Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/0DBsxrrOcPxeF6gIveRUdM_tOuo.roa
File: 0DBsxrrOcPxeF6gIveRUdM_tOuo.roa (raw, json)
Hash identifier: raRYQrUaW40B7Vr6TLfvdBj1JpkQzHqSvStfb6XRV44=
Subject key identifier: D0:30:6C:C6:BA:CE:70:FC:5E:17:A8:08:BD:E4:54:74:CF:ED:3A:EA
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018BA60F83345103A5567DBBB71A50BB5012
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/0DBsxrrOcPxeF6gIveRUdM_tOuo.roa
Signing time: Mon 06 Nov 2023 19:15:16 +0000
ROA not before: Mon 06 Nov 2023 19:15:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.254.0/23 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a6:0f:83:34:51:03:a5:56:7d:bb:b7:1a:50:bb:50:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 6 19:15:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0306cc6bace70fc5e17a808bde45474cfed3aea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:28:af:e7:93:de:27:7c:23:cd:73:aa:2f:04:
21:81:5c:e9:59:98:12:2b:84:e9:55:05:87:44:cf:
a1:52:9c:e0:6c:9b:b1:f6:19:cd:ad:88:4b:97:2f:
7c:69:6b:81:71:3d:44:cc:ee:cf:ca:49:4b:ab:93:
51:f0:b8:97:6b:b8:89:51:2f:b7:ad:0e:94:0b:3f:
96:4e:f8:91:2a:25:63:b5:3c:42:d3:47:18:9d:ea:
ef:09:1e:fe:dd:c3:f2:ca:b9:ea:9d:b5:26:7a:63:
87:78:77:71:40:85:b3:8c:66:69:e8:93:9c:93:ee:
ab:6f:ef:51:87:86:6d:bc:3c:6a:d6:30:39:d2:24:
f0:38:b3:d7:25:75:76:1b:0f:ce:88:2a:e3:1b:81:
31:84:d7:fb:8f:39:0a:8d:c9:6a:55:1a:33:28:ac:
ea:ce:16:b3:89:01:c5:5f:63:63:a3:08:59:92:27:
82:b9:84:ff:d8:d6:1b:e2:49:9a:47:b0:b3:46:e8:
1a:8a:a4:13:cb:be:3c:a7:38:55:28:5e:54:e6:61:
5f:72:10:8b:d2:b8:8f:4f:f3:4c:e8:40:ce:8b:ea:
b3:7b:fa:ae:8f:1f:a8:34:32:8f:81:6b:7f:c6:08:
0a:c8:ac:d3:81:09:c7:e5:f8:8f:d2:9a:3c:0a:13:
05:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:30:6C:C6:BA:CE:70:FC:5E:17:A8:08:BD:E4:54:74:CF:ED:3A:EA
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/0DBsxrrOcPxeF6gIveRUdM_tOuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
87.247.148.0/22
89.33.85.0/24
89.35.154.0/24
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.168.0/22
188.212.132.0/23
188.212.159.0/24
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.241.110.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:e8:3f:9b:a0:f7:5d:1a:43:4f:c5:e2:34:d9:b5:53:40:06:
d3:cf:d8:b5:e3:6d:85:b0:dd:fd:97:2c:29:40:99:cc:ab:38:
63:1d:94:92:ef:a1:8f:06:25:92:3d:b1:bb:24:d5:4c:00:51:
8e:c4:e3:d0:aa:81:25:64:fc:80:55:dc:e7:e6:98:28:75:b3:
bb:3d:28:de:4b:bc:ae:45:f4:81:b1:23:51:31:10:4d:19:a2:
1b:9c:ea:c2:4c:67:7e:c8:eb:58:f1:34:e2:23:4f:a5:28:20:
19:27:f6:3f:45:d3:43:2c:89:bb:a6:6e:a3:f2:5b:5e:44:4b:
dd:b3:41:12:05:64:26:8e:ce:55:bc:58:98:48:f0:76:4d:d5:
9e:8a:55:6e:bc:b7:fe:53:5d:5f:95:be:99:82:d9:42:4a:e7:
d4:2c:5a:d0:a3:9f:ac:b9:e0:0d:c8:3b:2b:4a:b4:76:5b:fd:
c7:ca:b0:1a:ea:71:04:4f:96:57:cf:2e:d9:ba:e2:7b:51:8c:
b4:98:98:a8:80:9b:ed:a8:c5:3c:07:3c:6e:85:30:dd:8d:07:
83:97:85:bb:8a:d6:79:65:00:84:fc:9d:88:30:0f:ff:a8:c1:
04:f5:9a:f8:cf:34:a5:8b:72:53:63:dd:1b:74:9f:aa:bd:99:
6a:e7:63:91
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYumD4M0UQOlVn27txpQu1ASMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTA2MTkxNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDMwNmNjNmJhY2U3MGZjNWUxN2E4MDhiZGU0NTQ3NGNmZWQzYWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyiv55PeJ3wjzXOqLwQhgVzpWZgS
K4TpVQWHRM+hUpzgbJux9hnNrYhLly98aWuBcT1EzO7PyklLq5NR8LiXa7iJUS+3
rQ6UCz+WTviRKiVjtTxC00cYnervCR7+3cPyyrnqnbUmemOHeHdxQIWzjGZp6JOc
k+6rb+9Rh4ZtvDxq1jA50iTwOLPXJXV2Gw/OiCrjG4ExhNf7jzkKjclqVRozKKzq
zhaziQHFX2NjowhZkieCuYT/2NYb4kmaR7CzRugaiqQTy748pzhVKF5U5mFfchCL
0riPT/NM6EDOi+qze/qujx+oNDKPgWt/xggKyKzTgQnH5fiP0po8ChMFIwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFNAwbMa6znD8XheoCL3kVHTP7TrqMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMERCc3hyck9jUHhlRjZnSXZlUlVkTV90T3VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAIt
krgDBAAtnJ0DBAJX95QDBABZIVUDBABZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAG5
h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAK5/6gDBAG81IQDBAC81J8DBAC8
1tEDBAG88OADBAC88OMDBAC88W4DBAC88fMDBAHBF4ADBALV6FwwDQYJKoZIhvcN
AQELBQADggEBAH7oP5ug910aQ0/F4jTZtVNABtPP2LXjbYWw3f2XLClAmcyrOGMd
lJLvoY8GJZI9sbsk1UwAUY7E49CqgSVk/IBV3OfmmCh1s7s9KN5LvK5F9IGxI1Ex
EE0Zohuc6sJMZ37I61jxNOIjT6UoIBkn9j9F00MsibumbqPyW15ES92zQRIFZCaO
zlW8WJhI8HZN1Z6KVW68t/5TXV+VvpmC2UJK59QsWtCjn6y54A3IOytKtHZb/cfK
sBrqcQRPllfPLtm64ntRjLSYmKiAm+2oxTwHPG6FMN2NB4OXhbuK1nllAIT8nYgw
D/+owQT1mvjPNKWLclNj3Rt0n6q9mWrnY5E=
-----END CERTIFICATE-----
Generated at Thu Nov 9 08:50:46 2023 by rpki-client on console-ams.rpki-client.org