Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/h0EmpIAvD1NfPsdGABB-IC6xvPg.roa
File: h0EmpIAvD1NfPsdGABB-IC6xvPg.roa (raw, json)
Hash identifier: qWsFRy7QmZX3KC/9D2y9/XOamGVMyThgo7E4KxjDLFE=
Subject key identifier: 87:41:26:A4:80:2F:0F:53:5F:3E:C7:46:00:10:7E:20:2E:B1:BC:F8
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0188A4AC8F4715F090F5990AEFF2CAEABEE0
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/h0EmpIAvD1NfPsdGABB-IC6xvPg.roa
Signing time: Sat 10 Jun 2023 09:39:12 +0000
ROA not before: Sat 10 Jun 2023 09:39:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3507
IP address blocks: 193.23.130.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
93.115.109.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Jul 2023 12:55:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a4:ac:8f:47:15:f0:90:f5:99:0a:ef:f2:ca:ea:be:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jun 10 09:39:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=874126a4802f0f535f3ec74600107e202eb1bcf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5b:28:01:b6:35:6e:e1:94:85:fa:3a:d3:18:
ed:7d:6c:41:51:f9:ea:66:6c:0c:d9:2e:4d:53:d5:
6f:1c:f0:85:8e:c1:8d:35:b2:9b:ac:1e:fe:eb:c5:
b6:1f:d1:ca:08:3e:ad:cc:46:7b:f3:a0:68:57:6b:
12:8e:17:c6:16:24:0b:a8:34:62:d5:b5:15:88:37:
c3:2a:50:e8:24:ac:45:01:c5:95:03:b7:ac:35:c5:
33:6a:80:b8:40:20:e6:6b:47:90:81:6b:25:02:cc:
a9:af:65:8f:cb:bd:4d:68:6e:a9:a5:c1:db:e0:30:
44:d5:4e:4f:1f:e4:2d:0b:69:11:ef:ba:6a:af:2a:
59:cf:5c:3e:54:74:f3:d1:72:78:e7:9e:15:91:c5:
09:66:d6:38:83:c9:7e:6e:20:ab:27:f8:af:f6:ef:
f3:fa:8c:f7:55:5b:60:76:0f:33:45:cd:da:c5:5c:
f3:e4:98:b7:f7:f0:46:e1:dd:62:31:f4:17:60:3d:
58:25:91:70:13:76:08:a4:b1:14:f8:5e:4b:e5:3e:
51:91:78:7a:7b:f1:8b:fe:9e:bd:0d:55:b8:19:9e:
8c:3b:ea:ee:2b:2d:5e:89:16:bb:23:c1:24:71:b1:
06:a4:68:f7:4e:ee:ff:3b:bb:73:f8:1b:63:d6:97:
67:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:41:26:A4:80:2F:0F:53:5F:3E:C7:46:00:10:7E:20:2E:B1:BC:F8
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/h0EmpIAvD1NfPsdGABB-IC6xvPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.84.0/24
93.115.109.0/24
188.240.232.0/24
193.23.130.0/24
Signature Algorithm: sha256WithRSAEncryption
43:86:98:12:fb:82:c6:cd:14:42:e6:fb:3e:5b:ab:2e:cb:8a:
62:3b:79:1d:96:e5:4f:90:ed:7f:6f:a4:f0:6c:8f:35:5b:bd:
ce:34:50:22:da:b6:44:93:3c:4c:bf:1e:29:a5:8b:6f:27:9f:
dd:94:ff:c6:84:5a:d1:5b:9b:96:40:45:c9:60:6b:2a:99:d8:
e5:c4:d2:9d:23:aa:3e:10:9e:7d:63:26:e2:ba:e9:11:1b:32:
c1:eb:70:25:4e:e4:b9:7f:e6:40:f8:2f:7c:a2:76:9d:00:6e:
1f:43:a0:16:72:01:b7:31:a1:13:88:99:f8:2d:53:c9:a1:26:
cf:1f:4a:86:7f:a0:7d:6d:46:36:ef:89:19:08:a6:db:7a:54:
8a:ff:9d:d4:59:8b:7b:44:fd:38:1f:b3:63:50:be:e1:88:84:
ec:4a:ec:66:18:84:c1:03:0b:a2:12:ce:fd:3c:75:0b:28:8e:
70:57:a7:eb:53:df:27:cb:a0:b7:1c:68:a7:62:ed:1f:d5:6e:
ef:05:0f:d4:a6:88:84:be:45:24:1e:1c:53:e7:ef:f2:ec:31:
d5:d8:e6:e1:bf:70:ed:02:2f:0c:dc:7a:ad:7d:1a:77:73:db:
a9:e8:2b:26:64:01:14:b3:de:28:a0:68:2e:12:31:6f:12:07:
88:3b:11:3c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYikrI9HFfCQ9ZkK7/LK6r7gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNjEwMDkzOTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzQxMjZhNDgwMmYwZjUzNWYzZWM3NDYwMDEwN2UyMDJlYjFiY2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFsoAbY1buGUhfo60xjtfWxBUfnq
ZmwM2S5NU9VvHPCFjsGNNbKbrB7+68W2H9HKCD6tzEZ786BoV2sSjhfGFiQLqDRi
1bUViDfDKlDoJKxFAcWVA7esNcUzaoC4QCDma0eQgWslAsypr2WPy71NaG6ppcHb
4DBE1U5PH+QtC2kR77pqrypZz1w+VHTz0XJ4554VkcUJZtY4g8l+biCrJ/iv9u/z
+oz3VVtgdg8zRc3axVzz5Ji39/BG4d1iMfQXYD1YJZFwE3YIpLEU+F5L5T5RkXh6
e/GL/p69DVW4GZ6MO+ruKy1eiRa7I8EkcbEGpGj3Tu7/O7tz+Btj1pdn5QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIdBJqSALw9TXz7HRgAQfiAusbz4MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvaDBFbXBJQXZEMU5mUHNkR0FCQi1JQzZ4dlBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWSFUAwQA
XXNtAwQAvPDoAwQAwReCMA0GCSqGSIb3DQEBCwUAA4IBAQBDhpgS+4LGzRRC5vs+
W6suy4piO3kdluVPkO1/b6TwbI81W73ONFAi2rZEkzxMvx4ppYtvJ5/dlP/GhFrR
W5uWQEXJYGsqmdjlxNKdI6o+EJ59YybiuukRGzLB63AlTuS5f+ZA+C98onadAG4f
Q6AWcgG3MaETiJn4LVPJoSbPH0qGf6B9bUY274kZCKbbelSK/53UWYt7RP04H7Nj
UL7hiITsSuxmGITBAwuiEs79PHULKI5wV6frU98ny6C3HGinYu0f1W7vBQ/UpoiE
vkUkHhxT5+/y7DHV2Obhv3DtAi8M3HqtfRp3c9up6CsmZAEUs94ooGguEjFvEgeI
OxE8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:12 2024 by rpki-client on console-ams.rpki-client.org