Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/rpKLHxu2ddlvlBk1Pl9JedDtG-0.roa
File: rpKLHxu2ddlvlBk1Pl9JedDtG-0.roa (raw, json)
Hash identifier: Jcrt4cnlvEYq5GV2UB4VqVxZl3kkLyF0NGHco/n0wak=
Subject key identifier: AE:92:8B:1F:1B:B6:75:D9:6F:94:19:35:3E:5F:49:79:D0:ED:1B:ED
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0186E694AA5AE7179D7AA703D3519DA3114E
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/rpKLHxu2ddlvlBk1Pl9JedDtG-0.roa
Signing time: Wed 15 Mar 2023 18:42:27 +0000
ROA not before: Wed 15 Mar 2023 18:42:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17447
IP address blocks: 93.115.254.0/24 maxlen: 24
188.241.248.0/24 maxlen: 24
188.241.159.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
89.34.126.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
185.238.8.0/24 maxlen: 24
185.238.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Mar 2023 07:16:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e6:94:aa:5a:e7:17:9d:7a:a7:03:d3:51:9d:a3:11:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 15 18:42:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae928b1f1bb675d96f9419353e5f4979d0ed1bed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4e:89:cb:92:93:e7:f3:c3:b2:6c:95:e5:66:
99:a9:dc:55:ae:42:4c:cd:21:5e:44:4d:c6:b9:4a:
15:d5:f6:78:2a:2c:e8:ad:15:e3:99:46:5a:66:73:
d4:bc:c5:90:54:8e:86:60:41:80:a2:5e:ee:b5:c7:
a4:24:97:22:45:66:88:a4:41:3c:61:dd:c0:29:01:
4e:6e:27:4e:5a:2c:52:f3:ff:61:df:e5:6f:bf:b1:
5c:e9:7c:99:8b:5e:c2:4a:3d:73:70:17:ad:a5:4b:
e6:25:d6:ee:c2:07:1c:51:88:8d:0c:24:1a:76:94:
66:a6:6c:83:60:7c:91:a9:84:55:ec:ae:6d:cd:d2:
52:25:64:aa:69:58:ae:9d:fe:c7:0f:00:41:e1:15:
f8:97:f0:ca:e8:20:80:a1:ca:51:de:4e:a0:41:7a:
ae:c9:2f:e0:05:85:f7:93:69:ea:26:ce:a3:e3:3c:
7f:c2:b3:5c:27:6f:7a:c0:c5:46:1a:18:95:6c:a2:
96:88:e4:68:d1:90:20:88:64:92:8b:f3:b5:3a:ad:
e6:dc:a4:e7:0d:64:f1:70:49:8e:2a:2b:22:de:b6:
cd:1a:e6:b8:d6:bf:9c:1b:0c:fc:98:f2:c9:95:6d:
e9:2b:fa:56:78:6e:eb:e4:ba:72:25:77:98:c1:19:
3d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:92:8B:1F:1B:B6:75:D9:6F:94:19:35:3E:5F:49:79:D0:ED:1B:ED
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/rpKLHxu2ddlvlBk1Pl9JedDtG-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.126.0/24
93.115.254.0/24
185.238.8.0/24
185.238.11.0/24
188.240.224.0/24
188.241.159.0/24
188.241.248.0/24
213.232.92.0/24
Signature Algorithm: sha256WithRSAEncryption
29:c9:93:ac:d7:e7:67:a1:0f:fd:1b:88:ee:ca:55:66:01:34:
ab:e4:9e:fd:dc:b3:8e:06:38:87:f4:2c:e1:99:d6:22:2e:3f:
69:12:8b:7c:f1:51:84:9b:45:34:29:22:61:cc:e5:83:0e:4e:
9e:91:a9:5c:75:35:26:53:89:62:85:f7:34:f9:4e:66:4c:5c:
08:b1:64:9c:c3:f9:9f:37:9e:3a:7a:b8:be:6e:c7:2e:14:4c:
1d:42:98:4c:ca:1c:75:21:12:ce:c1:01:11:ec:d8:d3:d2:77:
3b:12:b3:5f:ae:6c:dd:b1:bb:aa:0f:da:1e:6e:76:eb:99:7f:
a3:f2:42:a0:9a:fe:3a:fa:07:a8:33:3b:b1:6b:57:ff:40:40:
0e:1a:a9:5a:57:25:32:07:6c:44:be:19:af:0f:8a:19:08:b6:
ae:bc:ec:77:b6:8c:cd:0c:c2:9f:6e:4f:4d:0b:88:85:3a:46:
7c:74:d3:8c:1f:9b:90:26:46:3f:6a:2e:38:4a:a5:59:84:8b:
81:a4:69:59:2d:66:09:af:8e:55:38:aa:6a:bc:9e:7b:b4:03:
a8:ad:13:97:17:3f:b5:c8:57:75:65:63:26:65:2a:36:d2:d4:
cc:6a:73:db:64:40:1b:7a:67:f0:d9:66:b9:7d:7a:0b:50:9f:
04:95:75:b7
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYbmlKpa5xedeqcD01GdoxFOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzE1MTg0MjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTkyOGIxZjFiYjY3NWQ5NmY5NDE5MzUzZTVmNDk3OWQwZWQxYmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq06Jy5KT5/PDsmyV5WaZqdxVrkJM
zSFeRE3GuUoV1fZ4KizorRXjmUZaZnPUvMWQVI6GYEGAol7utcekJJciRWaIpEE8
Yd3AKQFObidOWixS8/9h3+Vvv7Fc6XyZi17CSj1zcBetpUvmJdbuwgccUYiNDCQa
dpRmpmyDYHyRqYRV7K5tzdJSJWSqaViunf7HDwBB4RX4l/DK6CCAocpR3k6gQXqu
yS/gBYX3k2nqJs6j4zx/wrNcJ296wMVGGhiVbKKWiORo0ZAgiGSSi/O1Oq3m3KTn
DWTxcEmOKisi3rbNGua41r+cGwz8mPLJlW3pK/pWeG7r5LpyJXeYwRk98wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFK6Six8btnXZb5QZNT5fSXnQ7RvtMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvcnBLTEh4dTJkZGx2bEJrMVBsOUplZER0Ry0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAWSJ+AwQA
XXP+AwQAue4IAwQAue4LAwQAvPDgAwQAvPGfAwQAvPH4AwQA1ehcMA0GCSqGSIb3
DQEBCwUAA4IBAQApyZOs1+dnoQ/9G4juylVmATSr5J793LOOBjiH9CzhmdYiLj9p
Eot88VGEm0U0KSJhzOWDDk6ekalcdTUmU4lihfc0+U5mTFwIsWScw/mfN546eri+
bscuFEwdQphMyhx1IRLOwQER7NjT0nc7ErNfrmzdsbuqD9oebnbrmX+j8kKgmv46
+geoMzuxa1f/QEAOGqlaVyUyB2xEvhmvD4oZCLauvOx3tozNDMKfbk9NC4iFOkZ8
dNOMH5uQJkY/ai44SqVZhIuBpGlZLWYJr45VOKpqvJ57tAOorROXFz+1yFd1ZWMm
ZSo20tTManPbZEAbemfw2Wa5fXoLUJ8ElXW3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:48 2024 by rpki-client on console-fra.rpki-client.org