Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/d99af7-e1a0-4b56-b213-87f129dc0ff2/1/02w8C2sFYwHTNd52OgMA5FK1CUY.roa
File: 02w8C2sFYwHTNd52OgMA5FK1CUY.roa (raw, json)
Hash identifier: KWtKL5R5OLQmhvGbkvc/Y+0gLyaQMmbSnvS6t2kLafo=
Subject key identifier: D3:6C:3C:0B:6B:05:63:01:D3:35:DE:76:3A:03:00:E4:52:B5:09:46
Certificate issuer: /CN=2697ee5bea95b6fca92d7c8005b2531d0d510468
Certificate serial: 018C36614A18B13873C38AFA9F75518E6BF8
Authority key identifier: 26:97:EE:5B:EA:95:B6:FC:A9:2D:7C:80:05:B2:53:1D:0D:51:04:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JpfuW-qVtvypLXyABbJTHQ1RBGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/d99af7-e1a0-4b56-b213-87f129dc0ff2/1/02w8C2sFYwHTNd52OgMA5FK1CUY.roa
Signing time: Mon 04 Dec 2023 19:49:54 +0000
ROA not before: Mon 04 Dec 2023 19:49:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35615
IP address blocks: 194.39.38.0/24 maxlen: 24
194.39.37.0/24 maxlen: 24
194.39.36.0/23 maxlen: 23
194.39.36.0/22 maxlen: 22
194.39.36.0/24 maxlen: 24
194.39.39.0/24 maxlen: 24
194.39.38.0/23 maxlen: 23
2a0d:84c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:36:61:4a:18:b1:38:73:c3:8a:fa:9f:75:51:8e:6b:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2697ee5bea95b6fca92d7c8005b2531d0d510468
Validity
Not Before: Dec 4 19:49:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d36c3c0b6b056301d335de763a0300e452b50946
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:78:eb:18:02:be:5c:38:04:8d:51:66:fc:74:
9e:2b:d3:7a:5d:5a:e9:11:b6:c1:81:d2:9d:a8:8d:
bc:3c:ad:e6:76:9d:02:af:33:2d:9e:73:87:2e:01:
80:22:f9:ac:8d:2f:bf:3b:22:49:88:90:ae:77:d2:
c9:db:39:35:35:e8:ed:c8:f1:1d:2b:14:db:f0:c9:
42:95:03:a0:18:69:7d:0e:f6:e2:b1:34:ef:cd:5e:
b4:5a:45:32:37:fb:1b:02:d9:88:c3:6c:19:32:68:
d0:0d:70:b4:d9:c9:86:fe:05:13:5a:6e:cd:7f:b9:
c3:7e:cf:9e:3b:1b:d2:65:49:3e:7d:c0:03:82:4b:
1e:4e:ef:69:1b:fa:e4:9b:50:cb:e7:9a:4f:30:fa:
f4:dc:82:30:d7:1b:b8:3d:87:e0:97:f1:17:9a:47:
ef:11:ee:a7:3a:06:6c:ea:e5:fc:22:89:b8:d6:c7:
5d:9a:46:16:f5:26:a6:b8:31:ba:b1:0e:fb:72:d0:
fe:a2:01:00:9f:d0:8b:64:29:81:f4:14:03:3e:bf:
74:14:9b:41:da:a6:dc:df:4c:7d:3a:21:2e:68:41:
19:96:4a:b9:0b:35:e9:d3:64:6c:93:5a:07:7a:7c:
db:05:89:89:d1:42:2e:30:0f:f8:10:c1:4e:41:92:
e2:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:6C:3C:0B:6B:05:63:01:D3:35:DE:76:3A:03:00:E4:52:B5:09:46
X509v3 Authority Key Identifier:
keyid:26:97:EE:5B:EA:95:B6:FC:A9:2D:7C:80:05:B2:53:1D:0D:51:04:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JpfuW-qVtvypLXyABbJTHQ1RBGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/d99af7-e1a0-4b56-b213-87f129dc0ff2/1/02w8C2sFYwHTNd52OgMA5FK1CUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/d99af7-e1a0-4b56-b213-87f129dc0ff2/1/JpfuW-qVtvypLXyABbJTHQ1RBGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.39.36.0/22
