Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/c69pACbqHBxjsm74hPaFUYt7Im0.roa
File: c69pACbqHBxjsm74hPaFUYt7Im0.roa (raw, json)
Hash identifier: 9g0wWAJcBQCbuXYfA0ckiANUokdxVxeOQQ7cF+TXb+M=
Subject key identifier: 73:AF:69:00:26:EA:1C:1C:63:B2:6E:F8:84:F6:85:51:8B:7B:22:6D
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018A1B9D8F6FB32BF2C4A86D9E99DF8651E5
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/c69pACbqHBxjsm74hPaFUYt7Im0.roa
Signing time: Tue 22 Aug 2023 05:00:25 +0000
ROA not before: Tue 22 Aug 2023 05:00:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 194.242.2.0/24 maxlen: 24
45.85.104.0/24 maxlen: 24
185.192.16.0/24 maxlen: 24
193.19.108.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1b:9d:8f:6f:b3:2b:f2:c4:a8:6d:9e:99:df:86:51:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 22 05:00:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73af690026ea1c1c63b26ef884f685518b7b226d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:6d:3d:f9:2a:31:ba:b7:7c:f9:5d:73:0c:0c:
5b:8e:55:cf:5c:29:04:d1:ab:87:9e:6f:4f:8f:22:
bd:81:60:ac:54:ef:04:c6:9f:70:1d:53:d5:aa:5d:
07:da:df:a9:6e:ff:ad:f4:03:9b:08:42:47:91:36:
e6:cb:f1:46:f2:69:e7:d0:a8:53:00:c6:fe:af:5a:
a2:e0:f8:f2:c5:67:97:4d:8f:dd:04:08:e5:0d:3b:
14:3b:6c:cb:c7:0e:65:2a:98:04:53:c0:00:4b:09:
b8:68:69:1f:81:aa:7a:58:32:79:97:81:39:a6:87:
96:95:36:c3:2d:a5:37:de:1f:59:a2:d4:ba:b2:5b:
87:0a:fe:b8:10:4a:1d:93:02:71:6b:5f:58:f4:82:
b0:36:4a:95:9b:db:65:ad:1f:ff:4c:83:da:0f:45:
30:e2:96:97:b4:07:45:fa:75:04:34:7a:24:f1:fa:
13:8c:60:2c:a8:9e:52:e9:80:41:6e:e0:72:cd:f5:
40:a2:3f:11:a8:55:06:bd:5b:dc:57:92:71:a1:82:
a9:19:92:17:45:5c:b9:a5:af:1b:27:68:93:18:82:
ac:19:5c:bc:79:ee:70:7b:e6:8d:0b:a8:72:70:de:
67:f9:3c:59:71:83:8a:ff:dc:e8:78:7f:b2:ea:43:
e5:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:AF:69:00:26:EA:1C:1C:63:B2:6E:F8:84:F6:85:51:8B:7B:22:6D
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/c69pACbqHBxjsm74hPaFUYt7Im0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.104.0/24
185.192.16.0/24
193.19.108.0/24
194.242.2.0/24
Signature Algorithm: sha256WithRSAEncryption
10:37:cb:e1:20:57:08:3a:55:d9:6a:f6:27:51:c8:fa:91:0f:
4c:95:e4:10:0f:12:aa:8d:63:c7:f6:d3:5b:b6:67:5d:ce:b4:
be:e8:0d:02:9d:92:44:66:59:75:07:bc:89:05:b7:90:4a:1e:
cd:c3:f4:64:0f:4a:b5:6d:f7:47:2e:c7:88:ae:11:88:8f:bd:
20:dd:3b:36:5c:44:71:92:c0:a5:fd:ca:6b:4e:7b:dd:e8:5d:
9e:b4:93:21:03:36:de:21:78:6f:c2:dd:72:6b:ae:46:70:40:
7a:65:84:03:44:27:f0:eb:6d:b3:3d:70:c1:e6:2b:30:da:fe:
0e:a1:3b:0e:c2:56:8a:97:28:14:69:50:79:ee:54:f7:32:a1:
e1:0c:37:71:ef:bf:92:32:0b:b6:3f:81:34:d5:18:17:6a:d1:
71:5a:53:47:2f:dc:7a:42:c3:75:0e:b0:f5:bd:78:e0:ff:95:
4a:f6:a9:05:0c:5c:6a:aa:a3:88:2d:95:02:12:c6:fb:3d:a7:
b7:be:56:f4:f1:e3:34:10:71:ed:32:0d:a2:42:ae:94:70:71:
dd:0d:01:38:6e:e6:91:2f:57:b8:e5:40:d3:5f:f4:7f:27:76:
32:11:c0:4e:ee:e5:19:fb:9f:75:cf:c4:5d:31:e3:1d:77:b3:
5a:0d:99:a0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYobnY9vsyvyxKhtnpnfhlHlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwODIyMDUwMDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2FmNjkwMDI2ZWExYzFjNjNiMjZlZjg4NGY2ODU1MThiN2IyMjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkW09+Soxurd8+V1zDAxbjlXPXCkE
0auHnm9PjyK9gWCsVO8Exp9wHVPVql0H2t+pbv+t9AObCEJHkTbmy/FG8mnn0KhT
AMb+r1qi4PjyxWeXTY/dBAjlDTsUO2zLxw5lKpgEU8AASwm4aGkfgap6WDJ5l4E5
poeWlTbDLaU33h9ZotS6sluHCv64EEodkwJxa19Y9IKwNkqVm9tlrR//TIPaD0Uw
4paXtAdF+nUENHok8foTjGAsqJ5S6YBBbuByzfVAoj8RqFUGvVvcV5JxoYKpGZIX
RVy5pa8bJ2iTGIKsGVy8ee5we+aNC6hycN5n+TxZcYOK/9zoeH+y6kPl0wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHOvaQAm6hwcY7Ju+IT2hVGLeyJtMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvYzY5cEFDYnFIQnhqc203NGhQYUZVWXQ3SW0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVVoAwQA
ucAQAwQAwRNsAwQAwvICMA0GCSqGSIb3DQEBCwUAA4IBAQAQN8vhIFcIOlXZavYn
Ucj6kQ9MleQQDxKqjWPH9tNbtmddzrS+6A0CnZJEZll1B7yJBbeQSh7Nw/RkD0q1
bfdHLseIrhGIj70g3Ts2XERxksCl/cprTnvd6F2etJMhAzbeIXhvwt1ya65GcEB6
ZYQDRCfw622zPXDB5isw2v4OoTsOwlaKlygUaVB57lT3MqHhDDdx77+SMgu2P4E0
1RgXatFxWlNHL9x6QsN1DrD1vXjg/5VK9qkFDFxqqqOILZUCEsb7Pae3vlb08eM0
EHHtMg2iQq6UcHHdDQE4buaRL1e45UDTX/R/J3YyEcBO7uUZ+591z8RdMeMdd7Na
DZmg
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:18 2024 by rpki-client on console-ams.rpki-client.org