Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tNWou5tWuj2nffdRCFNh-i_4w_w.roa
File: tNWou5tWuj2nffdRCFNh-i_4w_w.roa (raw, json)
Hash identifier: OylWpSuAl9ibBHrgQIIbQFVWMcl08js9+ueSzmoY2W4=
Subject key identifier: B4:D5:A8:BB:9B:56:BA:3D:A7:7D:F7:51:08:53:61:FA:2F:F8:C3:FC
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018910461F2E443A63905CC937479C5AB222
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tNWou5tWuj2nffdRCFNh-i_4w_w.roa
Signing time: Sat 01 Jul 2023 07:06:18 +0000
ROA not before: Sat 01 Jul 2023 07:06:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 93.114.192.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
185.135.141.0/24 maxlen: 24
188.241.182.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Jul 2023 06:00:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:10:46:1f:2e:44:3a:63:90:5c:c9:37:47:9c:5a:b2:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 1 07:06:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4d5a8bb9b56ba3da77df751085361fa2ff8c3fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fd:26:0c:dc:04:0b:64:f2:17:70:a9:4f:0b:
e1:f0:82:8c:19:6d:04:a0:f8:97:c8:1d:10:9c:ed:
20:53:0d:72:88:c2:3d:a8:0d:6d:f0:9c:30:0a:bb:
b9:9f:7f:e4:eb:f7:9a:cb:e4:be:29:d5:75:55:a9:
19:c4:e3:61:da:67:e0:c6:36:82:47:f9:f1:03:a5:
c8:2c:d9:a9:c7:2a:67:f6:2e:b3:44:64:12:a4:43:
05:57:df:61:97:74:13:30:43:32:73:91:be:5b:53:
62:36:63:01:c6:ba:6c:1d:f0:6c:1c:49:0d:9a:36:
4e:e1:bf:40:c9:1a:4a:90:58:73:1a:b8:a8:90:16:
79:4d:04:fe:01:60:03:b1:da:8f:66:bf:d1:da:ee:
9d:63:0e:6f:ff:b7:79:26:3d:2c:bb:81:90:8b:97:
c9:7c:a0:9b:51:26:bb:1d:72:df:7c:e7:a4:da:48:
01:9e:54:94:e4:43:85:df:e8:6f:ec:b0:df:8b:4e:
2b:81:0a:1e:e1:0f:f4:30:a1:12:7b:ef:0d:8b:6b:
ee:e9:ce:e1:23:21:0c:7b:3e:62:38:63:c9:7b:c3:
b7:a1:54:97:08:c1:97:8b:eb:fe:02:6b:58:c8:e4:
76:42:9c:97:c8:fb:c7:de:b5:1f:76:f5:e4:55:12:
31:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:D5:A8:BB:9B:56:BA:3D:A7:7D:F7:51:08:53:61:FA:2F:F8:C3:FC
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tNWou5tWuj2nffdRCFNh-i_4w_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.62.0/24
93.114.192.0/24
185.135.141.0/24
188.241.182.0/24
188.241.243.0/24
213.232.94.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:11:00:65:40:b4:4b:19:b5:a6:fe:88:49:8a:a5:81:63:f5:
ca:b2:f6:96:19:1f:5a:eb:bb:7c:aa:18:b4:40:c6:14:d3:db:
73:66:83:21:bd:b7:b8:a1:3c:4f:15:bd:00:3f:c3:7d:0f:95:
61:60:67:3c:78:a4:20:6a:14:34:0d:80:fc:62:6a:56:08:31:
df:67:e0:3a:80:c0:c7:34:40:28:72:20:95:aa:f9:95:e9:ea:
b0:00:d8:ad:12:f0:91:72:c0:72:5d:01:96:22:05:ec:0b:2b:
43:fb:09:b6:a0:bd:28:00:1c:e9:6b:96:47:dc:ae:00:77:c6:
31:96:ea:a5:a1:bf:97:fc:17:20:36:a7:91:a7:b7:d2:60:1b:
2b:8b:d3:98:22:ea:41:00:94:ae:35:0c:a4:e6:80:5a:6d:fb:
fe:4c:5f:bf:4e:9d:0c:d4:e8:93:c3:05:75:f9:02:ea:93:2a:
8d:90:50:04:e7:89:4e:58:ad:03:99:70:fe:ad:38:c9:23:7d:
15:13:1a:eb:15:f2:f9:e4:31:63:3a:45:41:b4:47:3e:58:83:
b4:a8:ec:fb:f2:78:88:c8:22:60:88:f2:b2:4f:4c:7c:40:e2:
4b:38:d3:8e:4c:96:62:e8:ad:0a:1f:f9:87:ac:ed:a2:c1:95:
d2:4e:99:8d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYkQRh8uRDpjkFzJN0ecWrIiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzAxMDcwNjE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGQ1YThiYjliNTZiYTNkYTc3ZGY3NTEwODUzNjFmYTJmZjhjM2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqf0mDNwEC2TyF3CpTwvh8IKMGW0E
oPiXyB0QnO0gUw1yiMI9qA1t8JwwCru5n3/k6/eay+S+KdV1VakZxONh2mfgxjaC
R/nxA6XILNmpxypn9i6zRGQSpEMFV99hl3QTMEMyc5G+W1NiNmMBxrpsHfBsHEkN
mjZO4b9AyRpKkFhzGriokBZ5TQT+AWADsdqPZr/R2u6dYw5v/7d5Jj0su4GQi5fJ
fKCbUSa7HXLffOek2kgBnlSU5EOF3+hv7LDfi04rgQoe4Q/0MKESe+8Ni2vu6c7h
IyEMez5iOGPJe8O3oVSXCMGXi+v+AmtYyOR2QpyXyPvH3rUfdvXkVRIxaQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLTVqLubVro9p333UQhTYfov+MP8MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdE5Xb3U1dFd1ajJuZmZkUkNGTmgtaV80d193LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAWSU+AwQA
XXLAAwQAuYeNAwQAvPG2AwQAvPHzAwQB1eheMA0GCSqGSIb3DQEBCwUAA4IBAQB7
EQBlQLRLGbWm/ohJiqWBY/XKsvaWGR9a67t8qhi0QMYU09tzZoMhvbe4oTxPFb0A
P8N9D5VhYGc8eKQgahQ0DYD8YmpWCDHfZ+A6gMDHNEAociCVqvmV6eqwANitEvCR
csByXQGWIgXsCytD+wm2oL0oABzpa5ZH3K4Ad8Yxluqlob+X/BcgNqeRp7fSYBsr
i9OYIupBAJSuNQyk5oBabfv+TF+/Tp0M1OiTwwV1+QLqkyqNkFAE54lOWK0DmXD+
rTjJI30VExrrFfL55DFjOkVBtEc+WIO0qOz78niIyCJgiPKyT0x8QOJLONOOTJZi
6K0KH/mHrO2iwZXSTpmN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:14 2024 by rpki-client on console-ams.rpki-client.org