Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/wTnvjgv0GR26FxQL3M3x9nkkwOU.roa
File: wTnvjgv0GR26FxQL3M3x9nkkwOU.roa (raw, json)
Hash identifier: xLD+wGqZARw3nAyE8auJfFE+xtq4yoxtn12dkTTC6G8=
Subject key identifier: C1:39:EF:8E:0B:F4:19:1D:BA:17:14:0B:DC:CD:F1:F6:79:24:C0:E5
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018BB4AA3C430249EF7CC197F5DA5CB9D0EE
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/wTnvjgv0GR26FxQL3M3x9nkkwOU.roa
Signing time: Thu 09 Nov 2023 15:18:57 +0000
ROA not before: Thu 09 Nov 2023 15:18:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199760
IP address blocks: 188.241.242.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
188.241.182.0/24 maxlen: 24
93.115.109.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b4:aa:3c:43:02:49:ef:7c:c1:97:f5:da:5c:b9:d0:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 9 15:18:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c139ef8e0bf4191dba17140bdccdf1f67924c0e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:fc:7f:bf:8b:bb:f7:64:c2:0d:cf:9f:bd:7c:
95:cd:5a:6f:ed:99:3b:e1:93:5c:28:c4:74:6e:8a:
48:6c:f3:18:e8:00:b5:c3:81:25:c0:5e:3c:d4:41:
60:c0:a1:c5:1a:5b:c2:c7:e6:83:ca:43:45:51:dc:
af:cf:28:4f:21:86:43:47:05:69:8e:75:2d:7a:21:
14:6f:4a:3d:63:8f:6d:2b:c5:2a:99:1b:c4:e7:1f:
7e:19:2f:0d:d2:32:94:64:6f:c9:9e:a5:80:ea:c0:
a1:23:8f:e3:9f:20:69:7c:72:52:f0:f0:ad:5b:b7:
64:d8:18:6e:63:ee:c3:30:e9:d1:43:2f:5b:b7:ec:
fc:d9:58:a0:e2:c3:d9:b1:af:81:3c:20:bc:fa:02:
ae:93:7c:d1:dc:7d:f2:b4:4b:44:75:ed:43:c2:d0:
18:de:dd:72:c6:24:38:f7:2b:34:56:4f:ce:cc:3a:
23:03:ba:1d:fc:e8:7a:75:66:71:11:1f:51:63:77:
26:5a:bb:fc:a6:64:5b:2e:e0:ae:02:1a:5d:94:a1:
54:b5:e2:cf:00:ba:a5:a9:91:d5:c3:60:e5:d5:41:
c5:cd:3a:58:ae:64:62:f3:db:00:22:11:6b:6e:9a:
be:57:25:52:2e:9d:4d:5f:59:3c:f1:dd:3a:1a:a2:
0c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:39:EF:8E:0B:F4:19:1D:BA:17:14:0B:DC:CD:F1:F6:79:24:C0:E5
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/wTnvjgv0GR26FxQL3M3x9nkkwOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.115.109.0/24
188.212.158.0/24
188.241.182.0/24
188.241.242.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:17:a9:e7:fb:5a:0e:73:35:eb:02:02:ac:f1:77:06:48:f1:
9e:3b:1c:c5:1c:be:6c:8e:cc:ff:2d:b4:23:fc:92:bf:2c:da:
46:57:3c:f7:78:59:0c:f3:52:45:b7:73:9f:80:88:f9:0f:b1:
98:34:41:fd:b6:92:1f:a9:10:b2:0d:ea:d1:32:04:62:ba:4e:
cf:57:e4:8f:50:b2:73:a5:8c:4a:1c:03:2f:80:b9:74:7d:06:
66:cf:1f:a9:a5:8b:71:66:9d:aa:df:99:06:4f:ef:c7:98:a4:
ab:67:4d:75:57:b3:94:ef:38:9d:4c:f0:5d:97:8d:67:9d:49:
d3:b6:ee:fe:ff:b2:c3:a8:27:78:aa:2d:39:ba:b3:3e:20:34:
47:14:8a:4c:04:2f:1b:bc:83:60:93:4e:3d:2d:3b:9e:89:90:
27:22:a1:99:29:e1:f2:52:40:6c:22:15:30:fb:01:0d:eb:24:
b5:51:15:52:21:dc:35:67:d6:91:09:fb:60:44:89:aa:4f:01:
d1:8c:9c:06:c8:d3:c2:83:47:41:2d:2d:4b:15:4e:ee:e6:6d:
bc:c4:67:6b:ee:9b:1b:10:f9:b0:99:7b:ac:02:9d:d1:0a:91:
db:35:1d:7d:ac:05:9c:5d:2a:65:b7:bd:7e:f8:6a:6f:e3:ed:
d7:54:af:b1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYu0qjxDAknvfMGX9dpcudDuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTA5MTUxODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTM5ZWY4ZTBiZjQxOTFkYmExNzE0MGJkY2NkZjFmNjc5MjRjMGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivx/v4u792TCDc+fvXyVzVpv7Zk7
4ZNcKMR0bopIbPMY6AC1w4ElwF481EFgwKHFGlvCx+aDykNFUdyvzyhPIYZDRwVp
jnUteiEUb0o9Y49tK8UqmRvE5x9+GS8N0jKUZG/JnqWA6sChI4/jnyBpfHJS8PCt
W7dk2BhuY+7DMOnRQy9bt+z82Vig4sPZsa+BPCC8+gKuk3zR3H3ytEtEde1DwtAY
3t1yxiQ49ys0Vk/OzDojA7od/Oh6dWZxER9RY3cmWrv8pmRbLuCuAhpdlKFUteLP
ALqlqZHVw2Dl1UHFzTpYrmRi89sAIhFrbpq+VyVSLp1NX1k88d06GqIM/QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFME5744L9BkduhcUC9zN8fZ5JMDlMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvd1RudmpndjBHUjI2RnhRTDNNM3g5bmtrd09VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXXNtAwQA
vNSeAwQAvPG2AwQAvPHyMA0GCSqGSIb3DQEBCwUAA4IBAQAaF6nn+1oOczXrAgKs
8XcGSPGeOxzFHL5sjsz/LbQj/JK/LNpGVzz3eFkM81JFt3OfgIj5D7GYNEH9tpIf
qRCyDerRMgRiuk7PV+SPULJzpYxKHAMvgLl0fQZmzx+ppYtxZp2q35kGT+/HmKSr
Z011V7OU7zidTPBdl41nnUnTtu7+/7LDqCd4qi05urM+IDRHFIpMBC8bvINgk049
LTueiZAnIqGZKeHyUkBsIhUw+wEN6yS1URVSIdw1Z9aRCftgRImqTwHRjJwGyNPC
g0dBLS1LFU7u5m28xGdr7psbEPmwmXusAp3RCpHbNR19rAWcXSplt71++Gpv4+3X
VK+x
-----END CERTIFICATE-----
Generated at Fri Nov 10 15:58:19 2023 by rpki-client on console-fra.rpki-client.org