IPv6:
2a0d:84c0::/29
Signature Algorithm: sha256WithRSAEncryption
a6:47:af:f7:f3:7a:1d:b6:55:78:f2:eb:b0:b4:63:1f:0c:62:
c3:c7:20:b0:8a:08:bd:f8:e9:64:f4:35:bc:fc:f4:d1:3a:df:
c3:d9:75:12:60:fa:55:b2:ac:07:da:2b:74:51:22:db:7b:45:
33:a3:d3:e9:0d:54:d1:81:61:31:81:1b:c1:fd:cf:5e:d7:7f:
d0:fc:85:3e:2d:58:0f:fe:92:93:02:61:f0:da:e8:38:05:6b:
f0:c6:2c:1c:2c:4e:b2:71:cd:c2:60:45:fc:4a:60:e4:96:f6:
25:0d:b8:0f:d8:2d:f1:cf:18:16:de:58:f0:30:89:70:f6:e6:
cb:29:fc:d4:d6:99:36:31:ba:43:e5:fd:3c:d2:96:5d:5d:57:
3a:43:72:90:9b:24:01:4d:61:a8:78:b5:c8:a0:5d:4a:4a:68:
c6:40:87:43:bc:c6:d5:c5:f1:fd:67:da:c7:44:5d:e9:71:9a:
c6:d6:35:82:61:a8:40:01:92:bd:b4:ea:bc:32:81:0c:76:cc:
1e:ee:4c:ea:b2:1f:5d:c1:c6:73:18:87:73:80:b0:cd:45:18:
38:43:dc:8b:87:82:5c:8e:e5:d5:e2:8b:a1:4f:24:17:c4:93:
4e:9b:21:9e:9b:4d:72:4f:9a:ba:42:c8:51:8e:9a:f1:96:54:
33:ab:ff:d6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYw2YUoYsThzw4r6n3VRjmv4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2OTdlZTViZWE5NWI2ZmNhOTJkN2M4MDA1YjI1MzFkMGQ1
MTA0NjgwHhcNMjMxMjA0MTk0OTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzZjM2MwYjZiMDU2MzAxZDMzNWRlNzYzYTAzMDBlNDUyYjUwOTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3jrGAK+XDgEjVFm/HSeK9N6XVrp
EbbBgdKdqI28PK3mdp0CrzMtnnOHLgGAIvmsjS+/OyJJiJCud9LJ2zk1NejtyPEd
KxTb8MlClQOgGGl9DvbisTTvzV60WkUyN/sbAtmIw2wZMmjQDXC02cmG/gUTWm7N
f7nDfs+eOxvSZUk+fcADgkseTu9pG/rkm1DL55pPMPr03IIw1xu4PYfgl/EXmkfv
Ee6nOgZs6uX8Iom41sddmkYW9SamuDG6sQ77ctD+ogEAn9CLZCmB9BQDPr90FJtB
2qbc30x9OiEuaEEZlkq5CzXp02Rsk1oHenzbBYmJ0UIuMA/4EMFOQZLirwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNNsPAtrBWMB0zXedjoDAORStQlGMB8GA1UdIwQY
MBaAFCaX7lvqlbb8qS18gAWyUx0NUQRoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnBmdVctcVZ0dnlwTFh5QUJiSlRIUTFSQkdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9kOTlhZjctZTFhMC00YjU2LWIyMTMt
ODdmMTI5ZGMwZmYyLzEvMDJ3OEMyc0ZZd0hUTmQ1Mk9nTUE1RksxQ1VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9kOTlhZjctZTFhMC00YjU2LWIyMTMtODdmMTI5ZGMwZmYy
LzEvSnBmdVctcVZ0dnlwTFh5QUJiSlRIUTFSQkdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwickMA0E
AgACMAcDBQMqDYTAMA0GCSqGSIb3DQEBCwUAA4IBAQCmR6/383odtlV48uuwtGMf
DGLDxyCwigi9+Olk9DW8/PTROt/D2XUSYPpVsqwH2it0USLbe0Uzo9PpDVTRgWEx
gRvB/c9e13/Q/IU+LVgP/pKTAmHw2ug4BWvwxiwcLE6ycc3CYEX8SmDklvYlDbgP
2C3xzxgW3ljwMIlw9ubLKfzU1pk2MbpD5f080pZdXVc6Q3KQmyQBTWGoeLXIoF1K
SmjGQIdDvMbVxfH9Z9rHRF3pcZrG1jWCYahAAZK9tOq8MoEMdswe7kzqsh9dwcZz
GIdzgLDNRRg4Q9yLh4JcjuXV4ouhTyQXxJNOmyGem01yT5q6QshRjprxllQzq//W
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:48 2024 by rpki-client on console-fra.rpki-client.org