Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/g_0zijGqXKRE3ajc96QHov_m9bQ.roa
File: g_0zijGqXKRE3ajc96QHov_m9bQ.roa (raw, json)
Hash identifier: PBxqycgcIuO0WWHXgSbvfsrbhBC3MbMzXVSojdcQj+4=
Subject key identifier: 83:FD:33:8A:31:AA:5C:A4:44:DD:A8:DC:F7:A4:07:A2:FF:E6:F5:B4
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018691FC97696634998BF9226B2D9AFE18B8
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/g_0zijGqXKRE3ajc96QHov_m9bQ.roa
Signing time: Mon 27 Feb 2023 08:28:15 +0000
ROA not before: Mon 27 Feb 2023 08:28:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 93.115.255.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.95.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
94.176.110.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
188.214.208.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:91:fc:97:69:66:34:99:8b:f9:22:6b:2d:9a:fe:18:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 27 08:28:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83fd338a31aa5ca444dda8dcf7a407a2ffe6f5b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:b7:c1:bf:6d:57:f2:01:21:3b:43:2e:b8:65:
c9:33:d8:7d:f4:17:e9:88:39:56:13:f6:dd:36:34:
c8:6c:17:9d:ec:8f:e9:b7:49:df:5a:87:48:1d:d5:
f0:b7:21:20:67:c2:60:51:d4:a4:82:b4:d9:8e:3d:
6a:2e:c0:d0:a4:89:03:e7:8a:41:a6:b0:54:92:32:
57:3a:d8:46:93:9c:af:b7:01:e8:67:a1:1a:52:83:
4f:c0:3c:6d:36:c3:92:ab:7d:db:65:89:70:d9:98:
d6:4b:92:71:45:8e:62:f4:f5:db:93:38:b4:d4:d3:
e6:b4:ed:69:e0:91:57:65:05:73:88:72:eb:23:3f:
38:36:c2:ee:6e:be:37:33:86:4c:0c:0f:9b:f6:d2:
96:4d:39:87:fb:94:21:dc:8d:04:ef:8e:31:58:98:
69:e9:e7:ff:23:d2:7d:26:d2:64:c2:a1:31:f8:9d:
01:5e:67:51:65:61:cc:34:33:3b:83:3a:c2:1d:50:
03:69:68:0d:fc:90:e5:7f:28:f1:fd:11:9c:2e:fc:
7d:45:ca:35:38:70:35:bd:93:35:79:a1:d1:1f:14:
c5:a4:ca:3b:5b:43:c5:01:74:52:11:82:18:20:a3:
af:87:d1:18:e7:23:98:9c:5e:64:43:52:75:07:af:
8f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:FD:33:8A:31:AA:5C:A4:44:DD:A8:DC:F7:A4:07:A2:FF:E6:F5:B4
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/g_0zijGqXKRE3ajc96QHov_m9bQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.207.0/24
93.115.255.0/24
94.176.110.0/24
185.255.168.0/24
188.212.132.0/23
188.212.159.0/24
188.213.202.0/24
188.214.208.0/23
213.232.93.0/24
213.232.95.0/24
Signature Algorithm: sha256WithRSAEncryption
20:f0:24:1f:08:f0:60:0e:79:a2:b4:4c:10:16:31:aa:bb:fb:
dc:ed:82:fb:b3:05:1c:ef:64:9c:8c:b0:82:63:94:f9:5f:86:
56:7b:32:a0:72:ef:5d:98:b1:4b:f8:f6:52:db:22:12:91:87:
7d:32:5d:67:b0:bd:64:76:54:72:61:05:7d:c2:b5:60:e6:1c:
1d:84:48:90:56:e9:3d:ad:f4:ca:62:22:05:a4:80:d3:df:5f:
de:2c:07:7c:e1:4f:62:97:11:a5:17:f1:98:73:d6:79:b2:25:
e2:f1:44:af:6e:3b:6a:dd:0d:3b:56:a2:63:06:40:c2:5b:fa:
93:92:57:51:e4:69:7e:f3:5c:d4:49:f5:45:b3:5c:04:e5:ef:
39:9e:a0:c1:5c:b0:4d:b1:f8:f6:5f:ee:79:e5:58:c3:df:83:
70:ce:2d:79:2a:8f:82:26:cc:c0:97:48:3e:af:8e:d2:47:2c:
09:c4:9c:19:53:9e:cc:ec:1f:2d:e2:e4:3b:9b:f6:87:f9:07:
db:d3:d9:2d:53:7a:21:84:b6:d4:19:29:5b:7c:6e:3e:46:81:
97:5f:dc:4e:b3:4b:e3:89:dc:54:80:28:30:48:74:92:2b:44:
54:93:f0:bb:94:3e:aa:5d:bb:46:22:6f:dc:59:e3:cd:0d:e9:
a0:28:e4:12
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYaR/JdpZjSZi/kiay2a/hi4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjI3MDgyODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2ZkMzM4YTMxYWE1Y2E0NDRkZGE4ZGNmN2E0MDdhMmZmZTZmNWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLfBv21X8gEhO0MuuGXJM9h99Bfp
iDlWE/bdNjTIbBed7I/pt0nfWodIHdXwtyEgZ8JgUdSkgrTZjj1qLsDQpIkD54pB
prBUkjJXOthGk5yvtwHoZ6EaUoNPwDxtNsOSq33bZYlw2ZjWS5JxRY5i9PXbkzi0
1NPmtO1p4JFXZQVziHLrIz84NsLubr43M4ZMDA+b9tKWTTmH+5Qh3I0E744xWJhp
6ef/I9J9JtJkwqEx+J0BXmdRZWHMNDM7gzrCHVADaWgN/JDlfyjx/RGcLvx9Rco1
OHA1vZM1eaHRHxTFpMo7W0PFAXRSEYIYIKOvh9EY5yOYnF5kQ1J1B6+PdwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFIP9M4oxqlykRN2o3PekB6L/5vW0MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvZ18wemlqR3FYS1JFM2FqYzk2UUhvdl9tOWJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAW7zPAwQA
XXP/AwQAXrBuAwQAuf+oAwQBvNSEAwQAvNSfAwQAvNXKAwQBvNbQAwQA1ehdAwQA
1ehfMA0GCSqGSIb3DQEBCwUAA4IBAQAg8CQfCPBgDnmitEwQFjGqu/vc7YL7swUc
72ScjLCCY5T5X4ZWezKgcu9dmLFL+PZS2yISkYd9Ml1nsL1kdlRyYQV9wrVg5hwd
hEiQVuk9rfTKYiIFpIDT31/eLAd84U9ilxGlF/GYc9Z5siXi8USvbjtq3Q07VqJj
BkDCW/qTkldR5Gl+81zUSfVFs1wE5e85nqDBXLBNsfj2X+555VjD34Nwzi15Ko+C
JszAl0g+r47SRywJxJwZU57M7B8t4uQ7m/aH+Qfb09ktU3ohhLbUGSlbfG4+RoGX
X9xOs0vjidxUgCgwSHSSK0RUk/C7lD6qXbtGIm/cWePNDemgKOQS
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:02 2023 by rpki-client on console-fra.rpki-client.org