Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-RFia1RNLW1_8rPQTBZlZIqFESg.roa
File: 1-RFia1RNLW1_8rPQTBZlZIqFESg.roa (raw, json)
Hash identifier: YfiOoK5/RaKtxFvQ3yUE6KZnlD+CWFtXU54/0xtzLnY=
Subject key identifier: F9:11:62:6B:54:4D:2D:6D:7F:F2:B3:D0:4C:16:65:64:8A:85:11:28
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018BB9CDD9D5708BE0274F0AB6A6CFBAA65C
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-RFia1RNLW1_8rPQTBZlZIqFESg.roa
Signing time: Fri 10 Nov 2023 15:15:57 +0000
ROA not before: Fri 10 Nov 2023 15:15:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.254.0/23 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 Nov 2023 06:07:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b9:cd:d9:d5:70:8b:e0:27:4f:0a:b6:a6:cf:ba:a6:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 10 15:15:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f911626b544d2d6d7ff2b3d04c1665648a851128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:89:f9:72:1a:0d:7c:d8:e6:f2:9a:73:7d:d1:
4a:2c:9b:fa:85:de:7d:31:6d:42:f8:ee:28:5c:ba:
f7:07:f5:a3:7f:24:30:50:ca:d3:54:3e:df:1b:a0:
4b:fe:3b:8a:18:0b:87:d8:7a:29:8e:c1:30:07:3f:
58:ae:a5:01:3e:de:cf:34:e5:0c:2a:6e:33:1a:d1:
06:30:e8:97:fb:42:24:d9:bc:2d:d9:24:36:aa:4f:
3e:e3:d0:5f:92:8f:24:e2:d5:04:4f:4a:3b:80:22:
ae:86:32:27:34:98:10:ab:1a:9c:c0:3b:7f:fa:72:
f4:46:8a:a3:5d:1e:6c:fc:92:87:94:45:32:24:27:
c9:17:d8:a9:a9:af:67:c3:42:e3:c4:59:93:31:0d:
95:bb:a6:af:43:a8:a5:77:58:a6:fe:4d:41:17:e6:
83:4d:20:12:01:a0:cc:20:98:01:d5:c2:a5:92:b1:
f1:3d:65:c1:94:74:07:de:35:9b:31:ea:0e:67:85:
ea:22:96:0a:44:9a:7f:6f:55:fa:9e:5e:8c:89:76:
a5:69:03:1c:5b:de:4d:80:b8:10:b1:06:c5:62:7b:
64:7c:32:06:7b:30:5b:90:7a:f6:a3:2d:47:86:4c:
b4:5d:0f:fc:59:88:2b:c9:a3:62:d0:71:38:43:69:
85:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:11:62:6B:54:4D:2D:6D:7F:F2:B3:D0:4C:16:65:64:8A:85:11:28
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-RFia1RNLW1_8rPQTBZlZIqFESg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
87.247.148.0/22
89.33.84.0/23
89.35.154.0/24
89.37.62.0/23
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.168.0/22
188.212.132.0/23
188.212.158.0/23
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.241.110.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:19:da:bc:d8:00:05:45:90:8e:cf:cc:d9:56:16:d7:04:4d:
a3:90:fd:96:8c:5a:11:0d:9f:49:c4:08:93:88:0b:85:33:35:
ff:b1:2f:a7:6d:76:3e:b3:c5:71:98:94:29:8d:f0:eb:f0:0a:
83:b8:c2:da:b6:91:c9:4a:9d:9a:22:5b:35:d8:52:21:3f:8a:
96:44:fa:08:13:1a:bc:67:50:5b:45:ce:a0:48:37:79:35:4f:
e9:5c:a5:93:f2:2d:25:b1:93:eb:fd:bf:f2:c2:ab:47:95:e4:
ce:2b:28:99:ad:65:e0:c0:99:03:1b:31:24:55:97:f1:f6:1f:
c1:2f:2e:e7:19:b4:ef:ed:f3:99:e9:6b:af:91:50:cb:81:e2:
4a:47:92:8b:2f:4f:12:ba:e2:f6:64:d1:1b:bf:f1:fb:1e:b2:
58:31:32:f1:73:b3:52:9b:ef:4a:3e:1f:09:b1:df:23:a0:c3:
94:c9:dc:02:a8:09:38:5f:36:66:fd:3a:4a:6e:6c:bc:23:e5:
d8:58:bf:27:89:4f:00:bd:55:9c:0e:ef:fd:76:09:40:38:9b:
94:fb:f8:cf:b9:91:db:2a:7f:25:ac:32:09:af:d0:28:89:03:
53:77:95:27:50:30:4d:b7:e8:2f:7a:77:88:c4:a1:59:2c:09:
fb:4a:1e:91
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYu5zdnVcIvgJ08KtqbPuqZcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTEwMTUxNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTExNjI2YjU0NGQyZDZkN2ZmMmIzZDA0YzE2NjU2NDhhODUxMTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhon5choNfNjm8ppzfdFKLJv6hd59
MW1C+O4oXLr3B/WjfyQwUMrTVD7fG6BL/juKGAuH2HopjsEwBz9YrqUBPt7PNOUM
Km4zGtEGMOiX+0Ik2bwt2SQ2qk8+49Bfko8k4tUET0o7gCKuhjInNJgQqxqcwDt/
+nL0RoqjXR5s/JKHlEUyJCfJF9ipqa9nw0LjxFmTMQ2Vu6avQ6ild1im/k1BF+aD
TSASAaDMIJgB1cKlkrHxPWXBlHQH3jWbMeoOZ4XqIpYKRJp/b1X6nl6MiXalaQMc
W95NgLgQsQbFYntkfDIGezBbkHr2oy1Hhky0XQ/8WYgryaNi0HE4Q2mFHwIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFPkRYmtUTS1tf/Kz0EwWZWSKhREoMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMS1SRmlhMVJOTFcxXzhyUFFUQlpsWklxRkVTZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1
OC8xL05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBpwYIKwYBBQUHAQcBAf8EgZcwgZQwgZEEAgABMIGKAwQC
LZK4AwQALZydAwQCV/eUAwQBWSFUAwQAWSOaAwQBWSU+AwQCW7zMAwQBXXP+AwQB
uYeMAwQAuYePAwQAue4KAwQBufHSAwQAuf8nAwQCuf+oAwQBvNSEAwQBvNSeAwQA
vNbRAwQBvPDgAwQAvPDjAwQAvPFuAwQAvPHzAwQBwReAAwQC1ehcMA0GCSqGSIb3
DQEBCwUAA4IBAQB+Gdq82AAFRZCOz8zZVhbXBE2jkP2WjFoRDZ9JxAiTiAuFMzX/
sS+nbXY+s8VxmJQpjfDr8AqDuMLatpHJSp2aIls12FIhP4qWRPoIExq8Z1BbRc6g
SDd5NU/pXKWT8i0lsZPr/b/ywqtHleTOKyiZrWXgwJkDGzEkVZfx9h/BLy7nGbTv
7fOZ6WuvkVDLgeJKR5KLL08SuuL2ZNEbv/H7HrJYMTLxc7NSm+9KPh8Jsd8joMOU
ydwCqAk4XzZm/TpKbmy8I+XYWL8niU8AvVWcDu/9dglAOJuU+/jPuZHbKn8lrDIJ
r9AoiQNTd5UnUDBNt+gveneIxKFZLAn7Sh6R
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org