Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-moREgupl-66adWNp7foJn52W5Y.roa
File: 1-moREgupl-66adWNp7foJn52W5Y.roa (raw, json)
Hash identifier: KLtZXWe4shARKLxeDw9BMUKtCS1y9KwBFbY/+qFkZGI=
Subject key identifier: FA:6A:11:12:0B:A9:97:EE:BA:69:D5:8D:A7:B7:E8:26:7E:76:5B:96
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B3946DD340ADDA0EE0E01696C31D585F1
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-moREgupl-66adWNp7foJn52W5Y.roa
Signing time: Mon 16 Oct 2023 16:17:07 +0000
ROA not before: Mon 16 Oct 2023 16:17:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.112.64.0/22 maxlen: 24
188.240.68.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:39:46:dd:34:0a:dd:a0:ee:0e:01:69:6c:31:d5:85:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 16 16:17:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa6a11120ba997eeba69d58da7b7e8267e765b96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:82:b0:46:7d:27:46:ca:98:7d:9d:3c:75:5f:
e3:b7:97:29:4a:ba:b1:d6:80:68:5f:d8:29:08:b8:
f4:0d:f5:cc:52:8d:3f:59:35:22:06:4a:90:28:d3:
e8:7e:e6:16:ea:62:ef:51:db:d8:28:70:11:3a:05:
56:96:8e:4d:ba:7f:85:99:f0:ef:0a:52:5d:fd:91:
88:21:df:a8:00:02:84:8a:93:f9:ae:dd:f6:e8:a1:
93:49:d8:12:85:d2:21:1c:c7:9a:cc:0b:ff:e5:c1:
bd:ff:ae:44:2d:d2:42:5a:0d:70:39:3f:b2:e4:42:
dc:14:9c:4e:b2:65:35:24:81:06:f2:6e:6e:34:f0:
4a:df:23:d0:26:4c:50:f3:99:33:09:4a:a0:c6:b5:
df:b9:3f:c8:21:5c:33:be:6b:e4:f7:15:31:2c:59:
b8:de:ff:96:59:cf:fc:ca:03:e6:25:04:ac:49:ec:
0e:ff:c2:33:53:3e:b3:41:02:78:d2:cb:d7:95:33:
13:d4:3c:6e:49:6d:d8:cc:f5:81:14:bd:6f:14:5a:
89:14:ae:32:6b:7a:16:61:ab:87:99:dc:47:38:45:
ac:f7:cb:6e:c3:d5:f8:eb:1c:97:c3:b7:b5:d1:48:
c1:79:8d:26:6e:c2:a5:8c:68:77:35:f4:c5:ea:5a:
17:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:6A:11:12:0B:A9:97:EE:BA:69:D5:8D:A7:B7:E8:26:7E:76:5B:96
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-moREgupl-66adWNp7foJn52W5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
87.247.148.0/22
89.33.85.0/24
89.35.154.0/24
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.112.64.0/22
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.168.0/22
188.212.133.0/24
188.212.155.0/24
188.212.159.0/24
188.213.202.0/23
188.214.209.0/24
188.240.68.0/24
188.240.224.0/23
188.240.227.0/24
188.240.233.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:55:62:b9:a9:99:cc:11:f9:f0:63:ca:6d:79:f3:be:17:b2:
