Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/hY99lo_BZN-NYfLHZaBAEc8NVp0.roa
File: hY99lo_BZN-NYfLHZaBAEc8NVp0.roa (raw, json)
Hash identifier: 6IbhkcDlDvwGzUQl5OWFpEu32m3kIaQvfIB/Al2Q3n0=
Subject key identifier: 85:8F:7D:96:8F:C1:64:DF:8D:61:F2:C7:65:A0:40:11:CF:0D:56:9D
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0186568C7E3B9499EE5BA5667A1E9380C06D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/hY99lo_BZN-NYfLHZaBAEc8NVp0.roa
Signing time: Wed 15 Feb 2023 19:28:13 +0000
ROA not before: Wed 15 Feb 2023 19:28:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17447
IP address blocks: 93.115.254.0/24 maxlen: 24
188.241.248.0/24 maxlen: 24
188.241.159.0/24 maxlen: 24
193.23.131.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
89.34.126.0/24 maxlen: 24
94.176.111.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
185.238.8.0/24 maxlen: 24
185.238.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Mar 2023 16:17:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:56:8c:7e:3b:94:99:ee:5b:a5:66:7a:1e:93:80:c0:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 15 19:28:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=858f7d968fc164df8d61f2c765a04011cf0d569d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:01:6c:95:60:3a:2e:5b:f2:14:02:e5:9d:77:
6b:70:d9:85:03:3a:7e:68:45:39:ef:8c:2a:35:11:
38:e0:1e:3e:cb:8b:20:9c:d4:c8:e9:e3:4b:9d:06:
8b:43:3b:cd:8a:8c:32:97:bd:49:e5:eb:54:76:e8:
6d:85:39:80:73:ea:74:18:05:fd:97:d4:2b:d2:9d:
5e:bf:f7:29:0e:cd:5b:57:e9:5c:24:11:b2:f6:42:
ff:f9:48:98:17:df:07:9d:51:34:46:d0:9f:9f:17:
a5:10:10:c7:a3:13:27:a6:6a:aa:81:c1:9c:30:f8:
1a:f6:2c:37:96:0c:2c:64:22:35:62:51:37:ba:43:
f6:36:d1:a6:35:2e:b6:7b:58:6e:65:f5:28:f8:21:
be:b2:b8:88:85:67:1a:c6:e7:a0:9d:bb:d0:39:45:
0c:01:95:8f:75:e1:0f:fd:e0:59:66:48:0b:71:6a:
c1:c4:71:e7:c3:c9:5d:36:15:50:24:6b:cf:4f:c6:
f9:0d:06:0f:16:40:88:48:04:2e:10:39:21:aa:c8:
6b:38:2c:51:c4:1d:91:e8:f5:85:23:c0:64:06:d2:
fc:03:f8:66:b0:55:6c:85:b6:8f:ff:9d:25:be:b5:
20:57:38:66:f7:c4:5c:2e:d5:80:91:d4:f5:5f:9a:
fb:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:8F:7D:96:8F:C1:64:DF:8D:61:F2:C7:65:A0:40:11:CF:0D:56:9D
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/hY99lo_BZN-NYfLHZaBAEc8NVp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.126.0/24
93.115.254.0/24
94.176.111.0/24
185.238.8.0/24
185.238.11.0/24
188.240.224.0/24
188.241.159.0/24
188.241.248.0/24
193.23.131.0/24
213.232.92.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:cc:21:04:e8:d7:ae:42:e6:1e:e6:27:95:1e:ec:f5:bc:90:
7e:d6:00:34:7f:58:ce:f5:a6:56:c7:74:45:cb:36:f6:94:97:
8d:23:3e:27:5b:0c:a5:0a:20:c8:fd:59:fc:67:f4:c3:7e:e5:
90:a6:4f:83:ac:8f:91:e5:d2:29:13:8a:97:19:08:5a:f5:f6:
10:a9:7e:d0:b1:80:03:b1:a4:59:7f:bb:e8:4b:96:b4:f9:6d:
98:e8:a4:89:44:23:a1:84:1e:c3:bc:90:30:9d:74:3f:9a:2f:
ae:20:6d:f1:f2:d2:38:68:82:fb:d1:1c:02:60:41:ed:9a:e3:
34:27:38:05:57:de:eb:0a:49:9a:67:5d:0b:d3:e5:a9:50:26:
71:69:9d:2e:93:41:16:11:7d:d9:cb:42:17:c3:fe:fa:73:b6:
b6:32:45:c6:2b:a2:9f:0f:c2:80:ea:86:10:3d:a9:d4:4c:5a:
41:c8:87:26:6e:d2:0a:04:ff:e2:ac:6f:35:a2:f8:3f:db:c9:
3e:4b:08:6a:95:2b:60:fa:55:af:75:34:88:63:20:4f:50:bf:
59:56:cf:87:c2:44:b5:ba:26:c9:3b:b5:73:9e:84:d8:ee:6d:
4f:3a:3f:36:67:91:51:dc:3a:79:bb:0e:0b:4d:a5:7d:f1:77:
33:8e:a5:40
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYZWjH47lJnuW6Vmeh6TgMBtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjE1MTkyODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NThmN2Q5NjhmYzE2NGRmOGQ2MWYyYzc2NWEwNDAxMWNmMGQ1NjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAFslWA6LlvyFALlnXdrcNmFAzp+
aEU574wqNRE44B4+y4sgnNTI6eNLnQaLQzvNiowyl71J5etUduhthTmAc+p0GAX9
l9Qr0p1ev/cpDs1bV+lcJBGy9kL/+UiYF98HnVE0RtCfnxelEBDHoxMnpmqqgcGc
MPga9iw3lgwsZCI1YlE3ukP2NtGmNS62e1huZfUo+CG+sriIhWcaxuegnbvQOUUM
AZWPdeEP/eBZZkgLcWrBxHHnw8ldNhVQJGvPT8b5DQYPFkCISAQuEDkhqshrOCxR
xB2R6PWFI8BkBtL8A/hmsFVshbaP/50lvrUgVzhm98RcLtWAkdT1X5r7OwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFIWPfZaPwWTfjWHyx2WgQBHPDVadMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvaFk5OWxvX0JaTi1OWWZMSFphQkFFYzhOVnAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAWSJ+AwQA
XXP+AwQAXrBvAwQAue4IAwQAue4LAwQAvPDgAwQAvPGfAwQAvPH4AwQAwReDAwQA
1ehcMA0GCSqGSIb3DQEBCwUAA4IBAQB8zCEE6NeuQuYe5ieVHuz1vJB+1gA0f1jO
9aZWx3RFyzb2lJeNIz4nWwylCiDI/Vn8Z/TDfuWQpk+DrI+R5dIpE4qXGQha9fYQ
qX7QsYADsaRZf7voS5a0+W2Y6KSJRCOhhB7DvJAwnXQ/mi+uIG3x8tI4aIL70RwC
YEHtmuM0JzgFV97rCkmaZ10L0+WpUCZxaZ0uk0EWEX3Zy0IXw/76c7a2MkXGK6Kf
D8KA6oYQPanUTFpByIcmbtIKBP/irG81ovg/28k+SwhqlStg+lWvdTSIYyBPUL9Z
Vs+HwkS1uibJO7VznoTY7m1POj82Z5FR3Dp5uw4LTaV98XczjqVA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:12 2024 by rpki-client on console-ams.rpki-client.org