Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/t-NoKFY1HoeKaDAYjQr_YnrMw54.roa
File: t-NoKFY1HoeKaDAYjQr_YnrMw54.roa (raw, json)
Hash identifier: YyzcHSbY/F7qMLSdDpPpd7NT5ymb2Uf03wRnvF2Cvbc=
Subject key identifier: B7:E3:68:28:56:35:1E:87:8A:68:30:18:8D:0A:FF:62:7A:CC:C3:9E
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018DC502F6F0B93FD79FE2E07BCD3A173FD8
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/t-NoKFY1HoeKaDAYjQr_YnrMw54.roa
Signing time: Tue 20 Feb 2024 05:35:22 +0000
ROA not before: Tue 20 Feb 2024 05:35:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6762
IP address blocks: 62.197.136.0/21 maxlen: 24
93.114.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Sep 2024 12:45:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c5:02:f6:f0:b9:3f:d7:9f:e2:e0:7b:cd:3a:17:3f:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 20 05:35:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7e3682856351e878a6830188d0aff627accc39e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:2b:7d:fd:9d:62:1f:e8:b4:90:86:6a:50:75:
bf:6c:d7:2b:96:fb:4b:91:94:4e:3b:3b:1b:4f:2b:
5c:f4:bc:c7:da:04:15:3a:42:dd:9f:94:5f:f2:3c:
8d:d9:40:a4:62:50:ad:02:d3:1d:96:64:4a:9e:0f:
ea:75:6b:90:a7:a6:a8:de:74:99:ce:78:1e:89:6b:
f4:be:fe:1f:b8:f7:13:20:33:6e:c2:40:c3:db:05:
32:8b:29:23:e4:65:cb:8b:5e:50:50:40:f3:0b:6e:
ef:a0:fa:27:16:fa:05:58:06:0b:27:1a:33:5c:06:
62:55:7e:2f:b4:4d:34:b2:92:1e:ab:a3:ae:ae:26:
c7:e9:a8:b9:d8:88:4f:64:80:aa:08:be:b2:2a:7b:
0f:b0:37:18:cd:11:a7:ef:c8:bd:66:6d:c9:63:f5:
32:ce:5e:bc:09:94:2c:0f:ce:d4:03:44:6b:a6:44:
1f:2c:2b:ec:03:60:75:1a:ad:1b:b8:8d:e6:40:85:
3f:9f:cd:c4:0b:5d:a8:cb:d3:4e:0c:0e:46:98:7e:
ca:31:19:f2:a3:7c:7d:6e:f7:38:db:ba:b6:41:73:
89:9d:21:f7:fd:97:0e:b5:c7:20:0d:b1:27:30:8c:
24:75:99:3f:22:18:86:fc:24:69:d3:b5:2e:5e:0b:
2d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:E3:68:28:56:35:1E:87:8A:68:30:18:8D:0A:FF:62:7A:CC:C3:9E
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/t-NoKFY1HoeKaDAYjQr_YnrMw54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.197.136.0/21
93.114.195.0/24
Signature Algorithm: sha256WithRSAEncryption
00:8c:72:1c:80:22:69:4e:0a:7e:65:99:89:46:60:60:56:6e:
97:97:99:40:ea:39:08:ef:7b:82:96:6b:e0:0b:09:13:e7:24:
25:05:3d:ec:a6:62:77:bc:3e:5c:54:d6:73:24:a2:27:b6:97:
f7:05:35:57:42:ed:c1:3a:fb:cc:50:9c:98:81:cb:6e:26:8c:
f1:90:05:46:22:b1:a7:5e:ee:f2:df:be:cf:0e:51:f1:72:b4:
be:e2:50:2a:ab:cf:65:c2:9d:24:77:87:c1:5c:01:bd:23:e6:
39:1e:12:38:fa:0e:fe:14:ad:e3:e3:b7:8a:e6:27:c7:5f:08:
5d:df:f3:49:ec:02:fa:26:8f:16:93:6d:a4:5f:55:ec:f7:26:
74:12:74:14:9b:d9:93:bf:95:d7:ee:9c:b4:8d:35:42:ef:ef:
2f:b9:72:6e:a2:44:da:52:ac:0c:21:43:53:7e:ec:6e:3d:5e:
62:92:f2:44:ce:cf:b3:43:1f:74:4c:b1:09:3e:f0:f0:33:3a:
f8:3a:3e:e6:69:68:5e:9a:70:0d:5a:3e:a4:17:51:53:69:02:
64:d5:8e:c0:1b:ab:b1:16:be:cc:fa:75:56:5b:04:cd:01:01:
84:fc:e9:88:7a:1a:eb:67:5f:3b:af:14:67:2c:be:16:35:82:
8e:b0:53:35
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3FAvbwuT/Xn+Lge806Fz/YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMjIwMDUzNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2UzNjgyODU2MzUxZTg3OGE2ODMwMTg4ZDBhZmY2MjdhY2NjMzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSt9/Z1iH+i0kIZqUHW/bNcrlvtL
kZROOzsbTytc9LzH2gQVOkLdn5Rf8jyN2UCkYlCtAtMdlmRKng/qdWuQp6ao3nSZ
zngeiWv0vv4fuPcTIDNuwkDD2wUyiykj5GXLi15QUEDzC27voPonFvoFWAYLJxoz
XAZiVX4vtE00spIeq6OuribH6ai52IhPZICqCL6yKnsPsDcYzRGn78i9Zm3JY/Uy
zl68CZQsD87UA0RrpkQfLCvsA2B1Gq0buI3mQIU/n83EC12oy9NODA5GmH7KMRny
o3x9bvc427q2QXOJnSH3/ZcOtccgDbEnMIwkdZk/IhiG/CRp07UuXgstdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLfjaChWNR6HimgwGI0K/2J6zMOeMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdC1Ob0tGWTFIb2VLYURBWWpRcl9ZbnJNdzU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDPsWIAwQA
XXLDMA0GCSqGSIb3DQEBCwUAA4IBAQAAjHIcgCJpTgp+ZZmJRmBgVm6Xl5lA6jkI
73uClmvgCwkT5yQlBT3spmJ3vD5cVNZzJKIntpf3BTVXQu3BOvvMUJyYgctuJozx
kAVGIrGnXu7y377PDlHxcrS+4lAqq89lwp0kd4fBXAG9I+Y5HhI4+g7+FK3j47eK
5ifHXwhd3/NJ7AL6Jo8Wk22kX1Xs9yZ0EnQUm9mTv5XX7py0jTVC7+8vuXJuokTa
UqwMIUNTfuxuPV5ikvJEzs+zQx90TLEJPvDwMzr4Oj7maWhemnANWj6kF1FTaQJk
1Y7AG6uxFr7M+nVWWwTNAQGE/OmIehrrZ187rxRnLL4WNYKOsFM1
-----END CERTIFICATE-----
Generated at Wed Sep 18 19:07:30 2024 by rpki-client on console-ams.rpki-client.org