Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tLrtBlIpYr-dkXMSUO_ImYm8QVo.roa
File: tLrtBlIpYr-dkXMSUO_ImYm8QVo.roa (raw, json)
Hash identifier: hSj1p21SqyvMdNJZLY2ZEjrWUUF7n2AjH9Jz70aPj64=
Subject key identifier: B4:BA:ED:06:52:29:62:BF:9D:91:73:12:50:EF:C8:99:89:BC:41:5A
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01874B604CC7C747A88FEF7E78A68C214796
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tLrtBlIpYr-dkXMSUO_ImYm8QVo.roa
Signing time: Tue 04 Apr 2023 08:26:54 +0000
ROA not before: Tue 04 Apr 2023 08:26:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38337
IP address blocks: 188.241.243.0/24 maxlen: 24
188.240.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 May 2023 07:37:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4b:60:4c:c7:c7:47:a8:8f:ef:7e:78:a6:8c:21:47:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 4 08:26:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4baed06522962bf9d91731250efc89989bc415a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:06:cc:a4:5b:82:6f:de:f0:0a:cb:b4:1b:11:
c9:08:90:61:04:49:42:b8:1c:23:63:c0:e7:6e:31:
95:a4:73:db:ac:b5:c8:57:b6:2f:a6:70:a0:df:16:
93:d5:d1:1e:7e:c7:9e:be:4e:93:c8:ad:5c:c7:0d:
b5:d9:4c:8e:1b:96:3c:27:ea:c8:df:cc:12:02:a3:
e2:14:4a:67:49:de:5d:dc:4c:d0:58:a9:f2:b7:1a:
66:7e:c4:3e:0f:d8:c5:e5:cb:68:4f:6f:97:e1:6d:
44:ad:8b:89:af:b5:a2:48:c3:bd:b9:95:f3:e8:86:
fb:4e:c8:0d:87:31:cf:53:ef:5a:e6:57:64:10:3a:
b0:dd:ed:53:b7:5d:ec:af:38:b5:e1:d0:75:f1:53:
02:84:be:83:7a:eb:7d:d2:bd:22:48:a5:cb:1a:ac:
a5:e1:8e:35:52:b4:a3:e9:94:44:ae:10:c3:06:af:
be:3f:0d:d4:62:af:1e:7e:a6:79:68:bf:0d:3d:49:
7e:8e:57:0e:e1:5e:79:8b:12:a1:4d:2e:a3:81:da:
44:7e:ee:26:ef:ea:61:11:83:a8:65:df:ed:2c:d2:
66:26:2c:58:07:f2:7e:dd:da:05:8c:2f:83:3c:6a:
c9:ce:fb:7f:21:0c:fb:bc:27:08:86:8e:d0:79:8b:
85:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:BA:ED:06:52:29:62:BF:9D:91:73:12:50:EF:C8:99:89:BC:41:5A
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tLrtBlIpYr-dkXMSUO_ImYm8QVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.240.230.0/24
188.241.243.0/24
Signature Algorithm: sha256WithRSAEncryption
57:f5:bb:29:d8:10:b4:4d:6d:21:b6:a1:82:cb:25:48:74:2a:
ea:c0:2c:96:66:62:32:22:22:da:02:30:58:39:39:6a:4e:12:
cc:c5:7f:e6:fb:bf:7e:1d:0d:ba:b8:50:93:f4:26:bf:69:2d:
ea:b8:d9:92:71:7e:5f:23:e9:37:e2:80:e2:68:7d:b7:fe:6e:
46:c4:fa:c4:a9:86:0b:4e:54:4b:79:8d:8e:2a:8f:50:ca:a9:
30:b7:bc:0c:f8:33:1e:bb:b0:21:e1:82:bd:59:f5:1a:d2:f3:
dd:eb:f7:4e:8d:e6:7d:3a:0e:b6:82:72:89:6e:93:ec:96:f2:
8f:26:de:0a:0f:98:f0:71:0c:b0:e6:ac:fa:18:86:d1:09:b9:
e4:3b:67:cc:16:50:21:4a:b8:26:3d:17:35:ac:1c:50:ce:2f:
73:f5:7e:3b:26:3d:7b:ac:28:95:ee:79:6e:5f:8a:26:ee:73:
8f:cb:95:cb:0b:e4:01:4b:55:88:1d:95:64:71:d3:0d:49:ed:
a6:62:38:ea:0c:fa:1a:9d:68:80:dd:aa:b0:c4:d6:af:1f:5b:
0d:46:12:77:a3:3d:8c:e9:05:32:b7:82:2f:0b:f7:ac:b4:a1:
74:b7:ea:22:b6:22:5d:ba:d7:6c:01:43:af:c1:00:50:53:80:
67:55:5b:e1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdLYEzHx0eoj+9+eKaMIUeWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDA0MDgyNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGJhZWQwNjUyMjk2MmJmOWQ5MTczMTI1MGVmYzg5OTg5YmM0MTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwbMpFuCb97wCsu0GxHJCJBhBElC
uBwjY8DnbjGVpHPbrLXIV7YvpnCg3xaT1dEefseevk6TyK1cxw212UyOG5Y8J+rI
38wSAqPiFEpnSd5d3EzQWKnytxpmfsQ+D9jF5ctoT2+X4W1ErYuJr7WiSMO9uZXz
6Ib7TsgNhzHPU+9a5ldkEDqw3e1Tt13srzi14dB18VMChL6Deut90r0iSKXLGqyl
4Y41UrSj6ZRErhDDBq++Pw3UYq8efqZ5aL8NPUl+jlcO4V55ixKhTS6jgdpEfu4m
7+phEYOoZd/tLNJmJixYB/J+3doFjC+DPGrJzvt/IQz7vCcIho7QeYuFNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLS67QZSKWK/nZFzElDvyJmJvEFaMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdExydEJsSXBZci1ka1hNU1VPX0ltWW04UVZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvPDmAwQA
vPHzMA0GCSqGSIb3DQEBCwUAA4IBAQBX9bsp2BC0TW0htqGCyyVIdCrqwCyWZmIy
IiLaAjBYOTlqThLMxX/m+79+HQ26uFCT9Ca/aS3quNmScX5fI+k34oDiaH23/m5G
xPrEqYYLTlRLeY2OKo9Qyqkwt7wM+DMeu7Ah4YK9WfUa0vPd6/dOjeZ9Og62gnKJ
bpPslvKPJt4KD5jwcQyw5qz6GIbRCbnkO2fMFlAhSrgmPRc1rBxQzi9z9X47Jj17
rCiV7nluX4om7nOPy5XLC+QBS1WIHZVkcdMNSe2mYjjqDPoanWiA3aqwxNavH1sN
RhJ3oz2M6QUyt4IvC/estKF0t+oitiJdutdsAUOvwQBQU4BnVVvh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:14 2024 by rpki-client on console-ams.rpki-client.org