Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/y0CqM3Ayuy6gDw_GofeCxDbADpw.roa
File: y0CqM3Ayuy6gDw_GofeCxDbADpw.roa (raw, json)
Hash identifier: YedF5LYrqOM9tQPCmTFs4KfBIyTZGB+k6pbKyxj8AgE=
Subject key identifier: CB:40:AA:33:70:32:BB:2E:A0:0F:0F:C6:A1:F7:82:C4:36:C0:0E:9C
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0189BC0E41183014CF4B170E55BF2E32594B
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/y0CqM3Ayuy6gDw_GofeCxDbADpw.roa
Signing time: Thu 03 Aug 2023 15:39:58 +0000
ROA not before: Thu 03 Aug 2023 15:39:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203394
IP address blocks: 188.241.243.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bc:0e:41:18:30:14:cf:4b:17:0e:55:bf:2e:32:59:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 3 15:39:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb40aa337032bb2ea00f0fc6a1f782c436c00e9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:35:ae:4d:52:20:5b:60:3b:f1:b9:b8:f1:ed:
ec:03:f7:9f:c9:22:71:64:68:08:40:a1:a2:6d:31:
fb:8d:2f:99:55:eb:13:19:04:58:49:33:23:5e:a4:
af:59:0c:51:0a:a4:8b:ae:05:0a:87:c4:12:02:d8:
be:8b:24:85:1d:3a:16:63:6b:09:1f:21:fa:bc:da:
5e:7b:bc:13:92:94:b7:3c:45:a4:14:50:3c:c5:bf:
71:29:fb:9e:06:ad:e8:6e:7a:b3:a6:3b:96:07:54:
40:29:6b:ab:09:a8:78:0f:70:f3:40:4a:13:61:2d:
c7:48:bb:43:7d:12:e3:3a:a1:f3:72:95:c8:61:c3:
12:f7:c4:bd:3d:ea:78:33:75:7b:a0:96:df:a8:00:
58:04:7b:d9:47:3a:57:2f:13:f8:9e:af:32:39:96:
18:5c:58:81:83:28:a9:47:f7:4e:cb:32:2e:07:41:
78:d9:68:e8:c1:91:c5:e2:73:64:74:ff:94:22:51:
55:38:7e:4e:e8:62:a5:86:f7:36:d4:c3:e4:f6:11:
48:05:7c:84:58:90:2d:08:b4:e2:b5:f4:a8:f0:14:
3d:5f:fe:af:84:23:77:5c:99:c0:2e:b4:47:55:93:
e9:ed:a9:21:ce:ef:9a:46:13:5c:2f:0b:b6:c5:ca:
f9:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:40:AA:33:70:32:BB:2E:A0:0F:0F:C6:A1:F7:82:C4:36:C0:0E:9C
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/y0CqM3Ayuy6gDw_GofeCxDbADpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.240.232.0/24
188.241.243.0/24
Signature Algorithm: sha256WithRSAEncryption
35:ed:bf:dd:aa:04:42:cd:ba:1c:6e:ec:5b:fa:3b:d7:74:ad:
9b:5d:c8:20:4d:d7:9e:57:5a:bc:bb:52:34:28:6d:ce:8e:20:
93:4d:c0:d6:33:4e:5d:84:69:f1:bf:86:b7:90:c0:72:54:eb:
ec:05:67:a8:8f:30:7b:27:8b:27:d0:c9:22:01:5a:de:b2:89:
8d:2c:fc:b0:38:7c:80:4c:23:d3:7c:94:0d:61:01:78:0a:7e:
32:ff:fd:8d:40:14:cd:ce:47:81:bd:a5:f9:4b:6a:40:bd:2d:
5d:bb:41:95:04:ea:ef:d6:d8:ac:72:28:89:7e:7f:d5:5a:4e:
e8:da:65:62:ee:df:e0:85:ee:ec:4e:7f:7e:65:88:b6:03:2a:
4e:ea:c6:59:21:58:f2:1e:7e:9c:f5:fb:e6:00:97:a6:46:33:
b6:c4:ec:9b:bf:38:a8:3d:88:bf:3c:4f:cb:0d:c7:55:c6:12:
f8:eb:50:59:30:bb:77:13:4c:4a:13:fd:50:26:07:da:bb:20:
05:cf:d9:fe:f9:cf:aa:5f:98:53:40:89:25:e3:e4:02:41:0c:
92:93:ef:1f:03:8e:b5:9e:54:8a:da:f3:e0:87:ea:df:28:72:
47:e8:57:6f:99:69:97:a7:a7:f9:72:20:6f:91:0e:fc:4b:56:
fc:50:db:e1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYm8DkEYMBTPSxcOVb8uMllLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwODAzMTUzOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjQwYWEzMzcwMzJiYjJlYTAwZjBmYzZhMWY3ODJjNDM2YzAwZTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjWuTVIgW2A78bm48e3sA/efySJx
ZGgIQKGibTH7jS+ZVesTGQRYSTMjXqSvWQxRCqSLrgUKh8QSAti+iySFHToWY2sJ
HyH6vNpee7wTkpS3PEWkFFA8xb9xKfueBq3obnqzpjuWB1RAKWurCah4D3DzQEoT
YS3HSLtDfRLjOqHzcpXIYcMS98S9Pep4M3V7oJbfqABYBHvZRzpXLxP4nq8yOZYY
XFiBgyipR/dOyzIuB0F42WjowZHF4nNkdP+UIlFVOH5O6GKlhvc21MPk9hFIBXyE
WJAtCLTitfSo8BQ9X/6vhCN3XJnALrRHVZPp7akhzu+aRhNcLwu2xcr5DQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMtAqjNwMrsuoA8PxqH3gsQ2wA6cMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEveTBDcU0zQXl1eTZnRHdfR29mZUN4RGJBRHB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvPDoAwQA
vPHzMA0GCSqGSIb3DQEBCwUAA4IBAQA17b/dqgRCzbocbuxb+jvXdK2bXcggTdee
V1q8u1I0KG3OjiCTTcDWM05dhGnxv4a3kMByVOvsBWeojzB7J4sn0MkiAVresomN
LPywOHyATCPTfJQNYQF4Cn4y//2NQBTNzkeBvaX5S2pAvS1du0GVBOrv1tisciiJ
fn/VWk7o2mVi7t/ghe7sTn9+ZYi2AypO6sZZIVjyHn6c9fvmAJemRjO2xOybvzio
PYi/PE/LDcdVxhL461BZMLt3E0xKE/1QJgfauyAFz9n++c+qX5hTQIkl4+QCQQyS
k+8fA461nlSK2vPgh+rfKHJH6FdvmWmXp6f5ciBvkQ78S1b8UNvh
Generated at Sun Aug 13 09:34:38 2023 by rpki-client on console-fra.rpki-client.org