Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/_oI_iHEonhqSqF8uERYJbC0pOz0.roa
File: _oI_iHEonhqSqF8uERYJbC0pOz0.roa (raw, json)
Hash identifier: BId/zxvtXkkC9269bna2MEhGUtE7b2sBXyg8FJ0pf+4=
Subject key identifier: FE:82:3F:88:71:28:9E:1A:92:A8:5F:2E:11:16:09:6C:2D:29:3B:3D
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0189B0DB442D5BEA69E57BBB52CD76D10E92
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/_oI_iHEonhqSqF8uERYJbC0pOz0.roa
Signing time: Tue 01 Aug 2023 11:28:27 +0000
ROA not before: Tue 01 Aug 2023 11:28:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 93.114.192.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
188.241.182.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b0:db:44:2d:5b:ea:69:e5:7b:bb:52:cd:76:d1:0e:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 1 11:28:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe823f8871289e1a92a85f2e1116096c2d293b3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2f:33:7a:19:0c:f7:ef:4b:03:de:94:a3:c8:
2a:ac:1d:b3:73:fc:4b:25:56:51:ca:c2:21:50:23:
44:b3:be:42:72:2f:9d:09:8f:85:f0:5a:52:1d:a2:
0a:6b:7a:13:f7:d2:d5:44:01:86:58:55:10:cf:8c:
29:60:c9:ae:14:43:13:c6:ce:bd:2f:c3:c9:f2:f8:
37:6c:bd:74:f4:8c:9c:7a:28:5d:52:a6:0d:86:11:
69:c3:4c:56:91:9b:16:be:c2:dc:14:da:d1:f5:17:
e9:e9:dc:cf:b1:38:bd:83:b2:e2:e9:0a:35:b3:ea:
5c:80:92:0c:4b:c5:31:41:dc:36:a3:b5:84:62:df:
04:69:14:91:57:29:71:b3:5a:cd:fd:8c:61:d0:6a:
a9:78:c8:b7:b8:07:be:ee:2d:b3:7a:a9:1e:d4:7d:
13:be:e4:4c:4b:3d:58:ba:9f:59:38:c1:93:68:02:
19:be:fd:74:cb:57:4d:f2:94:4c:20:b3:59:44:19:
e1:27:ad:74:c5:79:a0:01:07:7b:7b:07:7b:f5:93:
a7:0d:cc:10:6b:df:5b:b0:62:fe:51:17:54:4f:9e:
1d:ac:2e:7e:5f:28:b6:72:2c:88:b0:a5:79:a0:d6:
cb:b1:a7:b1:2a:39:a4:47:7e:57:65:1f:58:e2:11:
6e:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:82:3F:88:71:28:9E:1A:92:A8:5F:2E:11:16:09:6C:2D:29:3B:3D
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/_oI_iHEonhqSqF8uERYJbC0pOz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.62.0/24
93.114.192.0/24
188.241.182.0/24
188.241.243.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:54:18:79:17:ff:4b:fa:d2:4f:8f:3e:8a:a6:90:19:ea:65:
e7:86:97:74:be:ee:58:21:61:3f:d5:66:95:75:bc:84:7a:2f:
ea:58:d3:ef:3c:ef:42:fb:b3:e4:99:8c:a1:df:7c:69:d9:28:
1e:63:76:fd:8c:77:3d:9a:f1:40:40:5c:59:60:50:29:1c:14:
b9:11:a5:3c:14:0c:41:d9:0c:cf:92:32:7a:fc:fb:16:3c:cf:
aa:5d:38:94:dd:00:56:bc:aa:52:2b:83:e9:f6:02:0f:b0:f7:
1f:2a:c0:f9:02:ea:8e:ab:b9:39:d1:b7:4f:e9:a7:b8:3b:66:
ce:c9:8d:ed:88:08:43:21:e3:02:46:58:a8:c5:9a:e0:74:c7:
8d:2e:ee:7e:57:92:38:4c:d2:be:2e:69:6c:dc:f2:42:92:f2:
13:2a:dc:3e:6f:88:a7:c0:4b:4e:4b:f5:0d:79:63:be:1b:8d:
66:b1:cc:69:23:6d:ca:4f:6f:ca:4b:26:01:0f:c6:3b:45:c5:
e2:3b:0b:25:d0:f1:ff:a6:a1:37:91:40:81:f9:99:5a:81:1c:
e8:87:59:33:cc:8b:dc:60:89:8b:1b:4a:03:0b:fd:0e:3a:54:
84:0a:83:f9:13:68:bb:b6:e3:2e:fb:56:e7:11:41:1d:66:97:
37:71:cc:8f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYmw20QtW+pp5Xu7Us120Q6SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwODAxMTEyODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTgyM2Y4ODcxMjg5ZTFhOTJhODVmMmUxMTE2MDk2YzJkMjkzYjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvi8zehkM9+9LA96Uo8gqrB2zc/xL
JVZRysIhUCNEs75Cci+dCY+F8FpSHaIKa3oT99LVRAGGWFUQz4wpYMmuFEMTxs69
L8PJ8vg3bL109IyceihdUqYNhhFpw0xWkZsWvsLcFNrR9Rfp6dzPsTi9g7Li6Qo1
s+pcgJIMS8UxQdw2o7WEYt8EaRSRVylxs1rN/Yxh0GqpeMi3uAe+7i2zeqke1H0T
vuRMSz1Yup9ZOMGTaAIZvv10y1dN8pRMILNZRBnhJ610xXmgAQd7ewd79ZOnDcwQ
a99bsGL+URdUT54drC5+Xyi2ciyIsKV5oNbLsaexKjmkR35XZR9Y4hFugwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP6CP4hxKJ4akqhfLhEWCWwtKTs9MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvX29JX2lIRW9uaHFTcUY4dUVSWUpiQzBwT3owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWSU+AwQA
XXLAAwQAvPG2AwQAvPHzMA0GCSqGSIb3DQEBCwUAA4IBAQCKVBh5F/9L+tJPjz6K
ppAZ6mXnhpd0vu5YIWE/1WaVdbyEei/qWNPvPO9C+7PkmYyh33xp2SgeY3b9jHc9
mvFAQFxZYFApHBS5EaU8FAxB2QzPkjJ6/PsWPM+qXTiU3QBWvKpSK4Pp9gIPsPcf
KsD5AuqOq7k50bdP6ae4O2bOyY3tiAhDIeMCRlioxZrgdMeNLu5+V5I4TNK+Lmls
3PJCkvITKtw+b4inwEtOS/UNeWO+G41mscxpI23KT2/KSyYBD8Y7RcXiOwsl0PH/
pqE3kUCB+ZlagRzoh1kzzIvcYImLG0oDC/0OOlSECoP5E2i7tuMu+1bnEUEdZpc3
ccyP
Generated at Tue Aug 8 06:06:18 2023 by rpki-client on console-ams.rpki-client.org