Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/r2iZizZOGPnLcbIR78yvdHtpt3o.roa
File: r2iZizZOGPnLcbIR78yvdHtpt3o.roa (raw, json)
Hash identifier: tk0Aw1qtBeJpvU+JapC22Mogk4ZshvwcNDBn5aKcsrM=
Subject key identifier: AF:68:99:8B:36:4E:18:F9:CB:71:B2:11:EF:CC:AF:74:7B:69:B7:7A
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B3946DDB8F04571C3332959C70C7AA489
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/r2iZizZOGPnLcbIR78yvdHtpt3o.roa
Signing time: Mon 16 Oct 2023 16:17:07 +0000
ROA not before: Mon 16 Oct 2023 16:17:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199760
IP address blocks: 188.241.242.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
188.241.182.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
93.115.109.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:39:46:dd:b8:f0:45:71:c3:33:29:59:c7:0c:7a:a4:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 16 16:17:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af68998b364e18f9cb71b211efccaf747b69b77a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:39:ff:44:50:7c:fa:70:77:91:84:25:96:f8:
68:3a:01:8b:8f:41:86:5c:b8:de:66:b1:5b:d4:d6:
fe:5a:ec:11:21:2b:03:7d:1c:a6:c9:3a:53:4f:88:
c0:99:14:3b:03:79:7f:f9:df:3c:fb:50:25:3d:35:
e5:43:0c:3b:b4:75:25:56:19:b8:be:b0:21:19:0e:
7a:13:6b:14:d8:0e:fc:ed:5c:f5:ce:93:8a:4e:5d:
b7:e9:a0:84:5c:8b:5e:42:cf:d2:54:2d:c8:04:cd:
6b:4f:5c:83:d7:db:48:a5:e5:68:f4:1f:b0:e8:76:
a7:7b:73:e8:e9:d8:cb:e9:28:f4:a2:da:0a:ef:66:
d1:4c:63:4b:3d:b7:f5:84:49:4e:b0:37:fd:b5:43:
28:a7:98:e3:99:9a:2d:a5:e5:99:89:ef:5a:e3:be:
55:dc:55:25:08:17:6f:e9:c8:2c:26:24:42:04:31:
aa:a4:d1:01:18:62:d9:dd:7f:5c:93:ad:03:49:9d:
07:69:ef:f4:98:bf:46:65:80:74:29:c0:46:6c:76:
8b:43:b0:c7:e8:e3:65:6b:d3:c4:89:59:17:25:d9:
cb:81:05:92:4a:4d:83:36:b6:a5:bb:8f:0a:d4:0c:
1d:76:a3:48:ab:01:2b:d6:7b:2e:2b:ea:7a:73:65:
43:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:68:99:8B:36:4E:18:F9:CB:71:B2:11:EF:CC:AF:74:7B:69:B7:7A
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/r2iZizZOGPnLcbIR78yvdHtpt3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.84.0/24
89.37.62.0/24
93.115.109.0/24
188.212.132.0/24
188.212.158.0/24
188.241.182.0/24
188.241.242.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:3c:78:5a:62:fc:0f:89:1a:62:3b:6e:5d:9d:10:a5:c4:5f:
34:72:86:74:bc:c8:1c:b2:4d:7e:e2:69:c8:d2:a0:b9:0a:2e:
51:80:da:8b:e3:f4:97:de:60:24:dc:24:1f:08:d7:12:85:91:
26:04:e2:8c:a7:de:8f:18:78:61:66:3f:ba:87:b8:c8:59:df:
0f:40:89:7c:65:a9:47:02:15:87:4c:15:a0:03:0e:5c:ce:3b:
7f:1c:3e:58:6d:2e:b6:40:65:ee:50:dd:50:ab:29:d2:a9:49:
6f:7b:d3:ec:8a:16:8f:81:cd:28:9a:50:7d:2b:f0:60:d9:dd:
99:ec:bd:5c:35:7b:68:50:90:85:09:95:58:8a:ff:f6:d3:35:
5e:04:0d:36:a6:da:3a:25:59:f7:ed:9a:c4:dd:eb:1b:5f:4c:
fd:fb:2e:eb:1f:a6:a0:81:fd:ff:77:52:c8:3c:1f:ed:3c:3a:
e1:d2:79:38:36:ab:39:d9:7b:3a:23:3d:38:72:c5:05:78:59:
bb:e1:95:74:a7:16:24:22:ad:62:f3:11:b9:bb:da:c5:9a:f1:
5f:f5:9c:da:ac:ea:99:97:c4:4f:ee:73:79:92:78:66:98:35:
58:2e:ee:dd:c7:a4:f1:25:0f:38:9d:71:42:0d:8a:b9:0d:97:
11:da:cd:6f
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYs5Rt248EVxwzMpWccMeqSJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDE2MTYxNzA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjY4OTk4YjM2NGUxOGY5Y2I3MWIyMTFlZmNjYWY3NDdiNjliNzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzn/RFB8+nB3kYQllvhoOgGLj0GG
XLjeZrFb1Nb+WuwRISsDfRymyTpTT4jAmRQ7A3l/+d88+1AlPTXlQww7tHUlVhm4
vrAhGQ56E2sU2A787Vz1zpOKTl236aCEXIteQs/SVC3IBM1rT1yD19tIpeVo9B+w
6Hane3Po6djL6Sj0otoK72bRTGNLPbf1hElOsDf9tUMop5jjmZotpeWZie9a475V
3FUlCBdv6cgsJiRCBDGqpNEBGGLZ3X9ck60DSZ0Hae/0mL9GZYB0KcBGbHaLQ7DH
6ONla9PEiVkXJdnLgQWSSk2DNralu48K1AwddqNIqwEr1nsuK+p6c2VDYQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFK9omYs2Thj5y3GyEe/Mr3R7abd6MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvcjJpWml6Wk9HUG5MY2JJUjc4eXZkSHRwdDNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAWSFUAwQA
WSU+AwQAXXNtAwQAvNSEAwQAvNSeAwQAvPG2AwQAvPHyMA0GCSqGSIb3DQEBCwUA
A4IBAQA/PHhaYvwPiRpiO25dnRClxF80coZ0vMgcsk1+4mnI0qC5Ci5RgNqL4/SX
3mAk3CQfCNcShZEmBOKMp96PGHhhZj+6h7jIWd8PQIl8ZalHAhWHTBWgAw5czjt/
HD5YbS62QGXuUN1QqynSqUlve9PsihaPgc0omlB9K/Bg2d2Z7L1cNXtoUJCFCZVY
iv/20zVeBA02pto6JVn37ZrE3esbX0z9+y7rH6aggf3/d1LIPB/tPDrh0nk4Nqs5
2Xs6Iz04csUFeFm74ZV0pxYkIq1i8xG5u9rFmvFf9ZzarOqZl8RP7nN5knhmmDVY
Lu7dx6TxJQ84nXFCDYq5DZcR2s1v
-----END CERTIFICATE-----
Generated at Mon Oct 30 19:36:31 2023 by rpki-client on console-fra.rpki-client.org