Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/lRdugcG4JCACgSwAuC7Vdqhvjoc.roa
File: lRdugcG4JCACgSwAuC7Vdqhvjoc.roa (raw, json)
Hash identifier: OkvVepn5LCWqxo6+tH7d3Np0usE1GQkqbp3JiG60sro=
Subject key identifier: 95:17:6E:81:C1:B8:24:20:02:81:2C:00:B8:2E:D5:76:A8:6F:8E:87
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0185710306BCFD30C52BA176C288F57C76FE
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/lRdugcG4JCACgSwAuC7Vdqhvjoc.roa
Signing time: Mon 02 Jan 2023 05:45:01 +0000
ROA not before: Mon 02 Jan 2023 05:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39351
IP address blocks: 194.242.2.0/24 maxlen: 24
193.19.108.0/24 maxlen: 24
185.217.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Mar 2023 05:57:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:03:06:bc:fd:30:c5:2b:a1:76:c2:88:f5:7c:76:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 2 05:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95176e81c1b8242002812c00b82ed576a86f8e87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f2:03:b5:73:6b:90:12:20:c6:2d:f5:21:91:
28:23:eb:75:02:0c:31:a1:3b:b0:5c:ee:18:1f:bf:
30:10:0c:53:cc:47:0c:5a:5b:d9:b5:b2:90:24:86:
8b:e7:d1:6c:97:b7:2c:29:14:1b:51:f0:20:83:23:
b6:25:65:54:34:cc:d4:fc:a5:bb:aa:84:9e:f2:d1:
b9:24:01:4e:0e:78:f3:de:6b:c9:71:26:8b:fd:fe:
bf:87:1c:6a:0e:57:c4:da:bc:b2:ec:26:6b:67:7d:
6f:0a:8f:d9:73:92:83:39:06:f2:c5:3f:dd:ab:0b:
cd:7c:d1:ae:7f:40:b3:67:0e:8a:2b:05:5e:a0:6a:
7a:ce:45:17:fa:f3:17:f2:90:8f:10:0b:59:2a:20:
59:f1:75:36:e2:c3:40:cc:40:85:ed:6e:23:f5:25:
e9:5b:04:f3:a5:c3:95:ff:f3:27:11:cd:05:d7:29:
6b:d9:28:50:b6:df:66:f2:c5:97:d2:4f:c9:dc:fc:
dd:1c:c1:83:60:7a:db:ff:e7:7e:79:0c:e4:55:23:
8c:28:83:59:52:91:57:de:ba:51:56:d2:2c:0f:68:
83:b9:69:e4:af:9d:f9:05:ab:a8:6a:c0:17:6a:6d:
17:b2:38:e7:a8:a3:cc:ff:ac:a3:77:fa:31:1e:33:
d3:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:17:6E:81:C1:B8:24:20:02:81:2C:00:B8:2E:D5:76:A8:6F:8E:87
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/lRdugcG4JCACgSwAuC7Vdqhvjoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.116.0/24
193.19.108.0/24
194.242.2.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:05:f3:59:cc:66:50:5c:d7:26:a8:aa:5c:c4:a5:0a:5f:68:
2c:7c:c6:8a:80:4a:6e:62:cc:42:78:77:fc:15:fe:b2:17:2b:
6b:e3:ca:74:86:7f:d5:23:e9:92:46:fb:bb:e5:4a:cc:d4:05:
9c:99:e1:cf:c3:28:3f:f3:88:02:e3:af:8f:7b:09:3c:c9:3c:
43:01:df:ec:b1:c5:8e:3d:31:40:cd:53:40:58:f4:e3:96:60:
ef:d6:09:bd:23:09:dd:71:d6:9c:96:38:62:40:15:b0:4a:88:
b9:c7:d9:5d:fb:00:37:f8:1f:31:c6:5f:75:76:91:ca:d8:ae:
90:df:07:6c:39:e9:67:6b:6d:5c:57:f3:10:17:4a:07:a6:e7:
bd:5a:c1:78:3c:fb:f3:ea:80:af:6e:38:07:bc:f6:d1:5c:cd:
d1:04:f5:59:59:34:44:fc:81:56:7e:06:ed:e7:be:94:9a:f0:
e4:50:84:42:f1:9f:2b:70:c6:13:bb:f5:08:ee:db:c7:bb:66:
d0:fd:4d:1e:6f:02:b0:c5:12:c0:47:0c:25:92:ac:09:5a:31:
19:10:29:ba:03:33:a4:73:ab:7e:eb:2f:98:1b:ac:2d:0c:a4:
e2:3a:8e:0a:a5:96:91:98:0b:ad:ed:98:b1:51:22:bd:df:d3:
ac:d4:95:30
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxAwa8/TDFK6F2woj1fHb+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTE3NmU4MWMxYjgyNDIwMDI4MTJjMDBiODJlZDU3NmE4NmY4ZTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/IDtXNrkBIgxi31IZEoI+t1Agwx
oTuwXO4YH78wEAxTzEcMWlvZtbKQJIaL59Fsl7csKRQbUfAggyO2JWVUNMzU/KW7
qoSe8tG5JAFODnjz3mvJcSaL/f6/hxxqDlfE2ryy7CZrZ31vCo/Zc5KDOQbyxT/d
qwvNfNGuf0CzZw6KKwVeoGp6zkUX+vMX8pCPEAtZKiBZ8XU24sNAzECF7W4j9SXp
WwTzpcOV//MnEc0F1ylr2ShQtt9m8sWX0k/J3PzdHMGDYHrb/+d+eQzkVSOMKINZ
UpFX3rpRVtIsD2iDuWnkr535BauoasAXam0XsjjnqKPM/6yjd/oxHjPTPwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJUXboHBuCQgAoEsALgu1Xaob46HMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbFJkdWdjRzRKQ0FDZ1N3QXVDN1ZkcWh2am9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAudl0AwQA
wRNsAwQAwvICMA0GCSqGSIb3DQEBCwUAA4IBAQAaBfNZzGZQXNcmqKpcxKUKX2gs
fMaKgEpuYsxCeHf8Ff6yFytr48p0hn/VI+mSRvu75UrM1AWcmeHPwyg/84gC46+P
ewk8yTxDAd/sscWOPTFAzVNAWPTjlmDv1gm9IwndcdacljhiQBWwSoi5x9ld+wA3
+B8xxl91dpHK2K6Q3wdsOelna21cV/MQF0oHpue9WsF4PPvz6oCvbjgHvPbRXM3R
BPVZWTRE/IFWfgbt576UmvDkUIRC8Z8rcMYTu/UI7tvHu2bQ/U0ebwKwxRLARwwl
kqwJWjEZECm6AzOkc6t+6y+YG6wtDKTiOo4KpZaRmAut7ZixUSK939Os1JUw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:48 2024 by rpki-client on console-fra.rpki-client.org