Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/pc7F2DTZDot9Do9uqKO91mA9cMI.roa
File: pc7F2DTZDot9Do9uqKO91mA9cMI.roa (raw, json)
Hash identifier: xQCVzs8EqPGeAH28u/HDUp95//ws5UnNRFlz6r6Qbps=
Subject key identifier: A5:CE:C5:D8:34:D9:0E:8B:7D:0E:8F:6E:A8:A3:BD:D6:60:3D:70:C2
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018AF18AFC9657471B061694A314CBBC48F8
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/pc7F2DTZDot9Do9uqKO91mA9cMI.roa
Signing time: Mon 02 Oct 2023 17:58:52 +0000
ROA not before: Mon 02 Oct 2023 17:58:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.112.64.0/22 maxlen: 24
188.241.242.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f1:8a:fc:96:57:47:1b:06:16:94:a3:14:cb:bc:48:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 2 17:58:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5cec5d834d90e8b7d0e8f6ea8a3bdd6603d70c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:7a:cf:5c:e9:2f:de:11:df:b1:74:27:9d:12:
dd:6b:24:76:7f:17:8a:99:41:c4:3e:88:9b:8f:86:
11:f4:fd:94:27:c2:3d:69:42:8d:06:56:60:37:46:
a5:0c:17:d0:ee:f0:83:cb:9e:43:b4:02:9d:fc:fa:
89:d3:19:30:ec:c7:b6:0b:a2:c9:3a:63:79:fc:6b:
d5:ef:04:8f:4e:d9:e0:6d:d7:e8:5c:ef:c2:a2:0e:
8f:43:c3:85:3e:83:b7:02:4d:3f:60:71:61:4c:59:
2b:9a:9f:c8:60:9a:5f:8a:7f:c8:4e:5a:2d:5c:0a:
eb:8b:26:32:8c:bc:81:91:4e:ca:e3:bc:a0:58:95:
ef:79:4e:26:1e:18:ef:c0:9c:36:ce:0c:f2:89:d3:
9e:76:1e:86:71:69:28:c3:0d:5c:0c:bc:7d:ef:f5:
5c:0b:1b:b8:d7:a4:d1:12:e5:1e:e5:2c:e8:1e:a2:
a4:3e:36:a2:9a:b7:ab:24:5b:a6:a4:01:a2:91:9a:
59:ff:42:aa:83:8a:82:1a:75:e3:11:2d:29:78:62:
fd:94:b5:c8:0b:3f:92:cb:59:d1:a1:45:8a:00:fb:
76:93:30:a1:49:7b:9b:5c:b8:19:46:cd:1c:7b:7c:
eb:ef:cf:06:26:75:01:43:e4:69:7e:f1:e4:55:b1:
f7:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:CE:C5:D8:34:D9:0E:8B:7D:0E:8F:6E:A8:A3:BD:D6:60:3D:70:C2
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/pc7F2DTZDot9Do9uqKO91mA9cMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
87.247.148.0/22
89.33.84.0/23
89.35.154.0/24
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.112.64.0/22
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.168.0/22
188.212.133.0/24
188.212.155.0/24
188.212.158.0/24
188.213.202.0/23
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.240.233.0/24
188.241.242.0/23
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:ea:2c:dc:f4:10:76:8d:5b:85:76:c8:41:55:e0:6d:3f:a7:
34:3e:72:aa:58:39:b0:95:74:05:a6:52:62:f0:e3:45:1b:2a:
b2:7d:57:f8:4a:cd:77:de:40:d9:06:10:e8:f9:3e:d3:e8:20:
77:76:6d:3d:80:3c:27:95:81:2e:2d:62:eb:03:69:e5:3a:92:
12:52:b1:fb:03:85:83:af:6c:39:3f:5a:b2:ce:23:51:a8:d0:
b3:af:bd:d2:09:2b:3b:2a:b2:0d:48:35:f4:54:7d:41:cd:1a:
94:63:35:6a:d5:08:2a:73:89:54:38:64:87:a1:fa:c6:b2:de:
79:6d:fd:68:a6:4c:66:42:96:b9:7d:6a:48:29:21:d0:d0:7a:
51:0a:28:49:37:21:79:07:ac:a7:29:63:ee:e0:f6:f8:d6:2e:
12:d8:af:57:a9:1e:2d:d7:9c:3c:a0:03:cf:48:94:86:78:64:
aa:1a:f4:e0:9f:2e:24:59:92:0b:48:bc:f0:8e:f8:60:56:d9:
77:b4:8a:6c:4d:3e:73:1d:70:48:15:09:d1:51:41:55:3e:4e:
2e:2d:a3:fc:12:28:b6:0f:dc:1b:67:42:4e:31:a3:2e:90:7a:
47:c7:ea:9d:69:fd:d4:30:46:fe:8d:0e:77:ec:3c:78:7d:b6:
5a:29:22:7c
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYrxivyWV0cbBhaUoxTLvEj4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDAyMTc1ODUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWNlYzVkODM0ZDkwZThiN2QwZThmNmVhOGEzYmRkNjYwM2Q3MGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHrPXOkv3hHfsXQnnRLdayR2fxeK
mUHEPoibj4YR9P2UJ8I9aUKNBlZgN0alDBfQ7vCDy55DtAKd/PqJ0xkw7Me2C6LJ
OmN5/GvV7wSPTtngbdfoXO/Cog6PQ8OFPoO3Ak0/YHFhTFkrmp/IYJpfin/ITlot
XArriyYyjLyBkU7K47ygWJXveU4mHhjvwJw2zgzyidOedh6GcWkoww1cDLx97/Vc
Cxu416TREuUe5SzoHqKkPjaimrerJFumpAGikZpZ/0Kqg4qCGnXjES0peGL9lLXI
Cz+Sy1nRoUWKAPt2kzChSXubXLgZRs0ce3zr788GJnUBQ+RpfvHkVbH3TwIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFKXOxdg02Q6LfQ6PbqijvdZgPXDCMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvcGM3RjJEVFpEb3Q5RG85dXFLTzkxbUE5Y01JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwDBAIt
krgDBAAtnJ0DBAJX95QDBAFZIVQDBABZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAK5
cEADBAG5h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAK5/6gDBAC81IUDBAC8
1JsDBAC81J4DBAG81coDBAC81tEDBAG88OADBAC88OMDBAC88OkDBAG88fIDBAHB
F4ADBALV6FwwDQYJKoZIhvcNAQELBQADggEBAH7qLNz0EHaNW4V2yEFV4G0/pzQ+
cqpYObCVdAWmUmLw40UbKrJ9V/hKzXfeQNkGEOj5PtPoIHd2bT2APCeVgS4tYusD
aeU6khJSsfsDhYOvbDk/WrLOI1Go0LOvvdIJKzsqsg1INfRUfUHNGpRjNWrVCCpz
iVQ4ZIeh+say3nlt/WimTGZClrl9akgpIdDQelEKKEk3IXkHrKcpY+7g9vjWLhLY
r1epHi3XnDygA89IlIZ4ZKoa9OCfLiRZkgtIvPCO+GBW2Xe0imxNPnMdcEgVCdFR
QVU+Ti4to/wSKLYP3BtnQk4xoy6QekfH6p1p/dQwRv6NDnfsPHh9tlopInw=
-----END CERTIFICATE-----
Generated at Mon Oct 2 18:53:49 2023 by rpki-client on console-fra.rpki-client.org