Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/c1Y6ZVgIf6qfg2Bu35VLBZJVwDw.roa
File: c1Y6ZVgIf6qfg2Bu35VLBZJVwDw.roa (raw, json)
Hash identifier: FIcgtjlJ1KIbDnuJyUBklINwTsiNPLkG6a/Z/wPFt/s=
Subject key identifier: 73:56:3A:65:58:08:7F:AA:9F:83:60:6E:DF:95:4B:05:92:55:C0:3C
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018C17106D982318EE438434A5ED0252CD2B
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/c1Y6ZVgIf6qfg2Bu35VLBZJVwDw.roa
Signing time: Tue 28 Nov 2023 17:53:21 +0000
ROA not before: Tue 28 Nov 2023 17:53:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 78.142.242.0/23 maxlen: 24
78.142.241.0/24 maxlen: 24
178.239.204.0/24 maxlen: 24
203.0.9.0/24 maxlen: 24
203.0.8.0/24 maxlen: 24
223.27.114.0/24 maxlen: 24
103.212.82.0/24 maxlen: 24
89.47.89.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:17:10:6d:98:23:18:ee:43:84:34:a5:ed:02:52:cd:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 28 17:53:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73563a6558087faa9f83606edf954b059255c03c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:80:f7:86:cf:db:63:7c:43:6a:ef:2c:6f:31:
26:57:fc:c2:62:c0:6e:25:62:45:38:8a:f7:39:de:
1d:06:0e:25:2a:2c:33:2f:90:f9:d8:3c:19:9c:4f:
8f:bd:89:89:70:d7:69:26:99:91:b6:c2:12:d2:8f:
50:62:58:3b:bb:79:20:6a:a6:d8:86:3a:2f:bc:ed:
9b:a8:5a:6f:9f:77:cc:54:dd:41:a8:3a:03:d9:41:
6f:b0:3d:7d:0e:e9:4a:ae:84:44:d5:3a:bf:be:79:
f9:6e:c6:26:ed:1b:54:fb:d5:ab:0f:84:35:51:c9:
3e:da:b2:bc:a2:a9:4a:ca:9f:56:e6:8e:02:55:9b:
4d:a7:f9:a6:65:ae:b3:5a:80:27:d4:a0:c1:89:1c:
66:4a:77:cb:df:d6:7f:be:bc:b8:72:cf:fd:ae:9f:
10:30:00:1d:e8:49:65:e2:42:fe:e7:e7:c4:32:f6:
de:03:db:9d:b1:60:09:26:d3:f8:08:7f:ce:28:69:
d1:a2:47:99:96:15:90:ef:b5:22:89:85:c6:6f:73:
62:6c:d9:aa:19:f9:10:9b:43:66:c1:c4:fd:23:b7:
a3:fa:ad:43:b9:e0:d4:2c:4d:d0:f7:a8:74:2c:65:
3c:c7:c3:bd:7a:72:3f:44:20:0e:b1:bf:c4:b0:31:
83:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:56:3A:65:58:08:7F:AA:9F:83:60:6E:DF:95:4B:05:92:55:C0:3C
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/c1Y6ZVgIf6qfg2Bu35VLBZJVwDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.241.0-78.142.243.255
89.47.89.0/24
103.212.82.0/24
178.239.204.0/24
203.0.8.0/23
223.27.114.0/24
Signature Algorithm: sha256WithRSAEncryption
43:59:47:a6:22:19:e8:a6:14:ff:17:27:71:62:49:3f:da:af:
eb:31:fa:15:1b:cb:a4:11:bf:fa:d8:e8:01:49:09:9d:7a:ac:
d5:f8:cd:dc:39:ef:0a:22:50:51:af:e7:d8:85:bf:38:65:e8:
7b:57:3f:34:ff:60:8c:da:c1:0e:60:d2:39:73:24:69:4b:b6:
35:68:59:0a:a8:81:d7:eb:a0:9d:e5:af:f8:ef:f7:de:2d:ae:
3a:5b:e9:00:8b:d3:93:f9:30:fa:4d:30:e3:f0:02:15:25:b8:
0a:65:c0:e4:7e:32:2b:11:57:9d:fd:72:c1:ac:f8:89:23:78:
a7:91:91:f5:8b:ed:7d:4a:f7:27:be:94:42:8b:33:d9:e5:67:
be:ba:c3:e2:6b:02:cc:2d:b7:50:8b:03:90:85:8d:73:97:74:
b6:18:e7:93:6e:1d:d4:95:6a:4a:78:af:5e:a7:14:ab:bf:be:
78:1b:d4:db:d5:33:c0:ae:6c:24:ce:d5:4e:31:44:2a:67:9f:
9c:01:b4:9e:f1:e6:bc:8a:21:bc:dc:b8:67:31:39:15:8c:e0:
31:a9:35:b6:be:97:7d:48:82:46:b3:ac:c1:c8:fc:3f:e7:f5:
ea:ac:26:e8:ac:ae:71:98:6e:bb:cb:79:11:11:db:85:84:41:
95:7a:6a:66
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYwXEG2YIxjuQ4Q0pe0CUs0rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTI4MTc1MzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzU2M2E2NTU4MDg3ZmFhOWY4MzYwNmVkZjk1NGIwNTkyNTVjMDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlID3hs/bY3xDau8sbzEmV/zCYsBu
JWJFOIr3Od4dBg4lKiwzL5D52DwZnE+PvYmJcNdpJpmRtsIS0o9QYlg7u3kgaqbY
hjovvO2bqFpvn3fMVN1BqDoD2UFvsD19DulKroRE1Tq/vnn5bsYm7RtU+9WrD4Q1
Uck+2rK8oqlKyp9W5o4CVZtNp/mmZa6zWoAn1KDBiRxmSnfL39Z/vry4cs/9rp8Q
MAAd6Ell4kL+5+fEMvbeA9udsWAJJtP4CH/OKGnRokeZlhWQ77UiiYXGb3NibNmq
GfkQm0NmwcT9I7ej+q1DueDULE3Q96h0LGU8x8O9enI/RCAOsb/EsDGDlQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFHNWOmVYCH+qn4Ngbt+VSwWSVcA8MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvYzFZNlpWZ0lmNnFmZzJCdTM1VkxCWkpWd0R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBABOjvED
BAJOjvADBABZL1kDBABn1FIDBACy78wDBAHLAAgDBADfG3IwDQYJKoZIhvcNAQEL
BQADggEBAENZR6YiGeimFP8XJ3FiST/ar+sx+hUby6QRv/rY6AFJCZ16rNX4zdw5
7woiUFGv59iFvzhl6HtXPzT/YIzawQ5g0jlzJGlLtjVoWQqogdfroJ3lr/jv994t
rjpb6QCL05P5MPpNMOPwAhUluAplwOR+MisRV539csGs+IkjeKeRkfWL7X1K9ye+
lEKLM9nlZ766w+JrAswtt1CLA5CFjXOXdLYY55NuHdSVakp4r16nFKu/vngb1NvV
M8CubCTO1U4xRCpnn5wBtJ7x5ryKIbzcuGcxORWM4DGpNba+l31IgkazrMHI/D/n
9eqsJuisrnGYbrvLeRER24WEQZV6amY=
-----END CERTIFICATE-----
Generated at Thu Nov 30 08:15:45 2023 by rpki-client on console-fra.rpki-client.org