Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/fjAc-qfU036UxmDI9XIh_K8ePcs.roa
File: fjAc-qfU036UxmDI9XIh_K8ePcs.roa (raw, json)
Hash identifier: 7HEG/Dag8ECDs4KqM+YNJx4Ydzi8LF2xYhmwREDxzkg=
Subject key identifier: 7E:30:1C:FA:A7:D4:D3:7E:94:C6:60:C8:F5:72:21:FC:AF:1E:3D:CB
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0186321FC638BFDA125D1A87349F063C07FC
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/fjAc-qfU036UxmDI9XIh_K8ePcs.roa
Signing time: Wed 08 Feb 2023 17:43:08 +0000
ROA not before: Wed 08 Feb 2023 17:43:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 188.212.133.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.95.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
94.176.110.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
188.214.208.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Feb 2023 13:37:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:32:1f:c6:38:bf:da:12:5d:1a:87:34:9f:06:3c:07:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 8 17:43:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e301cfaa7d4d37e94c660c8f57221fcaf1e3dcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:9d:11:23:1a:24:85:6f:ed:58:af:cf:a1:f7:
24:76:73:87:99:4d:64:e2:1f:9a:5d:cb:18:79:40:
be:f6:ba:d2:28:ac:14:51:2f:3f:33:e2:ef:9e:76:
dd:7a:f4:56:66:7b:48:87:ed:ed:e6:e6:ba:58:12:
3b:8c:5c:ba:cb:63:5a:9b:a3:2c:1e:e2:49:fb:56:
39:15:35:1c:69:76:8a:c5:d6:2e:8b:72:2c:ee:9b:
19:fb:bc:6f:c1:8a:9d:6b:10:4a:1d:f5:5e:96:04:
25:d8:f3:78:37:a2:00:36:62:91:1c:c5:86:56:e4:
35:2f:20:69:a9:d9:b2:f1:18:e5:d4:58:ee:de:4f:
a8:0f:7a:08:73:f2:85:c2:ed:ca:4d:6d:30:9c:ba:
9e:c1:40:8f:3a:33:fa:dd:2f:09:63:38:a5:e1:3e:
20:f3:b8:f2:4b:51:ab:78:e9:37:f1:5e:97:a5:13:
41:2f:95:a4:f4:09:1a:8e:c3:39:62:bd:b9:1c:28:
2c:f0:8b:c2:60:0c:11:4f:12:c9:cf:32:19:d5:33:
e4:6a:e4:1d:b1:ae:6b:0f:12:71:24:e1:85:71:5c:
10:41:32:1d:72:0d:06:6b:70:7d:68:94:7b:9e:1e:
f1:ed:ab:fa:78:45:da:99:e7:c7:39:bf:b6:b6:d3:
ea:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:30:1C:FA:A7:D4:D3:7E:94:C6:60:C8:F5:72:21:FC:AF:1E:3D:CB
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/fjAc-qfU036UxmDI9XIh_K8ePcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.207.0/24
94.176.110.0/24
185.238.10.0/24
185.255.168.0/24
188.212.133.0/24
188.212.159.0/24
188.213.202.0/24
188.214.208.0/23
213.232.93.0/24
213.232.95.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:c7:33:b2:45:2f:38:87:8d:ce:b9:00:c5:43:a9:0c:45:3a:
a6:30:c9:44:b9:31:6e:35:7a:21:cd:33:f4:18:13:d6:3a:44:
1f:17:c5:62:c0:d7:c4:32:13:a8:5d:b5:ad:05:08:f6:ec:14:
25:0c:9f:d8:76:a9:f6:ae:44:68:24:f8:72:c7:b3:7b:09:92:
11:c6:31:d3:90:60:6e:dc:56:24:93:3f:d7:5b:aa:7b:ca:11:
a0:8f:08:d9:8e:f3:89:b2:62:10:42:22:ae:b6:23:49:43:11:
1a:a0:83:16:02:a0:b3:64:e5:23:f9:4f:03:43:45:f6:96:87:
16:ae:3e:84:24:f2:73:a4:51:3f:5a:b2:c0:94:e8:ca:44:42:
21:d2:51:a4:f1:17:e8:f9:55:19:7f:c1:89:7c:72:ee:05:fe:
bb:f3:23:70:97:43:f7:e6:df:77:2f:d1:f8:8f:b7:cd:ff:ea:
f8:c1:2e:20:4e:9f:3a:c7:f2:7e:18:51:04:18:75:10:4c:3c:
9c:94:bc:dd:0a:36:11:1b:12:46:38:64:0c:ca:c2:97:45:bd:
89:7b:8c:57:a3:f2:cf:bd:ec:f0:5a:10:27:9c:be:e8:ee:49:
9a:c6:d7:ef:1e:93:4e:cd:ae:e3:f5:9d:6d:74:04:cf:71:85:
15:90:94:5e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYYyH8Y4v9oSXRqHNJ8GPAf8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjA4MTc0MzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTMwMWNmYWE3ZDRkMzdlOTRjNjYwYzhmNTcyMjFmY2FmMWUzZGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZ0RIxokhW/tWK/PofckdnOHmU1k
4h+aXcsYeUC+9rrSKKwUUS8/M+LvnnbdevRWZntIh+3t5ua6WBI7jFy6y2Nam6Ms
HuJJ+1Y5FTUcaXaKxdYui3Is7psZ+7xvwYqdaxBKHfVelgQl2PN4N6IANmKRHMWG
VuQ1LyBpqdmy8Rjl1Fju3k+oD3oIc/KFwu3KTW0wnLqewUCPOjP63S8JYzil4T4g
87jyS1GreOk38V6XpRNBL5Wk9AkajsM5Yr25HCgs8IvCYAwRTxLJzzIZ1TPkauQd
sa5rDxJxJOGFcVwQQTIdcg0Ga3B9aJR7nh7x7av6eEXamefHOb+2ttPq2wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFH4wHPqn1NN+lMZgyPVyIfyvHj3LMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvZmpBYy1xZlUwMzZVeG1ESTlYSWhfSzhlUGNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAW7zPAwQA
XrBuAwQAue4KAwQAuf+oAwQAvNSFAwQAvNSfAwQAvNXKAwQBvNbQAwQA1ehdAwQA
1ehfMA0GCSqGSIb3DQEBCwUAA4IBAQAqxzOyRS84h43OuQDFQ6kMRTqmMMlEuTFu
NXohzTP0GBPWOkQfF8ViwNfEMhOoXbWtBQj27BQlDJ/Ydqn2rkRoJPhyx7N7CZIR
xjHTkGBu3FYkkz/XW6p7yhGgjwjZjvOJsmIQQiKutiNJQxEaoIMWAqCzZOUj+U8D
Q0X2locWrj6EJPJzpFE/WrLAlOjKREIh0lGk8Rfo+VUZf8GJfHLuBf678yNwl0P3
5t93L9H4j7fN/+r4wS4gTp86x/J+GFEEGHUQTDyclLzdCjYRGxJGOGQMysKXRb2J
e4xXo/LPvezwWhAnnL7o7kmaxtfvHpNOza7j9Z1tdATPcYUVkJRe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:47 2024 by rpki-client on console-fra.rpki-client.org