Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/kQW9ZYayzOlcHTV5Ee6N46XSdrI.roa
File: kQW9ZYayzOlcHTV5Ee6N46XSdrI.roa (raw, json)
Hash identifier: 8G5BJzmcqDR2tbph5+joNmxJUv2q8r9ab6SqOv9VpTM=
Subject key identifier: 91:05:BD:65:86:B2:CC:E9:5C:1D:35:79:11:EE:8D:E3:A5:D2:76:B2
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018948AF645899DA7E97546594D59383EEAD
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/kQW9ZYayzOlcHTV5Ee6N46XSdrI.roa
Signing time: Wed 12 Jul 2023 06:00:01 +0000
ROA not before: Wed 12 Jul 2023 06:00:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 93.114.192.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
188.241.182.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:48:af:64:58:99:da:7e:97:54:65:94:d5:93:83:ee:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 12 06:00:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9105bd6586b2cce95c1d357911ee8de3a5d276b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:70:a3:79:2b:c5:17:c2:51:77:bf:98:19:67:
d4:20:e3:d1:ef:c4:11:bc:93:f0:93:67:30:ae:8b:
17:f9:98:dd:8a:96:b2:35:66:fe:2b:e6:3e:71:a2:
aa:72:f6:72:ed:bf:17:c6:76:f9:dd:f5:93:94:96:
25:4c:fb:9c:26:5d:91:29:08:32:89:18:45:b3:12:
ae:fb:f1:3b:6e:61:78:69:23:1c:29:80:d8:1d:bd:
e5:04:e0:fc:c0:80:27:da:b1:1a:a7:e9:3a:ba:ff:
4f:53:c1:c4:87:41:9c:a8:67:80:82:65:3d:4f:d4:
b9:29:80:a7:94:a0:d9:37:af:8d:50:b3:b1:42:78:
e2:db:6c:d1:5a:99:05:36:56:a3:17:56:46:5b:83:
e7:bf:80:6e:b3:49:cf:78:c2:92:cb:be:fd:be:ac:
55:48:36:c7:4c:90:2a:d6:be:46:96:9c:34:99:d4:
70:88:5e:e0:8a:39:53:33:8c:30:82:78:50:9b:e6:
f8:7c:0b:6c:7a:d6:9e:6b:8b:57:e8:4f:20:ab:c8:
ce:bd:a0:22:0c:96:b0:ef:5d:9b:2a:29:cf:1f:46:
ca:f6:f8:c8:95:d7:cb:e7:3b:7c:16:b5:c7:cc:d4:
a0:10:df:b1:3a:bb:8d:91:15:68:04:54:82:30:2b:
32:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:05:BD:65:86:B2:CC:E9:5C:1D:35:79:11:EE:8D:E3:A5:D2:76:B2
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/kQW9ZYayzOlcHTV5Ee6N46XSdrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.62.0/24
93.114.192.0/24
185.135.141.0/24
188.241.182.0/24
188.241.243.0/24
Signature Algorithm: sha256WithRSAEncryption
63:57:db:37:0a:9c:b2:03:25:b3:9c:09:bf:35:1e:e8:08:88:
89:76:39:af:e2:ab:30:d8:00:4c:71:69:bc:62:1e:82:f4:5c:
d6:61:43:9a:7d:5e:b5:31:cb:1e:83:95:65:af:09:d6:66:7e:
9b:5c:11:d6:57:79:b3:57:e7:d4:ac:0b:e0:4e:49:06:e7:51:
5f:e8:4c:39:4b:09:f9:70:e9:a2:3d:b2:90:64:53:7f:34:af:
5d:9b:9c:d7:83:ce:28:de:83:df:e1:4c:0d:7c:1a:b9:2f:d9:
22:81:27:11:47:9f:00:be:85:c6:01:19:6e:ed:38:bb:42:61:
dd:33:ae:d0:2b:42:ab:54:5e:ad:75:e3:b8:fc:0a:cf:75:04:
e1:d6:15:40:05:97:9e:a9:15:8f:df:28:eb:6f:d6:b1:ec:d4:
76:8b:50:ca:dc:43:fc:3e:7b:8f:69:a3:63:a1:5f:cf:57:6e:
9f:c5:bc:41:ec:3a:62:d3:2e:1f:18:dc:f0:0c:b4:68:25:b6:
61:fd:a1:52:0e:ff:7e:0c:ef:b1:fc:2e:97:53:d5:7b:62:e6:
73:b5:44:8c:65:23:cd:0f:f2:ca:3e:65:ba:fe:79:49:e0:96:
f6:20:c0:ab:05:7b:13:ad:4e:c0:50:1e:91:16:88:a2:11:c7:
e7:da:58:4d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYlIr2RYmdp+l1RllNWTg+6tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzEyMDYwMDAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTA1YmQ2NTg2YjJjY2U5NWMxZDM1NzkxMWVlOGRlM2E1ZDI3NmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3CjeSvFF8JRd7+YGWfUIOPR78QR
vJPwk2cwrosX+ZjdipayNWb+K+Y+caKqcvZy7b8Xxnb53fWTlJYlTPucJl2RKQgy
iRhFsxKu+/E7bmF4aSMcKYDYHb3lBOD8wIAn2rEap+k6uv9PU8HEh0GcqGeAgmU9
T9S5KYCnlKDZN6+NULOxQnji22zRWpkFNlajF1ZGW4Pnv4Bus0nPeMKSy779vqxV
SDbHTJAq1r5Glpw0mdRwiF7gijlTM4wwgnhQm+b4fAtsetaea4tX6E8gq8jOvaAi
DJaw712bKinPH0bK9vjIldfL5zt8FrXHzNSgEN+xOruNkRVoBFSCMCsyCwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJEFvWWGsszpXB01eRHujeOl0nayMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEva1FXOVpZYXl6T2xjSFRWNUVlNk40NlhTZHJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWSU+AwQA
XXLAAwQAuYeNAwQAvPG2AwQAvPHzMA0GCSqGSIb3DQEBCwUAA4IBAQBjV9s3Cpyy
AyWznAm/NR7oCIiJdjmv4qsw2ABMcWm8Yh6C9FzWYUOafV61Mcseg5VlrwnWZn6b
XBHWV3mzV+fUrAvgTkkG51Ff6Ew5Swn5cOmiPbKQZFN/NK9dm5zXg84o3oPf4UwN
fBq5L9kigScRR58AvoXGARlu7Ti7QmHdM67QK0KrVF6tdeO4/ArPdQTh1hVABZee
qRWP3yjrb9ax7NR2i1DK3EP8PnuPaaNjoV/PV26fxbxB7Dpi0y4fGNzwDLRoJbZh
/aFSDv9+DO+x/C6XU9V7YuZztUSMZSPND/LKPmW6/nlJ4Jb2IMCrBXsTrU7AUB6R
FoiiEcfn2lhN
Generated at Tue Aug 1 12:11:21 2023 by rpki-client on console-ams.rpki-client.org