Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/pJ1dNXlrFkMLst5Q6SKrcDZYTEc.roa
File: pJ1dNXlrFkMLst5Q6SKrcDZYTEc.roa (raw, json)
Hash identifier: i2Li5BulLZsuk64OTPa9oUKp4FIxrKL8LtecsN0hgqU=
Subject key identifier: A4:9D:5D:35:79:6B:16:43:0B:B2:DE:50:E9:22:AB:70:36:58:4C:47
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B13E36D317AB4FA7E386805EB64ED051A
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/pJ1dNXlrFkMLst5Q6SKrcDZYTEc.roa
Signing time: Mon 09 Oct 2023 10:02:33 +0000
ROA not before: Mon 09 Oct 2023 10:02:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 188.240.68.0/24 maxlen: 24
45.156.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 14 Oct 2023 10:44:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:13:e3:6d:31:7a:b4:fa:7e:38:68:05:eb:64:ed:05:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 9 10:02:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a49d5d35796b16430bb2de50e922ab7036584c47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ae:36:2b:25:fc:a5:eb:72:98:92:e5:e1:27:
3b:ce:26:8e:b4:7d:03:7f:be:4a:bd:d0:ce:a6:0e:
2a:b6:f0:68:d5:08:ec:64:a8:d7:95:80:0e:0d:71:
3c:16:22:92:e3:e1:09:74:70:17:c2:a6:51:94:82:
5b:1f:a5:b4:f1:05:b8:b6:86:29:f7:91:58:e1:bb:
b7:ac:ee:cf:c6:8d:66:f3:35:50:03:df:6a:3e:38:
a6:ed:64:5a:37:7a:19:0c:8d:08:d6:91:c8:9c:8e:
16:42:a2:87:98:c3:26:a9:03:35:98:e5:e9:c9:26:
66:7a:5c:db:96:23:0a:70:26:28:4d:d6:49:ea:5f:
5b:b3:9c:fd:56:ac:72:ad:10:2f:f1:43:9d:9e:f2:
dc:f9:27:18:89:97:32:f1:1e:84:f2:5c:fa:30:e4:
3a:95:a3:47:b5:d1:d4:52:c4:a3:1c:fd:ab:e0:e3:
2b:79:b4:74:1b:22:f0:0f:66:20:98:b1:51:7d:ab:
bc:26:73:fc:0a:8d:8f:c5:0a:0c:eb:ef:8d:5c:3a:
e2:d1:96:c1:a8:76:38:cf:5f:fd:42:a5:de:56:2f:
0d:a4:89:ee:c1:14:89:8f:07:c1:8b:4d:e4:9e:18:
bf:5c:94:e4:51:88:bf:1f:12:79:3b:d6:70:14:b0:
2d:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:9D:5D:35:79:6B:16:43:0B:B2:DE:50:E9:22:AB:70:36:58:4C:47
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/pJ1dNXlrFkMLst5Q6SKrcDZYTEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.159.0/24
188.240.68.0/24
Signature Algorithm: sha256WithRSAEncryption
83:68:8e:7a:15:91:ce:f8:42:c1:b8:48:b4:7c:9f:92:ad:6a:
30:bc:13:91:77:da:96:aa:0c:a0:03:e4:01:61:9c:8d:59:03:
c5:bd:de:ef:01:51:d9:f5:12:37:d2:e3:6d:62:27:25:7b:7c:
83:58:7b:c8:5a:e1:86:e9:31:ca:95:0b:3d:29:3b:7f:f6:e9:
c2:f7:de:87:11:ed:c1:c8:fc:95:bb:e0:9a:fe:d4:2a:36:ea:
6e:13:93:cf:98:cb:31:4d:0a:05:52:ae:b0:c3:72:2d:ab:4d:
f4:7e:35:ba:7d:03:42:8b:a5:bf:04:98:a7:5c:94:70:e1:b6:
a5:74:24:31:13:35:fd:ed:0a:7b:81:cf:76:59:97:0a:13:18:
7b:35:f3:eb:52:6a:e5:bf:e9:28:90:d4:25:3a:1b:f6:e6:2a:
d0:be:ea:16:3a:36:4e:c9:1c:c1:7f:8d:25:e7:f0:aa:14:e7:
40:6c:e6:66:d6:fa:02:a7:d0:79:33:54:35:b9:c1:7b:6b:da:
f8:6a:0b:79:d1:35:9c:70:dc:0c:ad:df:73:86:6f:36:97:ee:
be:a1:87:62:cf:84:fe:dc:cd:b6:71:71:21:87:52:63:85:d8:
e1:2a:79:65:0e:ec:01:88:2a:82:af:13:df:a3:80:4d:36:1f:
4c:15:b2:47
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYsT420xerT6fjhoBetk7QUaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDA5MTAwMjMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDlkNWQzNTc5NmIxNjQzMGJiMmRlNTBlOTIyYWI3MDM2NTg0YzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAna42KyX8petymJLl4Sc7ziaOtH0D
f75KvdDOpg4qtvBo1QjsZKjXlYAODXE8FiKS4+EJdHAXwqZRlIJbH6W08QW4toYp
95FY4bu3rO7Pxo1m8zVQA99qPjim7WRaN3oZDI0I1pHInI4WQqKHmMMmqQM1mOXp
ySZmelzbliMKcCYoTdZJ6l9bs5z9VqxyrRAv8UOdnvLc+ScYiZcy8R6E8lz6MOQ6
laNHtdHUUsSjHP2r4OMrebR0GyLwD2YgmLFRfau8JnP8Co2PxQoM6++NXDri0ZbB
qHY4z1/9QqXeVi8NpInuwRSJjwfBi03knhi/XJTkUYi/HxJ5O9ZwFLAthwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKSdXTV5axZDC7LeUOkiq3A2WExHMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvcEoxZE5YbHJGa01Mc3Q1UTZTS3JjRFpZVEVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZyfAwQA
vPBEMA0GCSqGSIb3DQEBCwUAA4IBAQCDaI56FZHO+ELBuEi0fJ+SrWowvBORd9qW
qgygA+QBYZyNWQPFvd7vAVHZ9RI30uNtYicle3yDWHvIWuGG6THKlQs9KTt/9unC
996HEe3ByPyVu+Ca/tQqNupuE5PPmMsxTQoFUq6ww3Itq030fjW6fQNCi6W/BJin
XJRw4baldCQxEzX97Qp7gc92WZcKExh7NfPrUmrlv+kokNQlOhv25irQvuoWOjZO
yRzBf40l5/CqFOdAbOZm1voCp9B5M1Q1ucF7a9r4agt50TWccNwMrd9zhm82l+6+
oYdiz4T+3M22cXEhh1JjhdjhKnllDuwBiCqCrxPfo4BNNh9MFbJH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:48 2024 by rpki-client on console-fra.rpki-client.org