Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/01TEiYDJfYyQA_Kw2s8kz3jgWUg.roa
File: 01TEiYDJfYyQA_Kw2s8kz3jgWUg.roa (raw, json)
Hash identifier: fHIZqnUXEiILMYJHhxiIeWEj6t+yyU7UMwGGqJzpx78=
Subject key identifier: D3:54:C4:89:80:C9:7D:8C:90:03:F2:B0:DA:CF:24:CF:78:E0:59:48
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018721ED38CB0F0635BC55157F1450A1B313
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/01TEiYDJfYyQA_Kw2s8kz3jgWUg.roa
Signing time: Mon 27 Mar 2023 07:16:47 +0000
ROA not before: Mon 27 Mar 2023 07:16:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3507
IP address blocks: 93.114.192.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
193.23.130.0/24 maxlen: 24
45.156.158.0/24 maxlen: 24
89.34.127.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
93.115.109.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
188.241.214.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:21:ed:38:cb:0f:06:35:bc:55:15:7f:14:50:a1:b3:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 27 07:16:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d354c48980c97d8c9003f2b0dacf24cf78e05948
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:cd:35:a1:dc:16:d8:9e:f0:b9:ad:d1:fe:4c:
86:a5:c2:be:00:1b:7d:8d:02:c9:8d:b8:e7:44:60:
33:11:b0:53:92:f4:3b:63:55:20:84:ac:83:57:33:
f5:e6:70:1e:77:b8:db:20:cb:e7:42:f8:ef:81:94:
a3:fc:79:12:de:22:80:a6:53:30:dd:2c:43:33:74:
68:f5:60:15:ed:d0:9b:85:3c:c9:88:48:52:d0:84:
91:c0:f6:b7:3a:4a:80:8f:0b:c1:fa:ae:5b:bc:95:
3e:6c:8b:e1:e7:5f:84:fb:15:a9:cc:6d:4f:98:85:
86:ca:76:0a:b5:ba:ad:9e:e8:eb:82:88:06:2a:9f:
44:f8:d3:f0:37:cf:ea:e0:e2:45:60:bb:2c:8c:21:
8d:24:c3:3f:a0:24:ef:f8:7c:f0:92:bb:92:e4:71:
07:19:e7:fe:65:49:6a:c4:9a:71:a3:52:ef:3b:38:
47:a9:40:7c:fd:20:ce:e8:0f:cd:9c:62:b9:be:bd:
f0:9a:15:a1:de:8b:48:22:dd:8d:3b:13:93:32:a3:
f5:60:1c:bf:be:95:8d:1e:43:a3:ac:57:3d:ef:cb:
74:fe:78:9a:c1:bb:af:94:36:2c:b5:78:2f:d3:18:
99:79:00:98:52:6b:e4:94:5d:02:f5:98:d0:8a:38:
b2:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:54:C4:89:80:C9:7D:8C:90:03:F2:B0:DA:CF:24:CF:78:E0:59:48
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/01TEiYDJfYyQA_Kw2s8kz3jgWUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.158.0/24
89.33.84.0/24
89.34.127.0/24
89.35.154.0/24
89.37.62.0/24
93.114.192.0/24
93.115.109.0/24
188.212.155.0/24
188.240.232.0/24
188.241.110.0/24
188.241.214.0/24
193.23.130.0/24
Signature Algorithm: sha256WithRSAEncryption
58:27:2e:ce:90:37:dc:a1:01:77:aa:2c:e5:07:9d:85:a3:18:
15:19:68:b0:7c:56:f6:30:56:dc:f8:0f:46:8a:df:cc:92:16:
bf:51:41:04:03:57:03:bf:1f:c9:62:81:1e:58:fa:e6:3a:89:
5b:39:a2:df:87:93:cc:31:57:3a:10:f9:4f:34:12:23:81:c3:
df:21:62:36:b9:97:b0:53:06:44:c5:d4:f2:67:3f:bb:76:80:
65:6f:27:3e:6a:8e:36:24:50:b5:9c:24:f2:1e:13:50:ec:fe:
36:be:0e:ea:31:37:0c:63:cb:b2:9d:f7:88:f7:34:25:fb:57:
ed:6a:b6:75:d1:8b:c9:fc:a4:c4:ca:08:ed:53:18:09:fa:cc:
5f:f8:9b:0a:c6:a1:db:4b:61:09:43:65:0f:e2:20:ab:9c:7a:
97:03:a2:c5:43:5b:52:99:19:f9:bf:95:54:ba:68:15:81:d3:
02:f7:16:fe:34:f3:c4:07:fe:a5:da:92:a6:d8:f3:e1:60:27:
37:00:6d:78:a0:4b:33:77:19:4e:47:3b:97:ed:1e:79:d5:5f:
f3:fc:40:4c:ca:7e:55:0f:d9:70:21:97:89:59:ce:24:79:c1:
b8:e2:92:b0:1d:39:e3:63:58:93:cb:dc:28:82:6c:71:69:c6:
97:6a:e3:08
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYch7TjLDwY1vFUVfxRQobMTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzI3MDcxNjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzU0YzQ4OTgwYzk3ZDhjOTAwM2YyYjBkYWNmMjRjZjc4ZTA1OTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmM01odwW2J7wua3R/kyGpcK+ABt9
jQLJjbjnRGAzEbBTkvQ7Y1UghKyDVzP15nAed7jbIMvnQvjvgZSj/HkS3iKAplMw
3SxDM3Ro9WAV7dCbhTzJiEhS0ISRwPa3OkqAjwvB+q5bvJU+bIvh51+E+xWpzG1P
mIWGynYKtbqtnujrgogGKp9E+NPwN8/q4OJFYLssjCGNJMM/oCTv+HzwkruS5HEH
Gef+ZUlqxJpxo1LvOzhHqUB8/SDO6A/NnGK5vr3wmhWh3otIIt2NOxOTMqP1YBy/
vpWNHkOjrFc978t0/niawbuvlDYstXgv0xiZeQCYUmvklF0C9ZjQijiynQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFNNUxImAyX2MkAPysNrPJM944FlIMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMDFURWlZREpmWXlRQV9LdzJzOGt6M2pnV1VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALZyeAwQA
WSFUAwQAWSJ/AwQAWSOaAwQAWSU+AwQAXXLAAwQAXXNtAwQAvNSbAwQAvPDoAwQA
vPFuAwQAvPHWAwQAwReCMA0GCSqGSIb3DQEBCwUAA4IBAQBYJy7OkDfcoQF3qizl
B52FoxgVGWiwfFb2MFbc+A9Git/Mkha/UUEEA1cDvx/JYoEeWPrmOolbOaLfh5PM
MVc6EPlPNBIjgcPfIWI2uZewUwZExdTyZz+7doBlbyc+ao42JFC1nCTyHhNQ7P42
vg7qMTcMY8uynfeI9zQl+1ftarZ10YvJ/KTEygjtUxgJ+sxf+JsKxqHbS2EJQ2UP
4iCrnHqXA6LFQ1tSmRn5v5VUumgVgdMC9xb+NPPEB/6l2pKm2PPhYCc3AG14oEsz
dxlORzuX7R551V/z/EBMyn5VD9lwIZeJWc4kecG44pKwHTnjY1iTy9wogmxxacaX
auMI
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:57 2023 by rpki-client on console-fra.rpki-client.org