Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/rTy9NvoNwPRwZ9NiObrIqp_gvEA.roa
File: rTy9NvoNwPRwZ9NiObrIqp_gvEA.roa (raw, json)
Hash identifier: qqQSUK5YHVBaGmj0GFMfrLXMw0UPgJYwv4L8eGIwLK4=
Subject key identifier: AD:3C:BD:36:FA:0D:C0:F4:70:67:D3:62:39:BA:C8:AA:9F:E0:BC:40
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018608EF1947CDC292C2292577E11FD4389F
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/rTy9NvoNwPRwZ9NiObrIqp_gvEA.roa
Signing time: Tue 31 Jan 2023 17:45:32 +0000
ROA not before: Tue 31 Jan 2023 17:45:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 185.255.36.0/24 maxlen: 24
185.135.142.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.240.226.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:08:ef:19:47:cd:c2:92:c2:29:25:77:e1:1f:d4:38:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 31 17:45:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad3cbd36fa0dc0f47067d36239bac8aa9fe0bc40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:64:3e:f9:5b:1a:5d:e2:21:8a:de:60:42:2f:
a7:82:f0:e5:27:85:20:f7:d0:1f:07:d5:a0:23:94:
d2:ab:7a:a8:ed:1e:53:88:d6:7a:f6:8c:21:ee:28:
07:ce:c7:36:40:42:cd:fa:ec:dd:53:2b:88:49:d3:
3c:c6:e0:c7:10:ea:a7:df:4a:91:c7:1b:0f:60:61:
d0:81:77:63:be:cb:83:1f:38:07:8c:b7:98:a6:5f:
01:81:d0:3b:f3:64:24:cc:87:b4:e9:1d:bd:6f:6c:
29:06:76:71:30:f8:24:a2:ee:38:4e:f6:21:b5:71:
8a:b3:28:99:a7:48:76:81:5a:f1:88:1b:ba:2d:d7:
e2:86:55:ad:81:8c:ef:31:8f:21:81:c5:4e:6f:3b:
10:22:78:f8:fb:be:ca:a9:c7:80:03:36:a7:71:b6:
02:fa:73:01:22:10:5b:f3:0d:f3:54:29:ba:f7:ca:
b8:24:f3:dc:e1:ad:56:ec:ee:7c:35:6e:bb:ee:da:
b7:e1:f2:50:79:da:6e:58:52:a0:e8:68:46:79:0b:
eb:c8:95:f6:0d:1b:0b:83:44:60:e3:91:84:bc:59:
ea:3f:c3:aa:1c:21:e8:37:77:61:39:0b:89:11:f9:
3b:3c:f4:9d:eb:98:5e:32:ad:21:c8:33:3d:59:79:
c1:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:3C:BD:36:FA:0D:C0:F4:70:67:D3:62:39:BA:C8:AA:9F:E0:BC:40
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/rTy9NvoNwPRwZ9NiObrIqp_gvEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.142.0/24
185.255.36.0/24
185.255.39.0/24
188.240.226.0/23
Signature Algorithm: sha256WithRSAEncryption
53:c2:93:4e:45:87:fc:c6:23:9b:c6:36:c9:92:01:09:72:de:
15:58:91:a6:ef:8c:ef:d5:68:0b:d1:99:af:3c:dc:61:b3:1e:
6e:b5:17:cf:b9:74:62:d4:96:a8:14:1b:aa:8c:8c:3b:8a:74:
82:f4:6e:2c:85:bd:23:88:26:51:29:2c:5b:1a:40:56:03:03:
e0:ec:3a:eb:7b:5e:6f:58:14:a2:ca:84:b7:1e:9c:5e:67:03:
fb:5c:80:75:68:3d:85:58:b9:56:62:42:c8:e4:91:8c:49:f9:
93:75:d8:e6:9a:5e:1b:f4:cb:f7:55:25:ca:88:80:72:b1:43:
45:63:1c:26:f3:0b:05:9f:48:4d:b1:26:66:31:72:ec:88:af:
ae:de:ab:06:96:e1:3f:19:99:78:b4:82:74:08:db:b3:b0:c6:
3e:1b:51:07:53:9d:ae:e5:16:ad:45:63:f6:67:c0:fa:5e:05:
39:3b:33:b2:d6:79:4d:26:99:d3:ba:3c:cd:ea:e6:f0:98:20:
70:ce:34:b4:dc:10:c0:0c:bf:f8:eb:ec:85:96:ec:bf:ef:11:
82:35:3c:84:2b:ce:05:b8:b1:34:bc:f8:bd:8e:6e:7b:f1:81:
69:9e:3e:52:6b:50:a9:1d:06:a8:95:1d:f1:df:17:81:0c:4e:
80:51:e2:b7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYYI7xlHzcKSwikld+Ef1DifMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTMxMTc0NTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDNjYmQzNmZhMGRjMGY0NzA2N2QzNjIzOWJhYzhhYTlmZTBiYzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWQ++VsaXeIhit5gQi+ngvDlJ4Ug
99AfB9WgI5TSq3qo7R5TiNZ69owh7igHzsc2QELN+uzdUyuISdM8xuDHEOqn30qR
xxsPYGHQgXdjvsuDHzgHjLeYpl8BgdA782QkzIe06R29b2wpBnZxMPgkou44TvYh
tXGKsyiZp0h2gVrxiBu6LdfihlWtgYzvMY8hgcVObzsQInj4+77KqceAAzancbYC
+nMBIhBb8w3zVCm698q4JPPc4a1W7O58NW677tq34fJQedpuWFKg6GhGeQvryJX2
DRsLg0Rg45GEvFnqP8OqHCHoN3dhOQuJEfk7PPSd65heMq0hyDM9WXnB1QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK08vTb6DcD0cGfTYjm6yKqf4LxAMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvclR5OU52b053UFJ3WjlOaU9icklxcF9ndkVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuYeOAwQA
uf8kAwQAuf8nAwQBvPDiMA0GCSqGSIb3DQEBCwUAA4IBAQBTwpNORYf8xiObxjbJ
kgEJct4VWJGm74zv1WgL0ZmvPNxhsx5utRfPuXRi1JaoFBuqjIw7inSC9G4shb0j
iCZRKSxbGkBWAwPg7Drre15vWBSiyoS3HpxeZwP7XIB1aD2FWLlWYkLI5JGMSfmT
ddjmml4b9Mv3VSXKiIBysUNFYxwm8wsFn0hNsSZmMXLsiK+u3qsGluE/GZl4tIJ0
CNuzsMY+G1EHU52u5RatRWP2Z8D6XgU5OzOy1nlNJpnTujzN6ubwmCBwzjS03BDA
DL/46+yFluy/7xGCNTyEK84FuLE0vPi9jm578YFpnj5Sa1CpHQaolR3x3xeBDE6A
UeK3
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:56 2023 by rpki-client on console-ams.rpki-client.org