Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/kKbvmraqwsyYnSFzdOI2isSCxfM.roa
File: kKbvmraqwsyYnSFzdOI2isSCxfM.roa (raw, json)
Hash identifier: fUCqkmPE+Jn0VKcmYRQN1A/IaKb2Z/FmZ8krjbhE6ek=
Subject key identifier: 90:A6:EF:9A:B6:AA:C2:CC:98:9D:21:73:74:E2:36:8A:C4:82:C5:F3
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0186A1F5912B719A525DBB6D31B94A9CF2ED
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/kKbvmraqwsyYnSFzdOI2isSCxfM.roa
Signing time: Thu 02 Mar 2023 10:54:30 +0000
ROA not before: Thu 02 Mar 2023 10:54:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 188.241.243.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.241.182.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a1:f5:91:2b:71:9a:52:5d:bb:6d:31:b9:4a:9c:f2:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 2 10:54:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90a6ef9ab6aac2cc989d217374e2368ac482c5f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e2:d4:2c:7e:b6:10:6c:b8:20:a8:c6:f7:10:
e1:42:14:54:60:17:3c:2f:be:87:df:08:73:a1:50:
41:a8:88:1e:b5:a1:c6:97:15:d8:63:ae:9b:9f:08:
cb:12:7a:31:04:10:9d:74:dc:98:5c:5f:9d:29:5e:
1e:17:c3:f8:81:02:0e:1d:fd:73:24:91:fe:43:60:
1f:53:54:32:f6:19:47:83:f9:96:14:db:23:b5:37:
bf:72:bc:fd:64:a1:ec:d0:54:e0:28:dc:a4:2a:b8:
ed:6e:ad:29:97:74:7c:b0:7a:50:ec:1f:db:b9:bf:
af:f1:da:30:bd:ac:d5:d7:75:66:ea:09:e8:75:cb:
2f:ec:65:2d:71:71:0d:26:d5:2d:d5:76:b1:ea:72:
1d:ce:9c:94:12:85:5d:20:2d:80:6c:dd:65:e8:3e:
21:19:25:73:6f:9c:55:f6:60:16:7d:2b:01:33:6a:
97:60:6d:90:ea:b7:38:41:69:e8:ab:a0:ae:8f:ea:
95:e0:fe:9c:7b:0f:6b:90:1e:c9:1c:41:97:a3:cb:
47:1e:56:f1:70:d3:00:55:b2:76:83:23:91:f5:b9:
1c:a5:44:2f:40:f8:32:36:15:9d:3d:b2:e9:c8:d7:
0c:7b:a5:bc:1c:0f:db:75:4a:dd:a0:df:82:c2:32:
8e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:A6:EF:9A:B6:AA:C2:CC:98:9D:21:73:74:E2:36:8A:C4:82:C5:F3
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/kKbvmraqwsyYnSFzdOI2isSCxfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.247.149.0/24
87.247.151.0/24
91.188.204.0/24
185.135.141.0/24
188.241.182.0/24
188.241.243.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:44:f9:4f:77:ad:ef:69:3d:7e:93:5a:e1:c1:06:f9:fa:d2:
22:de:08:b9:14:e7:87:45:40:29:0d:c6:e6:ad:90:ac:6f:4e:
2c:60:22:cc:01:df:12:fb:df:b5:52:73:e1:b8:32:b7:81:ce:
5a:e1:b6:b6:9f:64:e8:ba:78:4f:74:f4:86:65:ba:c2:62:c2:
01:04:2b:c0:79:e6:8b:e5:9f:87:c6:97:0a:fe:4e:f6:c9:ab:
5d:d8:f7:90:30:d4:a8:77:7e:4d:fb:66:bb:60:85:ed:fd:6b:
00:96:8d:31:33:20:18:82:7b:3b:8e:54:77:96:2f:f5:ac:64:
08:b7:36:0e:fb:62:09:85:77:1f:82:23:3e:5f:a8:22:68:3e:
52:b5:9b:e3:d3:99:ba:ca:8b:f4:2a:ff:d5:c2:04:34:23:9c:
d9:0a:da:93:6d:77:ca:1c:ef:68:b5:e0:34:ae:4f:8a:ee:3b:
36:40:8d:3d:dc:13:d4:fd:5f:cf:4e:dc:4a:2f:30:fb:86:0e:
ee:ee:b7:0f:9e:aa:e6:68:89:c0:74:1b:a7:d6:3f:4f:65:f3:
95:12:5c:5a:25:9c:aa:16:ff:01:cb:dd:77:cc:e0:4e:39:ea:
84:7c:45:0b:b1:25:cc:62:2b:82:6b:ef:a8:dd:67:88:61:bf:
5f:0f:31:5a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYah9ZErcZpSXbttMblKnPLtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzAyMTA1NDMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGE2ZWY5YWI2YWFjMmNjOTg5ZDIxNzM3NGUyMzY4YWM0ODJjNWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+LULH62EGy4IKjG9xDhQhRUYBc8
L76H3whzoVBBqIgetaHGlxXYY66bnwjLEnoxBBCddNyYXF+dKV4eF8P4gQIOHf1z
JJH+Q2AfU1Qy9hlHg/mWFNsjtTe/crz9ZKHs0FTgKNykKrjtbq0pl3R8sHpQ7B/b
ub+v8dowvazV13Vm6gnodcsv7GUtcXENJtUt1Xax6nIdzpyUEoVdIC2AbN1l6D4h
GSVzb5xV9mAWfSsBM2qXYG2Q6rc4QWnoq6Cuj+qV4P6cew9rkB7JHEGXo8tHHlbx
cNMAVbJ2gyOR9bkcpUQvQPgyNhWdPbLpyNcMe6W8HA/bdUrdoN+CwjKOWQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJCm75q2qsLMmJ0hc3TiNorEgsXzMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEva0tidm1yYXF3c3lZblNGemRPSTJpc1NDeGZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAV/eVAwQA
V/eXAwQAW7zMAwQAuYeNAwQAvPG2AwQAvPHzMA0GCSqGSIb3DQEBCwUAA4IBAQBP
RPlPd63vaT1+k1rhwQb5+tIi3gi5FOeHRUApDcbmrZCsb04sYCLMAd8S+9+1UnPh
uDK3gc5a4ba2n2TounhPdPSGZbrCYsIBBCvAeeaL5Z+HxpcK/k72yatd2PeQMNSo
d35N+2a7YIXt/WsAlo0xMyAYgns7jlR3li/1rGQItzYO+2IJhXcfgiM+X6giaD5S
tZvj05m6yov0Kv/VwgQ0I5zZCtqTbXfKHO9oteA0rk+K7js2QI093BPU/V/PTtxK
LzD7hg7u7rcPnqrmaInAdBun1j9PZfOVElxaJZyqFv8By913zOBOOeqEfEULsSXM
YiuCa++o3WeIYb9fDzFa
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:56 2023 by rpki-client on console-ams.rpki-client.org