Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/cbD5oVpJ7AqmrpzEwROTE4fGyVY.roa
File: cbD5oVpJ7AqmrpzEwROTE4fGyVY.roa (raw, json)
Hash identifier: bayCiKSNS+jrg6aI5n/pmLb8qj2oHxAKuPnSxGxavNc=
Subject key identifier: 71:B0:F9:A1:5A:49:EC:0A:A6:AE:9C:C4:C1:13:93:13:87:C6:C9:56
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018F7287AEECECE787F706C1B2BA396808F0
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/cbD5oVpJ7AqmrpzEwROTE4fGyVY.roa
Signing time: Mon 13 May 2024 15:17:25 +0000
ROA not before: Mon 13 May 2024 15:17:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 178.239.205.0/24 maxlen: 24
203.0.8.0/24 maxlen: 24
203.0.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 23 Jun 2024 08:17:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:72:87:ae:ec:ec:e7:87:f7:06:c1:b2:ba:39:68:08:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 13 15:17:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71b0f9a15a49ec0aa6ae9cc4c113931387c6c956
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:7c:cf:79:24:a5:6e:8a:8b:07:9d:a0:9c:23:
68:76:15:50:1f:7a:5e:e3:13:2b:0c:d0:19:bc:d3:
a7:18:c4:18:ed:77:d6:8d:0f:e9:c4:6c:25:71:07:
8f:de:8a:3a:e4:07:ab:8d:f3:60:47:84:df:35:e2:
49:22:4f:9d:1e:e6:57:bd:48:f9:9e:3b:c0:f6:14:
06:4e:03:6e:f4:d0:a9:2c:2f:ce:a4:b3:ba:fd:22:
d3:bb:bb:21:cf:e4:f7:27:d7:69:f6:ca:5d:ba:49:
1c:2d:7a:8e:43:60:dc:9d:5e:ad:d7:45:34:9a:0f:
a7:ae:01:9b:ec:23:8b:70:32:86:93:01:e2:58:73:
7f:54:24:e8:0e:80:0e:9f:4e:31:6c:31:0b:6d:18:
ee:bd:e1:87:63:e3:0f:9b:d1:15:d0:b0:06:f7:b0:
c4:6b:26:67:e2:8f:56:52:60:3b:63:0d:7c:ee:c8:
a3:88:e0:b6:4d:74:2a:60:95:ec:a8:ce:d9:7a:fa:
78:da:0f:d1:f4:0e:59:76:54:8e:66:07:6a:49:a8:
e0:27:57:cb:fb:ee:98:a6:52:8c:fb:29:3d:3b:8a:
03:78:b0:22:03:76:df:38:b2:2a:d4:00:54:b5:3b:
d9:1d:85:f1:1e:cb:02:22:cc:aa:d1:06:30:f7:44:
f2:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:B0:F9:A1:5A:49:EC:0A:A6:AE:9C:C4:C1:13:93:13:87:C6:C9:56
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/cbD5oVpJ7AqmrpzEwROTE4fGyVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.205.0/24
203.0.8.0/23
Signature Algorithm: sha256WithRSAEncryption
46:bc:ee:90:a8:89:99:ce:a5:95:95:18:94:26:39:1b:7e:62:
2a:50:80:de:a1:9e:e4:41:ee:e7:03:14:8b:af:5a:b8:50:bd:
96:5b:a9:c4:19:36:ed:c2:03:24:d9:e6:f8:f5:5d:f4:31:63:
62:82:f5:25:29:08:14:01:4b:49:f6:39:be:66:a3:37:1b:07:
ba:ae:33:b6:85:3c:28:f8:86:0c:05:bf:dc:03:6f:46:a5:2b:
61:5d:34:10:57:16:12:7b:78:2a:4d:88:18:67:29:85:60:62:
47:e7:45:2d:45:f6:eb:f7:b0:78:32:49:3d:1d:a7:1f:03:3f:
3c:73:fa:bc:61:86:ed:b2:79:f8:de:61:67:90:6e:9d:b2:cf:
d8:76:1d:5c:ff:3c:b1:67:66:1a:f1:16:23:15:fc:e1:30:2d:
d5:75:c8:a8:5e:92:e9:f1:a9:77:c0:a3:1a:7f:c2:1c:62:92:
2f:e8:b0:b6:04:d7:d4:1b:be:f6:88:2f:23:2c:9a:58:a5:24:
79:0e:a2:b1:92:2e:ed:9a:00:87:e4:93:13:e2:15:31:22:1d:
1e:14:91:2d:19:d9:60:d5:1e:74:e8:ca:1d:ba:10:79:b0:6a:
8b:e2:d4:3a:12:5e:e3:f6:8c:fd:8f:b1:0c:7f:7f:f2:b6:f7:
b5:d3:09:b7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY9yh67s7OeH9wbBsro5aAjwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwNTEzMTUxNzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWIwZjlhMTVhNDllYzBhYTZhZTljYzRjMTEzOTMxMzg3YzZjOTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2HzPeSSlboqLB52gnCNodhVQH3pe
4xMrDNAZvNOnGMQY7XfWjQ/pxGwlcQeP3oo65AerjfNgR4TfNeJJIk+dHuZXvUj5
njvA9hQGTgNu9NCpLC/OpLO6/SLTu7shz+T3J9dp9spdukkcLXqOQ2DcnV6t10U0
mg+nrgGb7COLcDKGkwHiWHN/VCToDoAOn04xbDELbRjuveGHY+MPm9EV0LAG97DE
ayZn4o9WUmA7Yw187sijiOC2TXQqYJXsqM7Zevp42g/R9A5ZdlSOZgdqSajgJ1fL
++6YplKM+yk9O4oDeLAiA3bfOLIq1ABUtTvZHYXxHssCIsyq0QYw90Ty+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHGw+aFaSewKpq6cxMETkxOHxslWMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvY2JENW9WcEo3QXFtcnB6RXdST1RFNGZHeVZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsu/NAwQB
ywAIMA0GCSqGSIb3DQEBCwUAA4IBAQBGvO6QqImZzqWVlRiUJjkbfmIqUIDeoZ7k
Qe7nAxSLr1q4UL2WW6nEGTbtwgMk2eb49V30MWNigvUlKQgUAUtJ9jm+ZqM3Gwe6
rjO2hTwo+IYMBb/cA29GpSthXTQQVxYSe3gqTYgYZymFYGJH50UtRfbr97B4Mkk9
HacfAz88c/q8YYbtsnn43mFnkG6dss/Ydh1c/zyxZ2Ya8RYjFfzhMC3VdcioXpLp
8al3wKMaf8IcYpIv6LC2BNfUG772iC8jLJpYpSR5DqKxki7tmgCH5JMT4hUxIh0e
FJEtGdlg1R506ModuhB5sGqL4tQ6El7j9oz9j7EMf3/ytve10wm3
-----END CERTIFICATE-----
Generated at Sun Jun 23 09:06:06 2024 by rpki-client on console-fra.rpki-client.org