0a:ea:0a:bf:e0:73:a7:f6:ec:7f:c9:11:eb:6a:a5:39:cc:89:
e5:69:0d:8a:ed:e7:93:89:86:25:3d:74:07:e5:78:1c:8b:08:
12:f2:bc:5e:e9:b5:75:12:23:dc:59:30:36:63:6b:a1:e9:4c:
9c:d1:d0:1c:0f:69:dd:b2:76:4d:c9:25:b4:57:6a:ae:e2:19:
66:11:9a:33:4a:32:6e:d1:1c:e9:8d:43:db:c7:db:47:11:b4:
a1:aa:e1:57:e2:e1:58:fc:d5:a0:78:47:a6:75:75:37:2f:f0:
b1:84:8e:92:d0:9e:f3:a8:7e:c6:f7:4c:81:ba:28:e9:36:6c:
a0:4a:fa:90:6c:8c:84:24:c5:76:23:c1:4e:bc:1a:ea:a4:a0:
84:23:49:f3:80:a5:9d:d7:c2:c3:43:9e:36:6e:b5:89:7d:04:
2a:a4:51:fe:d7:78:58:66:63:26:15:f5:e1:0f:e9:05:c9:57:
e8:00:b3:ef:6c:3c:6c:5f:1e:62:ef:a1:4f:ea:40:59:07:8b:
0c:ec:60:98:6c:eb:f4:09:ca:6f:e5:68:d3:4c:2e:69:87:1e:
9f:09:e6:96:d2:2b:74:43:0f:35:34:07:81:4e:5b:83:c7:a5:
b0:cf:61:8d
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAYs5Rt00Ct2g7g4BaWwx1YXxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDE2MTYxNzA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTZhMTExMjBiYTk5N2VlYmE2OWQ1OGRhN2I3ZTgyNjdlNzY1Yjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmoKwRn0nRsqYfZ08dV/jt5cpSrqx
1oBoX9gpCLj0DfXMUo0/WTUiBkqQKNPofuYW6mLvUdvYKHAROgVWlo5Nun+FmfDv
ClJd/ZGIId+oAAKEipP5rt326KGTSdgShdIhHMeazAv/5cG9/65ELdJCWg1wOT+y
5ELcFJxOsmU1JIEG8m5uNPBK3yPQJkxQ85kzCUqgxrXfuT/IIVwzvmvk9xUxLFm4
3v+WWc/8ygPmJQSsSewO/8IzUz6zQQJ40svXlTMT1DxuSW3YzPWBFL1vFFqJFK4y
a3oWYauHmdxHOEWs98tuw9X46xyXw7e10UjBeY0mbsKljGh3NfTF6loXEQIDAQAB
o4ICqzCCAqcwHQYDVR0OBBYEFPpqERILqZfuumnVjae36CZ+dluWMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMS1tb1JFZ3VwbC02NmFkV05wN2ZvSm41Mlc1WS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1
OC8xL05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBvwYIKwYBBQUHAQcBAf8Ega8wgawwgakEAgABMIGiAwQC
LZK4AwQALZydAwQCV/eUAwQAWSFVAwQAWSOaAwQAWSU/AwQCW7zMAwQBXXP+AwQC
uXBAAwQBuYeMAwQAuYePAwQAue4KAwQBufHSAwQAuf8nAwQCuf+oAwQAvNSFAwQA
vNSbAwQAvNSfAwQBvNXKAwQAvNbRAwQAvPBEAwQBvPDgAwQAvPDjAwQAvPDpAwQA
vPHzAwQBwReAAwQC1ehcMA0GCSqGSIb3DQEBCwUAA4IBAQB6VWK5qZnMEfnwY8pt
efO+F7IK6gq/4HOn9ux/yRHraqU5zInlaQ2K7eeTiYYlPXQH5XgciwgS8rxe6bV1
EiPcWTA2Y2uh6Uyc0dAcD2ndsnZNySW0V2qu4hlmEZozSjJu0RzpjUPbx9tHEbSh
quFX4uFY/NWgeEemdXU3L/CxhI6S0J7zqH7G90yBuijpNmygSvqQbIyEJMV2I8FO
vBrqpKCEI0nzgKWd18LDQ542brWJfQQqpFH+13hYZmMmFfXhD+kFyVfoALPvbDxs
Xx5i76FP6kBZB4sM7GCYbOv0Ccpv5WjTTC5phx6fCeaW0it0Qw81NAeBTluDx6Ww
z2GN
-----END CERTIFICATE-----
Generated at Tue Oct 17 11:51:13 2023 by rpki-client on console-fra.rpki-client.org