Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/h_WyK-4QBh6tsxhZ5bTsfjBRyn0.roa
File: h_WyK-4QBh6tsxhZ5bTsfjBRyn0.roa (raw, json)
Hash identifier: FtUAgZFtGe7QtLU8SMmSPf8V1BWyVTIc8StB5tJbgR8=
Subject key identifier: 87:F5:B2:2B:EE:10:06:1E:AD:B3:18:59:E5:B4:EC:7E:30:51:CA:7D
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018736409325958890BBAEC73B3C8BDB3ECD
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/h_WyK-4QBh6tsxhZ5bTsfjBRyn0.roa
Signing time: Fri 31 Mar 2023 06:00:14 +0000
ROA not before: Fri 31 Mar 2023 06:00:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38337
IP address blocks: 92.114.85.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
45.156.159.0/24 maxlen: 24
188.240.230.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:36:40:93:25:95:88:90:bb:ae:c7:3b:3c:8b:db:3e:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 31 06:00:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87f5b22bee10061eadb31859e5b4ec7e3051ca7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:8a:a9:b3:ec:19:3c:e1:9d:21:3c:8d:43:19:
6f:cc:31:b1:b5:98:d2:0a:4a:fb:65:fd:e1:a5:74:
54:eb:10:05:d7:e6:9e:de:7c:a0:5a:65:84:7d:b0:
e8:55:4f:b3:c3:bf:3a:ec:e1:f1:95:24:9e:cf:cb:
c3:8b:7a:c5:ed:a8:74:c4:32:3c:4b:70:8c:2e:19:
a7:46:ad:df:0c:07:78:87:ba:10:8b:17:e0:97:5d:
c7:1c:40:08:89:5c:43:93:34:da:89:7b:63:47:c7:
fe:65:a0:1f:de:6f:90:6f:24:e7:28:5b:f3:cd:9e:
72:3f:e6:bd:45:71:b7:4d:0b:7c:66:b8:4b:d7:91:
2e:09:13:42:53:83:e7:df:5b:61:a7:88:30:db:f8:
b3:a9:0a:43:56:2d:d0:39:6c:b7:71:36:0b:6f:d1:
44:29:4b:8b:09:9a:f2:c7:35:cb:9d:a1:a9:60:76:
04:2e:88:36:91:4a:49:12:c6:21:89:53:51:8a:60:
ef:f5:2a:e5:67:e6:4f:64:94:ac:4b:63:61:fd:da:
32:89:a3:66:be:e1:25:f4:ca:77:aa:f5:fd:7e:d2:
0a:c4:87:99:94:73:32:c4:b5:8b:a1:4f:23:e3:45:
26:27:d7:1b:54:35:5e:a8:af:a9:94:82:60:14:5f:
a3:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:F5:B2:2B:EE:10:06:1E:AD:B3:18:59:E5:B4:EC:7E:30:51:CA:7D
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/h_WyK-4QBh6tsxhZ5bTsfjBRyn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.159.0/24
92.114.85.0/24
188.240.230.0/24
188.241.243.0/24
Signature Algorithm: sha256WithRSAEncryption
17:04:04:40:c7:2e:71:21:8b:7d:15:c5:bc:06:12:8b:3f:8d:
c7:77:02:ba:b6:d5:f4:04:fa:9d:00:ec:12:e9:76:9e:ad:2e:
29:f6:e2:4b:b5:fc:bb:c6:ba:e2:f1:5c:18:0b:c0:3a:07:19:
b6:ed:ca:1c:24:e7:04:9d:52:b7:70:c7:fb:49:bd:ee:83:24:
4c:a7:f3:90:dc:95:cc:68:10:77:48:6a:8b:32:32:a8:e5:66:
fb:d9:06:3f:93:aa:80:2e:f4:41:6e:33:91:5d:5b:b8:af:ce:
f4:d5:95:c2:8b:3e:5f:a2:4c:a0:13:5d:f8:9a:b4:c8:8b:4f:
0f:e0:d9:f2:e9:26:ef:d6:95:af:53:64:7d:33:b9:f5:0e:ef:
7b:65:5b:ec:ee:76:6a:c1:98:f6:47:51:4b:1f:19:46:c3:7a:
85:80:3b:62:cd:a0:aa:3e:6b:4c:80:15:87:02:0b:d9:b8:2c:
9a:8f:77:8d:c9:bd:31:3a:21:04:4f:40:e0:5f:74:d0:6d:12:
9f:ad:33:e9:04:e0:6e:07:ce:37:4c:18:7b:98:81:cc:2f:b0:
bf:b2:23:14:1e:f2:ce:5e:9d:0d:12:cf:a4:85:3a:52:8d:03:
50:e1:07:38:61:6f:a1:9d:f5:08:74:d7:0c:f1:0c:a3:7c:42:
fe:77:33:52
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYc2QJMllYiQu67HOzyL2z7NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzMxMDYwMDE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2Y1YjIyYmVlMTAwNjFlYWRiMzE4NTllNWI0ZWM3ZTMwNTFjYTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4qps+wZPOGdITyNQxlvzDGxtZjS
Ckr7Zf3hpXRU6xAF1+ae3nygWmWEfbDoVU+zw7867OHxlSSez8vDi3rF7ah0xDI8
S3CMLhmnRq3fDAd4h7oQixfgl13HHEAIiVxDkzTaiXtjR8f+ZaAf3m+QbyTnKFvz
zZ5yP+a9RXG3TQt8ZrhL15EuCRNCU4Pn31thp4gw2/izqQpDVi3QOWy3cTYLb9FE
KUuLCZryxzXLnaGpYHYELog2kUpJEsYhiVNRimDv9SrlZ+ZPZJSsS2Nh/doyiaNm
vuEl9Mp3qvX9ftIKxIeZlHMyxLWLoU8j40UmJ9cbVDVeqK+plIJgFF+j+QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIf1sivuEAYerbMYWeW07H4wUcp9MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvaF9XeUstNFFCaDZ0c3hoWjViVHNmakJSeW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZyfAwQA
XHJVAwQAvPDmAwQAvPHzMA0GCSqGSIb3DQEBCwUAA4IBAQAXBARAxy5xIYt9FcW8
BhKLP43HdwK6ttX0BPqdAOwS6XaerS4p9uJLtfy7xrri8VwYC8A6Bxm27cocJOcE
nVK3cMf7Sb3ugyRMp/OQ3JXMaBB3SGqLMjKo5Wb72QY/k6qALvRBbjORXVu4r870
1ZXCiz5fokygE134mrTIi08P4Nny6Sbv1pWvU2R9M7n1Du97ZVvs7nZqwZj2R1FL
HxlGw3qFgDtizaCqPmtMgBWHAgvZuCyaj3eNyb0xOiEET0DgX3TQbRKfrTPpBOBu
B843TBh7mIHML7C/siMUHvLOXp0NEs+khTpSjQNQ4Qc4YW+hnfUIdNcM8QyjfEL+
dzNS
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:02 2023 by rpki-client on console-fra.rpki-client.org