Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/lfJtxWMH6L9lEZo2BZujd_dZR3Q.roa
File: lfJtxWMH6L9lEZo2BZujd_dZR3Q.roa (raw, json)
Hash identifier: +kl5tyJqy14cGRHE62zrLFuezqHSzo5pHcnf5DvgGh8=
Subject key identifier: 95:F2:6D:C5:63:07:E8:BF:65:11:9A:36:05:9B:A3:77:F7:59:47:74
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018A9A56BD4940754A3A1DEF059FAA8A1DF5
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/lfJtxWMH6L9lEZo2BZujd_dZR3Q.roa
Signing time: Fri 15 Sep 2023 19:34:50 +0000
ROA not before: Fri 15 Sep 2023 19:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47377
IP address blocks: 185.135.140.0/22 maxlen: 24
203.0.8.0/23 maxlen: 24
91.190.102.0/23 maxlen: 24
185.238.8.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:9a:56:bd:49:40:75:4a:3a:1d:ef:05:9f:aa:8a:1d:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Sep 15 19:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95f26dc56307e8bf65119a36059ba377f7594774
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:25:55:9f:9e:41:84:46:e4:81:6d:a5:f5:b6:
82:bd:aa:66:90:a7:69:d9:54:3d:91:69:d6:c7:ce:
ef:f6:af:b5:e1:8c:39:0c:a5:d0:28:18:91:6a:c8:
4d:f0:34:7c:bb:77:08:d5:3c:ee:04:1d:21:69:b6:
e4:79:05:47:6d:bb:24:82:4e:4b:24:fe:c1:a7:30:
7d:c9:75:05:8f:5c:3b:62:18:85:0c:a0:b2:34:79:
0c:3a:8f:9f:65:b4:6b:ed:b3:d5:c0:75:d6:90:f5:
f2:6a:89:3e:e7:11:d8:0a:f8:af:65:ea:0f:83:97:
09:ab:11:d1:f2:2c:f6:d6:f7:4f:a7:8e:55:92:78:
22:a8:fe:57:c9:89:c7:96:33:9f:da:13:7d:63:09:
21:00:02:a0:0e:34:c9:cc:1d:d3:cd:24:9b:f4:09:
14:26:dc:f1:c0:78:dc:3f:6d:c5:a3:af:80:69:78:
ca:d5:f6:68:98:a8:81:f3:4a:20:cc:d9:ff:15:69:
16:24:f3:71:de:49:32:df:0d:ad:95:6d:37:41:ea:
79:38:b8:0f:64:34:8f:53:e7:d4:00:25:cc:71:7a:
b7:ac:35:e9:c0:76:55:4b:f8:e1:29:f0:f0:41:05:
b9:8e:4e:af:8f:5e:af:70:4f:cc:5f:f5:89:38:6d:
a1:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:F2:6D:C5:63:07:E8:BF:65:11:9A:36:05:9B:A3:77:F7:59:47:74
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/lfJtxWMH6L9lEZo2BZujd_dZR3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.190.102.0/23
185.135.140.0/22
185.238.8.0/22
203.0.8.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:e5:ba:c4:be:be:ab:43:80:76:98:3e:20:03:3a:af:ef:2b:
33:02:a4:17:25:97:b9:a1:9c:9f:91:06:14:e5:ec:bc:14:aa:
96:3c:c9:94:74:8d:57:1e:e3:23:a1:80:7b:af:c1:70:83:e1:
ad:5b:94:e2:25:36:1d:33:d0:b2:90:ae:6d:26:b3:5e:54:7d:
5f:0c:a4:bc:1b:ab:3f:3d:92:e2:ce:a6:e5:54:93:e7:d8:c8:
ed:c9:40:6e:6c:9d:d9:e5:83:28:e7:bd:99:80:3a:ff:69:f4:
b8:cb:f9:63:4c:ea:f6:39:a1:91:6f:ed:53:f1:dd:b2:d1:24:
28:f0:c4:5b:5e:2c:eb:e8:9a:27:4d:aa:45:59:75:2b:6f:4a:
fe:a7:9d:19:5b:3d:6d:56:ec:5e:1b:e9:95:5a:aa:a7:87:2a:
6b:55:f3:cc:eb:90:71:f7:58:e8:0f:2a:66:ee:4e:6a:0d:eb:
5e:33:a7:04:06:52:29:f4:97:9f:18:d3:a3:e0:61:e4:6a:8d:
5f:ac:01:f4:0a:0f:4a:12:64:e4:5a:d6:8a:31:cd:27:7a:63:
f9:bf:ac:ef:18:2f:86:5c:66:8d:9e:0b:63:52:8a:b7:75:43:
3c:12:cc:8a:30:8e:d3:95:20:9b:6d:0e:70:f0:c6:e9:56:73:
89:fa:de:f0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYqaVr1JQHVKOh3vBZ+qih31MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwOTE1MTkzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWYyNmRjNTYzMDdlOGJmNjUxMTlhMzYwNTliYTM3N2Y3NTk0Nzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiVVn55BhEbkgW2l9baCvapmkKdp
2VQ9kWnWx87v9q+14Yw5DKXQKBiRashN8DR8u3cI1TzuBB0habbkeQVHbbskgk5L
JP7BpzB9yXUFj1w7YhiFDKCyNHkMOo+fZbRr7bPVwHXWkPXyaok+5xHYCvivZeoP
g5cJqxHR8iz21vdPp45VkngiqP5XyYnHljOf2hN9YwkhAAKgDjTJzB3TzSSb9AkU
JtzxwHjcP23Fo6+AaXjK1fZomKiB80ogzNn/FWkWJPNx3kky3w2tlW03Qep5OLgP
ZDSPU+fUACXMcXq3rDXpwHZVS/jhKfDwQQW5jk6vj16vcE/MX/WJOG2h2QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJXybcVjB+i/ZRGaNgWbo3f3WUd0MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbGZKdHhXTUg2TDlsRVpvMkJadWpkX2RaUjNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBW75mAwQC
uYeMAwQCue4IAwQBywAIMA0GCSqGSIb3DQEBCwUAA4IBAQAv5brEvr6rQ4B2mD4g
Azqv7yszAqQXJZe5oZyfkQYU5ey8FKqWPMmUdI1XHuMjoYB7r8Fwg+GtW5TiJTYd
M9CykK5tJrNeVH1fDKS8G6s/PZLizqblVJPn2MjtyUBubJ3Z5YMo572ZgDr/afS4
y/ljTOr2OaGRb+1T8d2y0SQo8MRbXizr6JonTapFWXUrb0r+p50ZWz1tVuxeG+mV
WqqnhyprVfPM65Bx91joDypm7k5qDeteM6cEBlIp9JefGNOj4GHkao1frAH0Cg9K
EmTkWtaKMc0nemP5v6zvGC+GXGaNngtjUoq3dUM8EsyKMI7TlSCbbQ5w8MbpVnOJ
+t7w
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:28 2024 by rpki-client on console-fra.rpki-client.org