Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uvR8pHtBB75tWlGNEZlxL28MfCg.roa
File: uvR8pHtBB75tWlGNEZlxL28MfCg.roa (raw, json)
Hash identifier: ILtcLSDpw+ue6scoBD2clL6CrhTimmThO/NiB7fbV9I=
Subject key identifier: BA:F4:7C:A4:7B:41:07:BE:6D:5A:51:8D:11:99:71:2F:6F:0C:7C:28
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01861233CC4860E4E0ED1A558D3AB55CC4DC
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uvR8pHtBB75tWlGNEZlxL28MfCg.roa
Signing time: Thu 02 Feb 2023 12:57:09 +0000
ROA not before: Thu 02 Feb 2023 12:57:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29066
IP address blocks: 185.217.119.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
185.198.240.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:12:33:cc:48:60:e4:e0:ed:1a:55:8d:3a:b5:5c:c4:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 2 12:57:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=baf47ca47b4107be6d5a518d1199712f6f0c7c28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:33:f4:15:a7:e9:aa:95:79:0c:06:fd:b7:7f:
bc:12:c1:f9:36:0f:be:37:5e:31:72:db:36:79:14:
87:f3:7b:63:75:80:d9:59:07:64:2d:93:3b:b8:03:
93:b7:3a:91:ac:af:19:49:b5:4a:5b:44:8e:23:84:
ce:45:f2:1e:38:fc:c7:a1:a3:19:7f:61:5a:54:0e:
2d:41:cd:79:14:59:9c:62:4f:88:2b:ec:cd:c1:3c:
7b:cb:bb:a4:f0:21:35:61:0a:13:ab:25:bd:3f:d4:
8d:2a:b9:e4:c7:f1:90:63:9c:05:44:c6:12:d9:65:
14:99:bc:67:29:a0:07:2b:4c:f1:09:7d:22:e1:a8:
fd:2e:c9:0b:1e:06:4c:25:03:d4:2a:b5:ab:85:79:
de:4e:e8:9a:e9:fd:2a:4b:77:e0:0b:34:f3:ef:30:
71:f8:29:c9:a4:3f:0c:60:16:8d:d7:72:c5:e2:32:
28:09:45:59:fc:21:98:c0:16:1e:86:20:fd:5c:02:
54:b2:52:cc:cd:1f:c7:52:3e:07:7e:20:f6:1b:74:
b8:3f:9e:ae:78:61:2d:04:f0:0c:cf:59:8c:62:f1:
4c:58:6f:c7:75:e4:08:97:26:73:90:24:d5:26:63:
c6:4f:36:69:3e:e8:0a:14:c1:68:ed:46:d9:d8:ec:
69:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:F4:7C:A4:7B:41:07:BE:6D:5A:51:8D:11:99:71:2F:6F:0C:7C:28
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uvR8pHtBB75tWlGNEZlxL28MfCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.247.150.0/24
185.198.240.0/24
185.217.119.0/24
Signature Algorithm: sha256WithRSAEncryption
30:72:73:03:35:1b:2b:e9:5f:76:8c:4b:c3:8d:ea:d9:63:75:
04:51:1c:7e:10:b2:d5:9d:51:54:25:1f:b1:ed:97:ad:3a:63:
02:d5:65:77:03:db:65:d1:fd:35:d1:ae:7c:ee:b4:23:96:c2:
63:37:1a:cf:8c:4b:ec:70:7b:e5:8a:c3:b6:97:dd:42:12:20:
70:96:9d:f8:e1:ce:be:34:5c:47:b0:5e:44:be:8c:a2:d0:34:
9a:fc:50:db:8e:bf:d2:ae:6a:02:a5:eb:82:4d:59:e9:9d:10:
b0:2d:51:e8:7a:f5:b3:53:64:c8:c7:a6:f5:98:29:3b:69:99:
3f:d8:7a:ff:52:0f:c2:ae:77:fc:f4:84:f5:d2:a2:80:19:eb:
5e:8a:f5:53:c3:7d:d4:13:0b:dc:6a:b0:fd:02:72:07:ca:87:
70:46:71:0f:f8:64:46:a4:d3:36:fd:99:14:dc:ea:85:75:d5:
e9:59:5e:04:42:ef:68:1a:59:61:17:17:ec:77:3b:b6:b0:fc:
d7:19:62:6c:2b:5b:f1:c2:1e:d2:55:1f:9b:9a:4c:9f:0f:17:
57:61:29:4b:f5:fb:72:7f:8a:52:8d:8f:3f:0b:28:eb:bb:17:
ff:19:d8:c4:63:68:54:27:b0:e5:8d:90:13:41:59:a8:96:3d:
10:8f:63:9a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYYSM8xIYOTg7RpVjTq1XMTcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjAyMTI1NzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWY0N2NhNDdiNDEwN2JlNmQ1YTUxOGQxMTk5NzEyZjZmMGM3YzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTP0FafpqpV5DAb9t3+8EsH5Ng++
N14xcts2eRSH83tjdYDZWQdkLZM7uAOTtzqRrK8ZSbVKW0SOI4TORfIeOPzHoaMZ
f2FaVA4tQc15FFmcYk+IK+zNwTx7y7uk8CE1YQoTqyW9P9SNKrnkx/GQY5wFRMYS
2WUUmbxnKaAHK0zxCX0i4aj9LskLHgZMJQPUKrWrhXneTuia6f0qS3fgCzTz7zBx
+CnJpD8MYBaN13LF4jIoCUVZ/CGYwBYehiD9XAJUslLMzR/HUj4HfiD2G3S4P56u
eGEtBPAMz1mMYvFMWG/HdeQIlyZzkCTVJmPGTzZpPugKFMFo7UbZ2OxpRwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLr0fKR7QQe+bVpRjRGZcS9vDHwoMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdXZSOHBIdEJCNzV0V2xHTkVabHhMMjhNZkNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV/eWAwQA
ucbwAwQAudl3MA0GCSqGSIb3DQEBCwUAA4IBAQAwcnMDNRsr6V92jEvDjerZY3UE
URx+ELLVnVFUJR+x7ZetOmMC1WV3A9tl0f010a587rQjlsJjNxrPjEvscHvlisO2
l91CEiBwlp344c6+NFxHsF5Evoyi0DSa/FDbjr/SrmoCpeuCTVnpnRCwLVHoevWz
U2TIx6b1mCk7aZk/2Hr/Ug/Crnf89IT10qKAGeteivVTw33UEwvcarD9AnIHyodw
RnEP+GRGpNM2/ZkU3OqFddXpWV4EQu9oGllhFxfsdzu2sPzXGWJsK1vxwh7SVR+b
mkyfDxdXYSlL9ftyf4pSjY8/Cyjruxf/GdjEY2hUJ7DljZATQVmolj0Qj2Oa
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:57 2023 by rpki-client on console-ams.rpki-client.org