Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uRkTSlhl-KW4NpzGDokUOAE8wM4.roa
File: uRkTSlhl-KW4NpzGDokUOAE8wM4.roa (raw, json)
Hash identifier: avj/m0T7T0kV1bexU/OpvP3foBGFnxuLkOou2ogyz6Y=
Subject key identifier: B9:19:13:4A:58:65:F8:A5:B8:36:9C:C6:0E:89:14:38:01:3C:C0:CE
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187E5972FD417B54A84A4790F60C8F395DF
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uRkTSlhl-KW4NpzGDokUOAE8wM4.roa
Signing time: Thu 04 May 2023 07:08:23 +0000
ROA not before: Thu 04 May 2023 07:08:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3507
IP address blocks: 193.23.130.0/24 maxlen: 24
45.156.158.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
93.115.109.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
188.241.214.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e5:97:2f:d4:17:b5:4a:84:a4:79:0f:60:c8:f3:95:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 4 07:08:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b919134a5865f8a5b8369cc60e891438013cc0ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:01:ce:82:25:11:c9:11:21:66:80:7a:3c:56:
30:09:7b:7b:4f:9e:1d:55:82:ae:fa:03:4e:ed:b3:
53:6e:6b:fd:62:d8:37:6f:d9:d3:c0:f3:bd:1e:40:
35:57:39:c7:ac:88:9b:f0:c0:b3:ec:6f:74:61:51:
54:04:fe:0d:2e:3a:9f:4d:6d:2a:78:93:b1:07:af:
39:2e:36:60:4e:d0:83:6b:d0:a7:91:3b:32:ef:61:
87:af:23:15:a9:21:cf:ed:de:4b:ab:5d:4b:96:6a:
48:b2:2d:c3:65:85:30:44:40:fe:d0:88:fa:0c:1c:
52:9c:fb:70:55:3d:96:76:3c:a6:14:07:87:b1:af:
2b:c8:da:84:56:df:98:17:bd:9f:b6:d7:50:ab:5d:
24:64:62:63:62:62:7a:6d:f8:9b:d7:77:30:c7:4b:
d4:1c:5d:30:a3:09:38:ba:cc:e8:e8:bd:8d:f1:d2:
94:41:98:5e:19:5a:28:4c:05:7d:b4:dc:fd:92:da:
0d:bc:7d:5b:94:b7:5a:e1:4f:24:02:18:5d:0a:0d:
6b:f2:e4:f9:2a:23:6f:22:1e:09:76:e7:ec:1a:2d:
eb:0e:ac:95:26:ff:15:5a:db:3b:e8:a6:6e:0f:c5:
ff:69:da:dc:fc:68:d1:0d:ce:37:ad:a1:ea:60:d0:
82:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:19:13:4A:58:65:F8:A5:B8:36:9C:C6:0E:89:14:38:01:3C:C0:CE
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uRkTSlhl-KW4NpzGDokUOAE8wM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.158.0/24
89.33.84.0/24
93.115.109.0/24
188.240.232.0/24
188.241.214.0/24
193.23.130.0/24
Signature Algorithm: sha256WithRSAEncryption
83:01:a1:d3:78:8d:1b:4f:4d:c1:6a:d6:3c:29:cc:14:c5:79:
f3:29:50:f5:0d:64:b5:7b:66:2d:ea:24:21:d5:ee:ff:78:3c:
d1:8c:3d:9e:17:63:30:04:ea:dd:53:f4:e9:e3:fc:a3:7f:85:
4a:26:05:a6:2c:e2:63:8d:85:7e:cc:ec:1c:ed:02:79:ec:ce:
f3:65:82:ec:e0:7e:9f:4d:e8:06:89:22:cc:3e:90:c3:6a:74:
e0:f8:28:00:f8:b5:b3:47:e3:ac:3c:48:0f:c4:85:e2:bc:55:
8c:26:1d:b6:3c:7d:b6:22:a0:ac:09:36:eb:7d:2a:f5:fb:01:
2e:f6:d7:12:f6:3e:d3:ce:1e:f9:80:7d:72:d6:2e:12:62:68:
6a:b6:dd:6e:5b:fe:87:d7:58:80:71:64:40:2b:bb:d6:de:bb:
4a:34:07:55:3d:24:ec:43:16:6c:5c:24:51:5b:1e:98:04:a8:
69:53:86:53:5f:0d:1a:cd:57:a0:e4:ae:61:fb:51:7a:d6:90:
37:12:74:88:06:aa:68:9e:9c:8f:c0:68:0b:52:6b:87:6a:31:
0f:ed:8e:10:b1:de:56:5a:86:63:99:9c:4a:c6:6b:18:6b:a2:
34:24:85:e1:43:9d:7e:ff:99:01:f6:f7:24:4c:20:cf:5b:bd:
6f:dd:a3:d1
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYflly/UF7VKhKR5D2DI85XfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTA0MDcwODIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTE5MTM0YTU4NjVmOGE1YjgzNjljYzYwZTg5MTQzODAxM2NjMGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQHOgiURyREhZoB6PFYwCXt7T54d
VYKu+gNO7bNTbmv9Ytg3b9nTwPO9HkA1VznHrIib8MCz7G90YVFUBP4NLjqfTW0q
eJOxB685LjZgTtCDa9CnkTsy72GHryMVqSHP7d5Lq11LlmpIsi3DZYUwRED+0Ij6
DBxSnPtwVT2WdjymFAeHsa8ryNqEVt+YF72fttdQq10kZGJjYmJ6bfib13cwx0vU
HF0wowk4uszo6L2N8dKUQZheGVooTAV9tNz9ktoNvH1blLda4U8kAhhdCg1r8uT5
KiNvIh4JdufsGi3rDqyVJv8VWts76KZuD8X/adrc/GjRDc43raHqYNCCOwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLkZE0pYZfiluDacxg6JFDgBPMDOMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdVJrVFNsaGwtS1c0TnB6R0Rva1VPQUU4d000LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALZyeAwQA
WSFUAwQAXXNtAwQAvPDoAwQAvPHWAwQAwReCMA0GCSqGSIb3DQEBCwUAA4IBAQCD
AaHTeI0bT03BatY8KcwUxXnzKVD1DWS1e2Yt6iQh1e7/eDzRjD2eF2MwBOrdU/Tp
4/yjf4VKJgWmLOJjjYV+zOwc7QJ57M7zZYLs4H6fTegGiSLMPpDDanTg+CgA+LWz
R+OsPEgPxIXivFWMJh22PH22IqCsCTbrfSr1+wEu9tcS9j7Tzh75gH1y1i4SYmhq
tt1uW/6H11iAcWRAK7vW3rtKNAdVPSTsQxZsXCRRWx6YBKhpU4ZTXw0azVeg5K5h
+1F61pA3EnSIBqponpyPwGgLUmuHajEP7Y4Qsd5WWoZjmZxKxmsYa6I0JIXhQ51+
/5kB9vckTCDPW71v3aPR
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:03 2023 by rpki-client on console-fra.rpki-client.org