Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/fkIQk1MRTp-BKhzXHrCO1RaugRU.roa
File: fkIQk1MRTp-BKhzXHrCO1RaugRU.roa (raw, json)
Hash identifier: GMVZewZ0q+JZnzNn87J08mZLYcUiN0HUbutZymvSFd0=
Subject key identifier: 7E:42:10:93:53:11:4E:9F:81:2A:1C:D7:1E:B0:8E:D5:16:AE:81:15
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018721ED3B89A681215FD4F0DADAD6BF71C8
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/fkIQk1MRTp-BKhzXHrCO1RaugRU.roa
Signing time: Mon 27 Mar 2023 07:16:47 +0000
ROA not before: Mon 27 Mar 2023 07:16:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 93.115.255.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.95.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
62.197.135.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
188.214.208.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:21:ed:3b:89:a6:81:21:5f:d4:f0:da:da:d6:bf:71:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 27 07:16:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e42109353114e9f812a1cd71eb08ed516ae8115
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:18:8c:60:71:a1:d9:42:0c:a3:d0:23:f1:c7:
75:19:fe:e4:34:0f:cd:ea:b1:a9:73:81:6f:bd:25:
26:a6:4b:3f:91:59:b7:be:09:dc:49:b3:5e:d1:d9:
ec:c3:d9:6a:ea:fe:5e:ae:48:6e:2b:2d:4e:c1:ca:
04:ea:da:c5:e3:88:09:f3:7e:ee:97:22:a7:9a:ae:
aa:2e:f9:01:75:cf:2b:e8:e1:7c:d4:19:b2:da:98:
0a:95:43:68:3a:98:bb:55:b6:c9:b6:02:a9:2d:2e:
09:6f:09:8d:1f:62:21:5a:ab:7e:72:06:c0:20:9b:
49:ad:47:40:e6:93:39:6f:a0:7e:f8:8b:ac:8f:79:
86:c2:ab:7c:e8:69:18:86:39:2f:e8:61:fd:03:de:
da:f8:3c:0a:50:ef:f1:22:3a:35:f7:9b:d9:db:bf:
33:6a:f0:5a:98:af:64:da:f9:44:64:eb:8c:98:a4:
05:fc:cc:41:b0:07:8d:fb:d0:f5:62:14:79:2e:9f:
2b:41:fc:ea:9b:57:b0:8d:c6:e9:57:2b:5f:72:97:
a2:de:75:c3:cd:6e:ae:a0:ec:d5:90:88:05:01:70:
5e:ac:0d:03:7a:dc:49:df:ac:6b:2b:ff:b0:9f:e4:
8c:82:e1:e0:88:14:97:84:d8:59:e4:57:ce:a0:01:
37:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:42:10:93:53:11:4E:9F:81:2A:1C:D7:1E:B0:8E:D5:16:AE:81:15
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/fkIQk1MRTp-BKhzXHrCO1RaugRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.197.135.0/24
93.115.255.0/24
188.212.159.0/24
188.213.202.0/24
188.214.208.0/23
213.232.93.0/24
213.232.95.0/24
Signature Algorithm: sha256WithRSAEncryption
37:9b:47:ea:ca:72:3f:2f:e8:e4:14:7f:64:6b:7b:1e:36:c7:
8a:88:0c:6d:8d:1b:ef:2e:d8:b4:b1:44:f6:14:fa:0b:b3:67:
b1:65:b9:fe:9d:11:c6:9a:e1:77:65:29:71:cf:57:0a:b8:13:
f1:50:b0:de:28:d6:c5:ce:76:12:34:84:e8:9f:06:89:d5:19:
dc:de:9a:75:35:ea:11:d2:bf:b5:4f:22:e7:8b:d5:23:f3:b1:
ae:7f:d9:15:ec:a9:8c:22:ef:a7:a6:11:c5:72:08:b4:91:e0:
f5:12:fa:9c:90:7b:a5:ec:59:22:35:67:f8:38:c8:24:4e:e6:
eb:c2:43:5a:a0:f3:1b:7d:ef:3f:35:6c:26:17:dc:5f:a3:40:
e6:49:f7:2f:7d:ac:97:64:fe:4e:cf:d6:da:14:10:b7:1e:20:
6a:52:1c:f8:a0:da:12:bf:b5:44:c0:7e:06:90:7e:aa:28:86:
06:11:91:1e:6a:ed:e0:8f:9b:b1:a4:44:98:37:08:ae:ef:39:
93:1d:de:13:97:8d:ba:06:ab:c9:42:79:7f:6d:61:ad:c2:99:
d9:e0:06:58:6a:db:5d:5b:d0:13:73:b6:a4:44:49:ed:b2:52:
66:9d:21:bc:40:9a:7d:01:33:f3:fc:af:8d:06:11:a8:66:fa:
4a:14:aa:6f
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYch7TuJpoEhX9Tw2trWv3HIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzI3MDcxNjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTQyMTA5MzUzMTE0ZTlmODEyYTFjZDcxZWIwOGVkNTE2YWU4MTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthiMYHGh2UIMo9Aj8cd1Gf7kNA/N
6rGpc4FvvSUmpks/kVm3vgncSbNe0dnsw9lq6v5erkhuKy1OwcoE6trF44gJ837u
lyKnmq6qLvkBdc8r6OF81Bmy2pgKlUNoOpi7VbbJtgKpLS4JbwmNH2IhWqt+cgbA
IJtJrUdA5pM5b6B++Iusj3mGwqt86GkYhjkv6GH9A97a+DwKUO/xIjo195vZ278z
avBamK9k2vlEZOuMmKQF/MxBsAeN+9D1YhR5Lp8rQfzqm1ewjcbpVytfcpei3nXD
zW6uoOzVkIgFAXBerA0DetxJ36xrK/+wn+SMguHgiBSXhNhZ5FfOoAE3TwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFH5CEJNTEU6fgSoc1x6wjtUWroEVMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvZmtJUWsxTVJUcC1CS2h6WEhyQ08xUmF1Z1JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAPsWHAwQA
XXP/AwQAvNSfAwQAvNXKAwQBvNbQAwQA1ehdAwQA1ehfMA0GCSqGSIb3DQEBCwUA
A4IBAQA3m0fqynI/L+jkFH9ka3seNseKiAxtjRvvLti0sUT2FPoLs2exZbn+nRHG
muF3ZSlxz1cKuBPxULDeKNbFznYSNITonwaJ1Rnc3pp1NeoR0r+1TyLni9Uj87Gu
f9kV7KmMIu+nphHFcgi0keD1EvqckHul7FkiNWf4OMgkTubrwkNaoPMbfe8/NWwm
F9xfo0DmSfcvfayXZP5Oz9baFBC3HiBqUhz4oNoSv7VEwH4GkH6qKIYGEZEeau3g
j5uxpESYNwiu7zmTHd4Tl426BqvJQnl/bWGtwpnZ4AZYattdW9ATc7akREntslJm
nSG8QJp9ATPz/K+NBhGoZvpKFKpv
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:02 2023 by rpki-client on console-fra.rpki-client.org