Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/3AT3UmRPGcvWmgVkxZWUXo-fcn4.roa
File: 3AT3UmRPGcvWmgVkxZWUXo-fcn4.roa (raw, json)
Hash identifier: 4N3mk1T6Am2ZkSUA+smmuhuD/OnB2hqw9xLR5+yQ3Yg=
Subject key identifier: DC:04:F7:52:64:4F:19:CB:D6:9A:05:64:C5:95:94:5E:8F:9F:72:7E
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01863556D60FC8AFEFB460F07735BDEC3A52
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/3AT3UmRPGcvWmgVkxZWUXo-fcn4.roa
Signing time: Thu 09 Feb 2023 08:42:08 +0000
ROA not before: Thu 09 Feb 2023 08:42:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3507
IP address blocks: 93.114.192.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
45.156.158.0/24 maxlen: 24
89.34.127.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
93.115.109.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
188.241.214.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:35:56:d6:0f:c8:af:ef:b4:60:f0:77:35:bd:ec:3a:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 9 08:42:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc04f752644f19cbd69a0564c595945e8f9f727e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fc:35:c8:56:3e:6b:cc:ab:38:20:ed:b1:38:
f0:b9:8a:c3:d3:60:b8:c1:03:ab:e6:e7:a7:7b:2e:
5b:a9:e6:19:a5:0a:ef:5b:3f:ae:72:0c:a0:33:ef:
31:90:0b:1a:02:92:36:80:17:e7:3c:b0:6e:c9:35:
02:01:57:66:52:56:5b:13:be:fe:3e:b7:56:54:58:
5e:81:36:52:31:07:a4:80:a2:1e:88:43:88:53:6f:
d4:31:b5:f5:73:7e:0c:79:3f:44:39:4c:a0:68:7c:
27:09:84:e0:ef:2a:78:e7:dd:99:9b:d1:a5:e5:91:
11:c9:67:c1:9f:80:d3:0b:d3:d8:a2:e6:16:55:fc:
e2:e0:f6:c1:40:46:00:80:37:b4:c1:73:fd:a4:d5:
b9:8b:bc:09:05:ba:97:09:30:f8:d3:15:72:13:13:
77:63:39:5f:ce:5f:04:b2:e6:6c:03:1a:b9:3d:22:
b6:bd:00:33:4b:2b:dc:cd:d5:6d:47:28:0d:97:df:
a1:15:66:6c:59:36:50:b5:e0:cb:bf:f0:3c:57:d2:
dc:56:61:a6:bb:9f:ff:33:1f:95:62:24:0a:e1:57:
bf:cd:83:9e:5f:7f:38:99:32:4d:39:de:29:e5:8b:
70:c5:b3:0d:53:33:75:ae:5c:8e:84:f3:82:bc:b4:
50:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:04:F7:52:64:4F:19:CB:D6:9A:05:64:C5:95:94:5E:8F:9F:72:7E
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/3AT3UmRPGcvWmgVkxZWUXo-fcn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.157.0-45.156.158.255
89.33.84.0/24
89.34.127.0/24
89.35.154.0/24
89.37.62.0/23
93.114.192.0/24
93.115.109.0/24
188.212.155.0/24
188.240.232.0/24
188.241.214.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:83:d9:83:50:f1:95:13:5c:cb:70:19:ee:2e:bc:08:b3:01:
aa:8f:d8:99:5e:c8:d4:37:11:b5:45:11:a5:c6:13:a6:db:40:
b9:62:29:e1:3e:62:bc:ec:55:31:01:0f:f5:29:64:d8:ea:f7:
29:6c:51:60:17:e5:f7:02:4f:25:c6:ee:9f:0a:fe:9a:b5:c1:
03:0e:04:7d:e1:2c:86:fb:67:a1:72:87:d4:e6:f7:47:b2:68:
24:43:e9:5f:99:1e:17:e3:e0:26:8e:22:54:b0:f4:0e:70:9a:
71:0c:0d:2f:a5:32:6e:0f:ac:2d:98:fc:51:d5:3a:52:6c:6a:
a1:04:45:74:c2:cc:69:8d:93:1d:11:e8:18:37:5f:ab:9b:78:
7b:5a:ee:2a:88:51:a7:2b:86:93:30:ac:e5:12:66:d0:ed:14:
66:8b:0b:1f:8d:51:ce:af:c2:7d:e0:91:af:ac:04:96:ff:40:
08:96:72:7a:73:14:0c:26:f3:2d:3e:c9:50:68:22:63:d6:30:
c4:c5:da:70:b0:99:f3:93:a6:3c:b7:b1:93:60:cb:67:00:fd:
34:55:33:2b:bf:4e:a4:1e:14:90:ca:b4:67:84:80:14:8e:6e:
09:cb:23:ea:12:d5:22:25:cd:57:9c:9e:ef:14:dd:d1:31:b8:
58:38:d8:5a
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYY1VtYPyK/vtGDwdzW97DpSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjA5MDg0MjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzA0Zjc1MjY0NGYxOWNiZDY5YTA1NjRjNTk1OTQ1ZThmOWY3MjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfw1yFY+a8yrOCDtsTjwuYrD02C4
wQOr5ueney5bqeYZpQrvWz+ucgygM+8xkAsaApI2gBfnPLBuyTUCAVdmUlZbE77+
PrdWVFhegTZSMQekgKIeiEOIU2/UMbX1c34MeT9EOUygaHwnCYTg7yp4592Zm9Gl
5ZERyWfBn4DTC9PYouYWVfzi4PbBQEYAgDe0wXP9pNW5i7wJBbqXCTD40xVyExN3
Yzlfzl8EsuZsAxq5PSK2vQAzSyvczdVtRygNl9+hFWZsWTZQteDLv/A8V9LcVmGm
u5//Mx+VYiQK4Ve/zYOeX384mTJNOd4p5YtwxbMNUzN1rlyOhPOCvLRQywIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFNwE91JkTxnL1poFZMWVlF6Pn3J+MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvM0FUM1VtUlBHY3ZXbWdWa3haV1VYby1mY240LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEMAwDBAAtnJ0D
BAAtnJ4DBABZIVQDBABZIn8DBABZI5oDBAFZJT4DBABdcsADBABdc20DBAC81JsD
BAC88OgDBAC88dYwDQYJKoZIhvcNAQELBQADggEBAG6D2YNQ8ZUTXMtwGe4uvAiz
AaqP2JleyNQ3EbVFEaXGE6bbQLliKeE+YrzsVTEBD/UpZNjq9ylsUWAX5fcCTyXG
7p8K/pq1wQMOBH3hLIb7Z6Fyh9Tm90eyaCRD6V+ZHhfj4CaOIlSw9A5wmnEMDS+l
Mm4PrC2Y/FHVOlJsaqEERXTCzGmNkx0R6Bg3X6ubeHta7iqIUacrhpMwrOUSZtDt
FGaLCx+NUc6vwn3gka+sBJb/QAiWcnpzFAwm8y0+yVBoImPWMMTF2nCwmfOTpjy3
sZNgy2cA/TRVMyu/TqQeFJDKtGeEgBSObgnLI+oS1SIlzVecnu8U3dExuFg42Fo=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:57 2023 by rpki-client on console-fra.rpki-client.org