Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/jSs40xyZciG65kD7cEpLqpWFJwk.roa
File: jSs40xyZciG65kD7cEpLqpWFJwk.roa (raw, json)
Hash identifier: K+GZVEWNfJh5z5DeA5Tn+h5iEAGSkbBKXaQEOXc5Xjw=
Subject key identifier: 8D:2B:38:D3:1C:99:72:21:BA:E6:40:FB:70:4A:4B:AA:95:85:27:09
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01874AAF9B4C3D9ED292CEB1C359A156E4F5
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/jSs40xyZciG65kD7cEpLqpWFJwk.roa
Signing time: Tue 04 Apr 2023 05:13:55 +0000
ROA not before: Tue 04 Apr 2023 05:13:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 178.239.202.0/24 maxlen: 24
178.239.201.0/24 maxlen: 24
93.114.195.0/24 maxlen: 24
89.43.209.0/24 maxlen: 24
89.46.92.0/24 maxlen: 24
193.42.54.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4a:af:9b:4c:3d:9e:d2:92:ce:b1:c3:59:a1:56:e4:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 4 05:13:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d2b38d31c997221bae640fb704a4baa95852709
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:c8:f0:f5:91:82:36:ee:b4:7d:f6:3d:7e:93:
03:57:a9:a6:aa:c2:40:08:ae:1a:57:a7:46:56:9f:
e8:e2:7d:5a:de:75:32:ec:f2:a8:58:b6:25:0f:52:
96:72:ee:93:f4:14:d4:f8:b8:88:94:df:59:b1:ec:
53:26:52:87:87:00:e1:26:93:a7:73:f3:9a:99:56:
aa:59:83:38:0f:d5:0d:a5:c1:67:d8:63:5f:6a:a0:
36:fa:dc:7f:98:c0:7a:cb:58:43:86:4b:43:10:70:
c9:57:88:c9:12:8b:82:08:d9:f7:01:38:26:0d:fe:
83:ab:25:33:69:e5:19:1c:56:f0:30:b0:cd:b7:e8:
be:86:50:16:86:40:1a:6e:37:24:4b:76:b2:90:ae:
76:d2:db:26:7e:b6:ac:83:f7:de:a2:0b:e6:07:72:
0f:4c:4f:7f:0d:db:84:f4:80:7d:b5:48:af:de:a9:
78:4a:77:24:ed:86:85:b8:69:cf:d7:67:9c:2e:88:
10:47:86:8c:f9:07:fc:c7:7e:f3:4f:ac:a7:16:df:
e6:6e:97:84:69:da:a9:ee:7c:1e:41:ce:29:96:97:
b8:e1:49:2f:e7:83:9f:25:b6:33:1c:9d:7a:be:ff:
29:c6:dd:7c:35:ca:8f:ae:9f:66:73:b5:34:3b:bd:
11:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:2B:38:D3:1C:99:72:21:BA:E6:40:FB:70:4A:4B:AA:95:85:27:09
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/jSs40xyZciG65kD7cEpLqpWFJwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.43.209.0/24
89.46.92.0/24
93.114.195.0/24
178.239.201.0-178.239.202.255
193.42.54.0/23
Signature Algorithm: sha256WithRSAEncryption
18:2c:14:04:7c:87:b7:76:4f:3d:f3:c7:25:c5:be:fb:59:96:
fe:23:a9:a5:55:73:a8:11:ff:3c:d6:91:2e:0d:8b:f1:ef:a5:
d8:28:6a:37:3b:8c:22:90:e0:cd:71:c6:a5:d7:f6:24:82:b7:
75:20:6e:e8:2e:5f:93:49:79:b7:17:f6:bc:d1:28:fb:ab:b3:
ae:bb:0d:ca:2a:dc:82:60:b1:a0:51:69:01:a6:1c:91:8d:ee:
a2:1a:50:70:bd:83:59:05:ed:56:4d:8f:16:79:07:4d:04:cd:
4c:6b:3e:04:16:57:21:9f:34:3f:1b:3a:37:27:5d:c7:7f:f5:
d0:76:6c:4c:bf:e7:51:cc:ed:2b:49:a2:01:11:2b:c4:9a:88:
3c:c1:9a:12:e0:98:c8:fd:a6:dc:a0:be:3f:f8:58:f8:54:d6:
74:1b:6e:15:21:fd:51:23:19:f0:ba:06:d4:6b:70:2f:a8:1f:
5d:a3:7d:dc:d0:3a:ae:f6:66:b1:de:91:69:ff:0e:20:a8:60:
e0:53:5a:9b:a1:76:c2:22:a5:b6:4f:f3:57:c0:c8:1f:06:a3:
36:10:3e:14:38:5e:70:7b:2b:46:32:32:2b:21:20:35:c3:c0:
76:28:3d:39:66:72:e4:ef:72:71:9f:d6:67:a8:77:7c:15:b9:
39:ee:54:f8
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYdKr5tMPZ7Sks6xw1mhVuT1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDA0MDUxMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDJiMzhkMzFjOTk3MjIxYmFlNjQwZmI3MDRhNGJhYTk1ODUyNzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsjw9ZGCNu60ffY9fpMDV6mmqsJA
CK4aV6dGVp/o4n1a3nUy7PKoWLYlD1KWcu6T9BTU+LiIlN9ZsexTJlKHhwDhJpOn
c/OamVaqWYM4D9UNpcFn2GNfaqA2+tx/mMB6y1hDhktDEHDJV4jJEouCCNn3ATgm
Df6DqyUzaeUZHFbwMLDNt+i+hlAWhkAabjckS3aykK520tsmfrasg/feogvmB3IP
TE9/DduE9IB9tUiv3ql4Snck7YaFuGnP12ecLogQR4aM+Qf8x37zT6ynFt/mbpeE
adqp7nweQc4plpe44Ukv54OfJbYzHJ16vv8pxt18NcqPrp9mc7U0O70RQwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFI0rONMcmXIhuuZA+3BKS6qVhScJMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvalNzNDB4eVpjaUc2NWtEN2NFcExxcFdGSndrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAWSvRAwQA
WS5cAwQAXXLDMAwDBACy78kDBACy78oDBAHBKjYwDQYJKoZIhvcNAQELBQADggEB
ABgsFAR8h7d2Tz3zxyXFvvtZlv4jqaVVc6gR/zzWkS4Ni/Hvpdgoajc7jCKQ4M1x
xqXX9iSCt3UgbuguX5NJebcX9rzRKPurs667Dcoq3IJgsaBRaQGmHJGN7qIaUHC9
g1kF7VZNjxZ5B00EzUxrPgQWVyGfND8bOjcnXcd/9dB2bEy/51HM7StJogERK8Sa
iDzBmhLgmMj9ptygvj/4WPhU1nQbbhUh/VEjGfC6BtRrcC+oH12jfdzQOq72ZrHe
kWn/DiCoYOBTWpuhdsIipbZP81fAyB8GozYQPhQ4XnB7K0YyMishIDXDwHYoPTlm
cuTvcnGf1meod3wVuTnuVPg=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:02 2023 by rpki-client on console-fra.rpki-client.org