Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/osmT2y2rHDOgi2Fx0R2xuUJkEko.roa
File: osmT2y2rHDOgi2Fx0R2xuUJkEko.roa (raw, json)
Hash identifier: st+Eb7wS3LPKBQNWfq2cKBoXb69jw2ExHQLcljkPqkQ=
Subject key identifier: A2:C9:93:DB:2D:AB:1C:33:A0:8B:61:71:D1:1D:B1:B9:42:64:12:4A
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187BA0A2D82BC1EE304F91869BDC6321644
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/osmT2y2rHDOgi2Fx0R2xuUJkEko.roa
Signing time: Tue 25 Apr 2023 20:10:41 +0000
ROA not before: Tue 25 Apr 2023 20:10:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7411
IP address blocks: 188.214.27.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ba:0a:2d:82:bc:1e:e3:04:f9:18:69:bd:c6:32:16:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 25 20:10:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2c993db2dab1c33a08b6171d11db1b94264124a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:16:be:c9:da:cd:a0:5a:58:f5:22:4b:de:e8:
b3:12:fb:36:be:1a:70:7c:fd:03:f5:01:da:a6:ea:
10:4f:19:52:61:72:23:eb:11:ed:7d:ee:7a:6b:b3:
0e:f7:7e:e3:36:e1:84:e3:7d:0f:33:00:b9:6b:b3:
9c:12:ed:1a:c6:a5:d6:82:e7:62:05:78:5e:ed:28:
1d:bf:14:38:bb:41:ae:a9:83:6b:bc:f8:99:ee:59:
e8:7d:6d:54:7e:ea:e0:93:f1:17:bd:7e:82:07:15:
24:20:ac:b1:2a:c4:5f:b0:7d:79:96:0a:32:95:a0:
da:aa:d4:ef:2c:de:a0:3c:5f:f8:e1:53:15:99:4b:
dd:23:50:b5:45:3e:8f:5a:77:10:86:d2:e5:da:7b:
5e:40:be:34:55:01:68:0d:0a:a3:4d:e0:f2:d0:85:
a3:e1:2d:75:e0:b2:54:7b:06:bf:72:34:a4:3d:59:
6f:1a:7d:14:04:a4:6b:54:9d:58:5c:f6:84:a5:ef:
c6:5f:50:2b:2f:69:93:e1:26:c4:5b:5f:1b:30:c4:
bc:5e:45:67:c4:44:20:2b:ae:68:e1:fe:9c:9f:b6:
bb:76:5b:5f:f1:9f:c2:a3:61:d7:49:87:23:9a:0e:
4c:d6:f8:e6:2b:5b:56:de:30:fb:15:1e:bd:9e:fc:
85:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:C9:93:DB:2D:AB:1C:33:A0:8B:61:71:D1:1D:B1:B9:42:64:12:4A
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/osmT2y2rHDOgi2Fx0R2xuUJkEko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.85.0/24
188.214.27.0/24
188.240.232.0/24
Signature Algorithm: sha256WithRSAEncryption
70:73:75:91:8d:c0:31:f9:e6:03:63:10:89:88:56:c8:4b:6d:
8c:ed:1a:60:c4:ce:c2:b1:11:bf:59:89:8c:b4:51:12:7b:97:
55:c5:8c:92:c4:01:a7:49:f1:aa:68:df:9b:72:1e:c1:3c:df:
c7:bd:2a:5f:9a:91:17:84:7c:c8:2f:24:35:5b:61:a4:30:75:
e4:50:64:0a:f0:9c:c6:1e:52:d9:f2:25:20:f8:7c:0a:79:85:
ba:c6:c8:1a:55:ce:af:58:9a:b4:5c:1e:42:5b:fd:94:e3:7a:
a2:3a:9f:fe:b7:b9:c8:ba:ec:15:6a:cf:6e:00:0e:06:e1:df:
98:b9:bd:c7:ac:3e:e5:86:f7:b4:6e:61:18:93:6b:75:d7:29:
65:1e:18:4c:e2:33:e3:58:8a:ed:48:0b:4c:7d:31:5b:3f:f6:
fe:51:ab:65:70:88:30:e1:e1:a9:8c:96:fc:e0:63:74:54:29:
59:76:bf:9e:5f:0d:d7:58:d2:48:36:3f:2f:d0:06:af:db:2e:
fe:95:e3:fa:1c:de:1c:b7:bb:c5:e3:88:db:d2:a9:03:27:7e:
8c:c1:98:2e:bc:dd:d6:85:12:9e:67:70:72:cd:28:c4:f2:95:
77:d7:06:56:e3:21:23:af:9b:a9:99:ca:f6:35:c4:0a:c1:62:
3c:40:6b:d6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYe6Ci2CvB7jBPkYab3GMhZEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDI1MjAxMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmM5OTNkYjJkYWIxYzMzYTA4YjYxNzFkMTFkYjFiOTQyNjQxMjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRa+ydrNoFpY9SJL3uizEvs2vhpw
fP0D9QHapuoQTxlSYXIj6xHtfe56a7MO937jNuGE430PMwC5a7OcEu0axqXWgudi
BXhe7SgdvxQ4u0GuqYNrvPiZ7lnofW1Ufurgk/EXvX6CBxUkIKyxKsRfsH15lgoy
laDaqtTvLN6gPF/44VMVmUvdI1C1RT6PWncQhtLl2nteQL40VQFoDQqjTeDy0IWj
4S114LJUewa/cjSkPVlvGn0UBKRrVJ1YXPaEpe/GX1ArL2mT4SbEW18bMMS8XkVn
xEQgK65o4f6cn7a7dltf8Z/Co2HXSYcjmg5M1vjmK1tW3jD7FR69nvyF8wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKLJk9stqxwzoIthcdEdsblCZBJKMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvb3NtVDJ5MnJIRE9naTJGeDBSMnh1VUprRWtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSFVAwQA
vNYbAwQAvPDoMA0GCSqGSIb3DQEBCwUAA4IBAQBwc3WRjcAx+eYDYxCJiFbIS22M
7RpgxM7CsRG/WYmMtFESe5dVxYySxAGnSfGqaN+bch7BPN/HvSpfmpEXhHzILyQ1
W2GkMHXkUGQK8JzGHlLZ8iUg+HwKeYW6xsgaVc6vWJq0XB5CW/2U43qiOp/+t7nI
uuwVas9uAA4G4d+Yub3HrD7lhve0bmEYk2t11yllHhhM4jPjWIrtSAtMfTFbP/b+
UatlcIgw4eGpjJb84GN0VClZdr+eXw3XWNJINj8v0Aav2y7+leP6HN4ct7vF44jb
0qkDJ36MwZguvN3WhRKeZ3ByzSjE8pV31wZW4yEjr5upmcr2NcQKwWI8QGvW
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:03 2023 by rpki-client on console-fra.rpki-client.org