mvIJlRX
b40vSh2Ei6+/oxAnzMHi9GFL53AB9V5RlOYbZHwhtITnUH9tPziq6CgpNrR+rqej
lOY5faAnUWvfUGm9UJ22HhGNfGzN+AmLhWAEEkxks6bv5LetA8xQEbofoHPLa73l
qyuKiV3+o6lr1MqFWNajPlOBc7qp+pRRQ1tiPKuXod+hkd7y3zqy4r/zvxzeRIse
R+Ilic+T5bz4h1Ba7V3rw3ix7YV1fMXzzh2gafIuwy1Amf1FUr+DI42a7QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGeqRWw1cSyXD9LPKeaZm8T3Mbv7MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWjZwRmJEVnhMSmNQMHM4cDVwbWJ4UGN4dV9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAue4JAwQA
uf+rAwQAvNSFMA0GCSqGSIb3DQEBCwUAA4IBAQCVZF+GJSzwMcewHqaTUMGzc1Vg
CV0a0Nl8xSFeYdjWEm/28UG1FQ3pVyWkoh6ZSzdazODBNDus5oLfRYdFJWI5t3c4
BzpmF3+DXvJLj9z/GQzFlG+5mlj212L1jSDXLPoZ5JOkbJKNA/+ef3FCqua5kz/V
km3OKgziBDQx+pm3mWJkj9ctk69QUTvlz5lsR0aEnvVgBfLy6WqL3QmDT5qB1Say
lbAeS3M2yk8wmR7XbcK7+jM8gjUaPi7cxbKwmJz45V3pe6APzptrsYJd5jvhXQGD
WePuNqxQwemizS9yff+ipu+CY/T2fpYHI+AC0qnUBo04ZouauXwyfIx0vXrw
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:02 2023 by rpki-client on console-fra.rpki-client.org