Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/o9aAmoaRg1J1EzwGL5oY85GM4dU.roa
File: o9aAmoaRg1J1EzwGL5oY85GM4dU.roa (raw, json)
Hash identifier: u5CdvBkgiOPDfxnKFamWtzXqFsgpw1SLjoOvTB2mZHc=
Subject key identifier: A3:D6:80:9A:86:91:83:52:75:13:3C:06:2F:9A:18:F3:91:8C:E1:D5
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0186256AED59FB51375F66419C20E3FE0EFD
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/o9aAmoaRg1J1EzwGL5oY85GM4dU.roa
Signing time: Mon 06 Feb 2023 06:30:09 +0000
ROA not before: Mon 06 Feb 2023 06:30:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398465
IP address blocks: 188.212.158.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:25:6a:ed:59:fb:51:37:5f:66:41:9c:20:e3:fe:0e:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 6 06:30:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3d6809a8691835275133c062f9a18f3918ce1d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1f:5d:6e:74:58:5e:f6:1e:4d:bc:53:ff:50:
5f:37:66:94:64:99:76:16:e5:ff:f0:25:f9:f9:0f:
ad:c0:b5:e6:b4:09:54:f5:6c:83:55:1f:71:e1:0d:
9b:24:78:82:a3:41:30:e4:22:94:f3:1a:3c:87:37:
a7:d5:9d:37:fb:a1:6d:a7:aa:e2:59:b1:55:8e:ce:
7c:9a:bf:2b:fa:fb:50:0b:18:8f:ae:46:24:06:ee:
83:68:58:e8:8e:9e:db:83:98:0d:9e:54:c1:00:d5:
49:58:de:5f:4e:e6:1d:42:8b:ca:12:c4:05:1c:bd:
11:aa:99:a1:92:02:02:21:77:a0:d1:3b:fe:1b:c1:
1f:fa:77:bc:f9:8f:5f:87:4d:e8:69:63:12:03:00:
71:5e:fd:36:91:86:8c:ad:94:28:27:65:2b:9d:c6:
56:0c:57:39:e4:4c:43:f7:4f:2a:8c:56:81:82:36:
dc:c8:9e:5c:9d:72:dd:9d:a7:90:5e:f3:37:01:f7:
8f:45:2c:41:b1:61:cb:5d:83:01:a2:08:5b:41:f3:
8a:88:ea:5c:03:5f:c9:e3:7b:88:9e:47:77:4b:cf:
de:2b:5b:f7:bb:22:2b:b9:d7:ff:0e:b3:f1:a2:47:
f1:04:52:7e:5d:9f:87:95:51:b8:b5:a1:af:87:f9:
f2:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:D6:80:9A:86:91:83:52:75:13:3C:06:2F:9A:18:F3:91:8C:E1:D5
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/o9aAmoaRg1J1EzwGL5oY85GM4dU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.212.158.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:14:90:a8:2f:9c:dc:08:d2:fe:f3:72:cb:7b:54:88:24:4e:
b7:60:68:b9:16:b2:ca:2f:a2:04:be:08:f6:92:2b:e5:17:05:
b6:3f:24:69:d5:79:eb:ff:2c:8e:91:9d:a8:08:01:ae:2c:a5:
02:86:b5:dd:2d:2e:ee:5e:82:49:3b:af:08:b5:99:6c:e6:84:
c3:b9:fb:12:5f:ae:6b:8c:66:b4:8b:49:82:ff:0d:fe:33:8c:
02:a3:31:25:d3:df:4b:f5:59:94:0d:e6:56:1b:8c:31:10:26:
f5:eb:0d:6b:49:ba:4c:42:b1:40:27:e9:0f:19:45:f8:c6:67:
26:88:20:39:fb:4a:6f:fe:60:04:85:56:de:18:91:77:3c:5b:
02:c4:b5:27:62:47:0c:92:79:a9:b0:e8:ab:af:65:02:72:03:
50:f9:43:8f:dd:fd:07:b4:42:cd:7d:dd:b8:29:fb:aa:03:f2:
69:b2:69:b5:39:ae:2d:1a:99:67:b3:80:80:ee:5f:d9:13:63:
40:a7:28:2f:11:03:95:62:3a:14:77:d5:ca:a8:9c:77:89:60:
8b:89:4f:e9:28:f2:b1:5e:42:5e:fa:81:d0:b8:78:45:1f:80:
c8:00:f6:b5:a0:dc:f4:13:30:4f:10:92:81:31:6d:8f:e9:77:
bb:e1:4f:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYlau1Z+1E3X2ZBnCDj/g79MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjA2MDYzMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2Q2ODA5YTg2OTE4MzUyNzUxMzNjMDYyZjlhMThmMzkxOGNlMWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsx9dbnRYXvYeTbxT/1BfN2aUZJl2
FuX/8CX5+Q+twLXmtAlU9WyDVR9x4Q2bJHiCo0Ew5CKU8xo8hzen1Z03+6Ftp6ri
WbFVjs58mr8r+vtQCxiPrkYkBu6DaFjojp7bg5gNnlTBANVJWN5fTuYdQovKEsQF
HL0RqpmhkgICIXeg0Tv+G8Ef+ne8+Y9fh03oaWMSAwBxXv02kYaMrZQoJ2UrncZW
DFc55ExD908qjFaBgjbcyJ5cnXLdnaeQXvM3AfePRSxBsWHLXYMBoghbQfOKiOpc
A1/J43uInkd3S8/eK1v3uyIrudf/DrPxokfxBFJ+XZ+HlVG4taGvh/ny7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKPWgJqGkYNSdRM8Bi+aGPORjOHVMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbzlhQW1vYVJnMUoxRXp3R0w1b1k4NUdNNGRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNSeMA0G
CSqGSIb3DQEBCwUAA4IBAQA+FJCoL5zcCNL+83LLe1SIJE63YGi5FrLKL6IEvgj2
kivlFwW2PyRp1Xnr/yyOkZ2oCAGuLKUChrXdLS7uXoJJO68ItZls5oTDufsSX65r
jGa0i0mC/w3+M4wCozEl099L9VmUDeZWG4wxECb16w1rSbpMQrFAJ+kPGUX4xmcm
iCA5+0pv/mAEhVbeGJF3PFsCxLUnYkcMknmpsOirr2UCcgNQ+UOP3f0HtELNfd24
KfuqA/Jpsmm1Oa4tGplns4CA7l/ZE2NApygvEQOVYjoUd9XKqJx3iWCLiU/pKPKx
XkJe+oHQuHhFH4DIAPa1oNz0EzBPEJKBMW2P6Xe74U/o
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:03 2023 by rpki-client on console-fra.rpki-client.org