Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-HMa4bgoxMR_uMeMNuawPHg-8sU.roa
File: 1-HMa4bgoxMR_uMeMNuawPHg-8sU.roa (raw, json)
Hash identifier: mz06mqxSoehtwQzcqxJpVVAsHFPjoLgdlfofgGZdI3s=
Subject key identifier: F8:73:1A:E1:B8:28:C4:C4:7F:B8:C7:8C:36:E6:B0:3C:78:3E:F2:C5
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B42B60378049B6C398B37C3F3CAD7D4E9
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-HMa4bgoxMR_uMeMNuawPHg-8sU.roa
Signing time: Wed 18 Oct 2023 12:15:06 +0000
ROA not before: Wed 18 Oct 2023 12:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:42:b6:03:78:04:9b:6c:39:8b:37:c3:f3:ca:d7:d4:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 18 12:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8731ae1b828c4c47fb8c78c36e6b03c783ef2c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6c:8e:ad:ab:a3:62:c2:a4:52:a4:9e:a4:7c:
47:d9:16:99:75:e0:7d:9a:1e:97:27:43:29:ca:aa:
74:fd:10:ef:d0:dc:6e:1f:4f:43:cf:0f:15:58:48:
a3:ef:20:f5:17:9d:52:ac:5b:69:bf:32:63:86:68:
d2:40:dc:37:a8:8f:96:94:86:5e:52:83:ad:55:44:
7d:b0:52:59:3e:1e:48:f5:c3:8e:d4:8b:27:88:6d:
15:70:13:de:4a:85:6b:0e:3a:d8:ca:35:75:db:2b:
f6:23:de:01:75:09:ad:a0:33:fc:1a:5c:89:5d:5b:
81:59:fd:91:14:e7:32:14:86:dc:26:dd:a6:67:2b:
c7:01:d2:3b:1e:65:a6:cf:0d:ce:20:c9:c5:b4:4e:
a7:7e:ec:5c:67:89:0f:12:7e:73:e4:2f:20:84:30:
60:ea:a2:26:06:20:28:21:0a:73:a6:bf:60:31:f1:
e6:31:99:b8:0a:92:ea:22:3c:72:1d:28:35:b2:33:
69:4a:ca:78:59:a3:66:c2:a6:f2:4e:70:21:30:5b:
9a:1f:bd:21:ab:8e:cb:ce:c3:db:f0:db:be:55:df:
fc:29:68:86:30:36:50:fe:93:ca:be:a5:26:b7:78:
b3:04:74:5d:bf:97:5f:2d:e8:f1:07:87:4f:cc:a6:
92:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:73:1A:E1:B8:28:C4:C4:7F:B8:C7:8C:36:E6:B0:3C:78:3E:F2:C5
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-HMa4bgoxMR_uMeMNuawPHg-8sU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
87.247.148.0/22
89.33.85.0/24
89.35.154.0/24
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.168.0/22
188.212.133.0/24
188.212.155.0/24
188.212.159.0/24
188.213.202.0/23
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.240.233.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:07:70:c4:94:63:88:a5:70:7c:bd:82:ff:9a:fe:e0:a0:88:
4c:ea:24:f4:c5:25:4d:69:47:09:02:62:38:66:f6:ec:d2:21:
c6:d7:79:b5:18:42:6a:79:9e:a9:cb:86:fc:a6:d7:24:c7:11:
33:44:05:06:d0:8f:2e:1d:eb:3f:55:f4:52:27:34:37:88:f5:
c2:a7:32:cc:55:07:63:4e:15:a5:08:c8:f3:be:98:fb:66:d2:
60:d5:4e:70:f9:1e:16:ef:66:32:ae:da:e7:3a:13:cc:6c:2f:
e6:ce:a2:a2:3b:10:2f:bc:be:e3:82:69:da:63:15:c4:42:0f:
6f:f7:65:e2:2d:f5:94:e6:b6:6e:d0:32:58:77:d4:67:cc:7a:
df:23:88:94:7a:79:b6:0a:a5:8d:a2:91:dd:ef:48:bd:7d:54:
bf:9f:3d:aa:05:0a:f4:85:ad:f0:e0:b7:c3:46:f4:56:d2:9f:
47:37:6d:d9:e7:c4:66:cf:b7:6e:66:75:58:e3:e6:62:d9:69:
15:71:05:4a:f6:d9:c0:48:d4:e5:b6:4d:a8:e8:06:66:9a:47:
69:f0:93:e4:72:a4:0e:90:b9:47:59:c4:94:6f:9f:07:6c:4c:
9f:f0:a5:92:d7:88:5f:a0:f8:5b:03:f7:70:78:5c:d5:86:c7:
1a:91:6c:1b
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAYtCtgN4BJtsOYs3w/PK19TpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDE4MTIxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODczMWFlMWI4MjhjNGM0N2ZiOGM3OGMzNmU2YjAzYzc4M2VmMmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2yOraujYsKkUqSepHxH2RaZdeB9
mh6XJ0Mpyqp0/RDv0NxuH09Dzw8VWEij7yD1F51SrFtpvzJjhmjSQNw3qI+WlIZe
UoOtVUR9sFJZPh5I9cOO1IsniG0VcBPeSoVrDjrYyjV12yv2I94BdQmtoDP8GlyJ
XVuBWf2RFOcyFIbcJt2mZyvHAdI7HmWmzw3OIMnFtE6nfuxcZ4kPEn5z5C8ghDBg
6qImBiAoIQpzpr9gMfHmMZm4CpLqIjxyHSg1sjNpSsp4WaNmwqbyTnAhMFuaH70h
q47LzsPb8Nu+Vd/8KWiGMDZQ/pPKvqUmt3izBHRdv5dfLejxB4dPzKaSNwIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFPhzGuG4KMTEf7jHjDbmsDx4PvLFMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMS1ITWE0YmdveE1SX3VNZU1OdWF3UEhnLThzVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1
OC8xL05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBswYIKwYBBQUHAQcBAf8EgaMwgaAwgZ0EAgABMIGWAwQC
LZK4AwQALZydAwQCV/eUAwQAWSFVAwQAWSOaAwQAWSU/AwQCW7zMAwQBXXP+AwQB
uYeMAwQAuYePAwQAue4KAwQBufHSAwQAuf8nAwQCuf+oAwQAvNSFAwQAvNSbAwQA
vNSfAwQBvNXKAwQAvNbRAwQBvPDgAwQAvPDjAwQAvPDpAwQAvPHzAwQBwReAAwQC
1ehcMA0GCSqGSIb3DQEBCwUAA4IBAQA6B3DElGOIpXB8vYL/mv7goIhM6iT0xSVN
aUcJAmI4Zvbs0iHG13m1GEJqeZ6py4b8ptckxxEzRAUG0I8uHes/VfRSJzQ3iPXC
pzLMVQdjThWlCMjzvpj7ZtJg1U5w+R4W72YyrtrnOhPMbC/mzqKiOxAvvL7jgmna
YxXEQg9v92XiLfWU5rZu0DJYd9RnzHrfI4iUenm2CqWNopHd70i9fVS/nz2qBQr0
ha3w4LfDRvRW0p9HN23Z58Rmz7duZnVY4+Zi2WkVcQVK9tnASNTltk2o6AZmmkdp
8JPkcqQOkLlHWcSUb58HbEyf8KWS14hfoPhbA/dweFzVhscakWwb
-----END CERTIFICATE-----
Generated at Sat Oct 21 19:41:57 2023 by rpki-client on console-ams.rpki-client.org