Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/y366WViynUQ2B3lSrso6pBWlNy0.roa
File: y366WViynUQ2B3lSrso6pBWlNy0.roa (raw, json)
Hash identifier: kQSbumbPMPncQkOa0IwOgEZtfCwYO0mhEYKLsZsKQxw=
Subject key identifier: CB:7E:BA:59:58:B2:9D:44:36:07:79:52:AE:CA:3A:A4:15:A5:37:2D
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01866F1825BF5B202C44FA7DE84D6B38165E
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/y366WViynUQ2B3lSrso6pBWlNy0.roa
Signing time: Mon 20 Feb 2023 13:51:38 +0000
ROA not before: Mon 20 Feb 2023 13:51:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 188.212.132.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
188.214.208.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
93.115.255.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.95.0/24 maxlen: 24
94.176.110.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Feb 2023 08:28:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6f:18:25:bf:5b:20:2c:44:fa:7d:e8:4d:6b:38:16:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 20 13:51:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb7eba5958b29d4436077952aeca3aa415a5372d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:be:2d:58:75:0f:85:12:58:bb:a4:20:2e:86:
e8:22:6e:df:ae:17:68:48:51:03:54:07:a7:ee:e7:
6f:e7:3c:fd:23:bb:7b:49:7d:2f:71:3a:7b:10:74:
6a:69:83:04:40:7f:df:14:d8:88:e4:2b:00:5d:49:
0a:3b:ca:de:f1:20:a4:5a:90:8d:36:1e:48:94:5f:
ea:82:b1:d9:f4:84:f9:26:4a:1e:74:3f:c7:c2:6b:
37:8a:19:da:59:b7:09:f3:8f:f3:87:1f:55:0a:03:
db:34:cc:d8:70:0f:82:d5:ff:da:2e:6d:7a:ea:5c:
0b:25:81:f6:f0:9e:29:dc:4b:10:a2:c6:00:25:6e:
93:ad:00:9f:d1:e1:32:b5:a7:ca:b3:5a:d2:d9:0d:
e2:d0:7b:f9:ec:26:43:7d:fb:15:8a:0a:68:ac:53:
94:74:4c:4c:c7:16:9c:9e:68:7f:62:44:91:5f:e9:
61:bb:e0:12:89:02:33:9c:31:ea:03:f3:4e:7c:87:
1e:22:3d:c7:e3:b4:35:17:6f:9a:5d:fe:09:98:d6:
fd:30:4b:74:a5:44:98:c5:f8:9b:c2:bb:4a:a0:ce:
a2:46:78:5d:1c:08:aa:ba:d2:c6:be:91:c3:c6:19:
91:88:22:d7:f2:7f:bd:34:00:4c:43:2c:e0:fa:33:
8c:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:7E:BA:59:58:B2:9D:44:36:07:79:52:AE:CA:3A:A4:15:A5:37:2D
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/y366WViynUQ2B3lSrso6pBWlNy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.207.0/24
93.115.255.0/24
94.176.110.0/24
185.238.10.0/24
185.255.168.0/24
188.212.132.0/23
188.212.159.0/24
188.213.202.0/24
188.214.208.0/23
213.232.93.0/24
213.232.95.0/24
Signature Algorithm: sha256WithRSAEncryption
05:2a:6f:f6:59:d4:24:2e:bb:39:19:ba:8f:95:43:51:56:58:
45:c1:f2:56:00:18:4f:d7:6a:e9:90:e8:1a:dc:05:8d:d8:3e:
c1:c6:73:e6:ab:b6:b7:34:27:65:b5:f9:f1:1b:84:70:a1:9b:
96:0b:71:b3:5e:3c:00:2b:c3:b4:1b:a3:a8:f2:4f:4f:95:84:
f8:1c:18:13:a8:f0:ec:b5:87:00:f5:af:c0:4e:2d:21:7f:3f:
e9:e7:69:5a:9f:f0:f4:f1:0a:92:52:95:df:4d:ed:bd:6a:3f:
0a:0c:6f:60:0c:7c:29:c5:36:4f:8c:02:4f:cd:d8:44:7a:e9:
79:60:fc:99:11:a0:a2:6e:ec:c4:f8:1d:d6:f1:2f:0f:49:26:
0e:c3:3a:59:23:a8:1c:5f:9b:fa:cb:df:cc:82:61:c9:d2:70:
34:e6:30:33:3f:d7:1e:c3:8a:85:0b:1a:48:55:49:84:c8:fc:
db:c4:18:bc:12:06:96:70:49:21:40:9f:04:84:19:78:0a:61:
cb:49:02:ee:78:40:b0:38:86:39:f6:10:e8:c4:e0:65:c0:ad:
86:70:35:a4:b2:86:91:a0:99:25:57:0c:ef:89:9f:ce:51:6f:
4f:35:2a:5b:cd:52:57:d8:cc:39:0e:84:9d:65:20:ee:90:9b:
3e:35:b6:e2
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYZvGCW/WyAsRPp96E1rOBZeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjIwMTM1MTM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjdlYmE1OTU4YjI5ZDQ0MzYwNzc5NTJhZWNhM2FhNDE1YTUzNzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm74tWHUPhRJYu6QgLoboIm7frhdo
SFEDVAen7udv5zz9I7t7SX0vcTp7EHRqaYMEQH/fFNiI5CsAXUkKO8re8SCkWpCN
Nh5IlF/qgrHZ9IT5JkoedD/Hwms3ihnaWbcJ84/zhx9VCgPbNMzYcA+C1f/aLm16
6lwLJYH28J4p3EsQosYAJW6TrQCf0eEytafKs1rS2Q3i0Hv57CZDffsVigporFOU
dExMxxacnmh/YkSRX+lhu+ASiQIznDHqA/NOfIceIj3H47Q1F2+aXf4JmNb9MEt0
pUSYxfibwrtKoM6iRnhdHAiqutLGvpHDxhmRiCLX8n+9NABMQyzg+jOMXwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFMt+ullYsp1ENgd5Uq7KOqQVpTctMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEveTM2NldWaXluVVEyQjNsU3JzbzZwQldsTnkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAW7zPAwQA
XXP/AwQAXrBuAwQAue4KAwQAuf+oAwQBvNSEAwQAvNSfAwQAvNXKAwQBvNbQAwQA
1ehdAwQA1ehfMA0GCSqGSIb3DQEBCwUAA4IBAQAFKm/2WdQkLrs5GbqPlUNRVlhF
wfJWABhP12rpkOga3AWN2D7BxnPmq7a3NCdltfnxG4RwoZuWC3GzXjwAK8O0G6Oo
8k9PlYT4HBgTqPDstYcA9a/ATi0hfz/p52lan/D08QqSUpXfTe29aj8KDG9gDHwp
xTZPjAJPzdhEeul5YPyZEaCibuzE+B3W8S8PSSYOwzpZI6gcX5v6y9/MgmHJ0nA0
5jAzP9cew4qFCxpIVUmEyPzbxBi8EgaWcEkhQJ8EhBl4CmHLSQLueECwOIY59hDo
xOBlwK2GcDWksoaRoJklVwzviZ/OUW9PNSpbzVJX2Mw5DoSdZSDukJs+Nbbi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:14 2024 by rpki-client on console-ams.rpki-client.org