Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ZfuKziHC_DLQXo-MbbRz0Skkpk0.roa
File: ZfuKziHC_DLQXo-MbbRz0Skkpk0.roa (raw, json)
Hash identifier: HkO/dUy+ZRzhwergJpBGeEF2QnixfXf0r0bkLTOFGLs=
Subject key identifier: 65:FB:8A:CE:21:C2:FC:32:D0:5E:8F:8C:6D:B4:73:D1:29:24:A6:4D
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01869DEDC096489E5D108DE61498F6047FFA
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ZfuKziHC_DLQXo-MbbRz0Skkpk0.roa
Signing time: Wed 01 Mar 2023 16:07:29 +0000
ROA not before: Wed 01 Mar 2023 16:07:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 188.241.243.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.241.182.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9d:ed:c0:96:48:9e:5d:10:8d:e6:14:98:f6:04:7f:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 1 16:07:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65fb8ace21c2fc32d05e8f8c6db473d12924a64d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:0d:be:d0:a5:bb:ab:61:7f:b3:c7:4b:1b:6d:
a9:f5:b8:06:44:4d:c2:b5:aa:ca:75:48:07:c3:f2:
81:69:2f:27:a4:3f:9b:90:93:00:87:0e:a5:89:04:
72:da:e9:35:2e:b9:34:a4:61:fc:a9:42:ea:b7:be:
28:df:2f:a4:f5:c5:5c:79:4d:79:00:77:47:f1:fb:
ea:d5:c4:20:fa:2c:57:f7:81:2c:6c:59:96:88:d3:
fe:64:f0:38:a8:b2:5e:04:4e:da:cc:6c:ae:e1:3c:
fe:95:3a:dd:6e:0d:8d:0a:dc:ab:0c:d0:1c:bb:a2:
70:e0:e4:f2:65:ff:67:52:ce:84:84:3f:23:59:bf:
3a:72:68:c8:6b:21:35:bc:f6:a8:d9:b5:d3:a6:02:
60:e5:46:55:29:11:a8:4d:a5:ac:15:e1:48:ff:e6:
cf:58:bc:e4:a0:41:4e:b3:59:d1:32:4d:45:fc:51:
a0:75:73:56:ab:4d:06:cd:69:d8:4a:64:12:0d:cf:
ab:e6:f8:20:6c:f2:31:67:b9:36:23:e1:4c:a7:f9:
09:21:03:21:0e:1d:12:a2:14:7c:ad:8e:0b:73:75:
ed:76:94:10:73:30:b4:41:4c:83:aa:aa:22:2b:06:
c4:fd:06:34:fd:c0:be:04:8e:a4:f8:77:26:07:28:
74:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:FB:8A:CE:21:C2:FC:32:D0:5E:8F:8C:6D:B4:73:D1:29:24:A6:4D
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ZfuKziHC_DLQXo-MbbRz0Skkpk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.247.151.0/24
91.188.204.0/24
185.135.141.0/24
188.241.182.0/24
188.241.243.0/24
Signature Algorithm: sha256WithRSAEncryption
71:83:0d:c8:2e:cd:18:20:be:20:b8:33:78:1f:d0:ff:5e:11:
12:36:4f:05:0d:3f:73:f9:98:f8:cd:0e:ac:e8:82:09:82:9e:
bb:da:f8:84:e1:c2:4b:bd:31:15:43:06:65:99:9e:f1:e5:f8:
2e:c8:3c:a6:5d:bb:80:4f:f6:d5:67:b9:37:71:fe:e0:12:b1:
39:64:72:a1:37:1e:82:1b:2e:54:95:cf:3c:a1:fe:f3:07:6f:
a0:d8:cc:da:28:57:81:26:02:01:f1:59:f2:a1:bf:cc:fa:bd:
c2:17:3b:61:23:be:43:a7:3b:c4:93:61:92:64:03:d9:28:41:
ee:2b:09:42:90:ac:fd:3a:c8:6d:63:64:c8:8f:d5:e1:76:b2:
0f:91:f7:e2:0b:ce:32:cc:93:e9:fe:17:58:51:88:4d:f1:61:
74:63:a5:98:44:54:f9:0a:2a:4a:77:e2:5c:2f:6c:56:78:00:
1d:6d:de:3a:c2:d7:43:ea:42:5c:0f:3d:15:f8:88:91:79:7b:
59:61:f8:02:3a:84:7d:19:57:af:08:46:9a:bf:27:8e:69:c3:
8a:e5:4c:c4:03:c4:85:d2:ef:2e:45:08:ff:d3:94:ac:7b:55:
87:6f:48:27:f9:47:f2:6c:93:e3:94:51:ab:90:18:88:c9:92:
94:51:35:01
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYad7cCWSJ5dEI3mFJj2BH/6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzAxMTYwNzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWZiOGFjZTIxYzJmYzMyZDA1ZThmOGM2ZGI0NzNkMTI5MjRhNjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQ2+0KW7q2F/s8dLG22p9bgGRE3C
tarKdUgHw/KBaS8npD+bkJMAhw6liQRy2uk1Lrk0pGH8qULqt74o3y+k9cVceU15
AHdH8fvq1cQg+ixX94EsbFmWiNP+ZPA4qLJeBE7azGyu4Tz+lTrdbg2NCtyrDNAc
u6Jw4OTyZf9nUs6EhD8jWb86cmjIayE1vPao2bXTpgJg5UZVKRGoTaWsFeFI/+bP
WLzkoEFOs1nRMk1F/FGgdXNWq00GzWnYSmQSDc+r5vggbPIxZ7k2I+FMp/kJIQMh
Dh0SohR8rY4Lc3XtdpQQczC0QUyDqqoiKwbE/QY0/cC+BI6k+HcmByh08QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGX7is4hwvwy0F6PjG20c9EpJKZNMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWmZ1S3ppSENfRExRWG8tTWJiUnowU2trcGswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAV/eXAwQA
W7zMAwQAuYeNAwQAvPG2AwQAvPHzMA0GCSqGSIb3DQEBCwUAA4IBAQBxgw3ILs0Y
IL4guDN4H9D/XhESNk8FDT9z+Zj4zQ6s6IIJgp672viE4cJLvTEVQwZlmZ7x5fgu
yDymXbuAT/bVZ7k3cf7gErE5ZHKhNx6CGy5Ulc88of7zB2+g2MzaKFeBJgIB8Vny
ob/M+r3CFzthI75DpzvEk2GSZAPZKEHuKwlCkKz9OshtY2TIj9XhdrIPkffiC84y
zJPp/hdYUYhN8WF0Y6WYRFT5CipKd+JcL2xWeAAdbd46wtdD6kJcDz0V+IiReXtZ
YfgCOoR9GVevCEaavyeOacOK5UzEA8SF0u8uRQj/05Sse1WHb0gn+UfybJPjlFGr
kBiIyZKUUTUB
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:55 2023 by rpki-client on console-ams.rpki-client.org