Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/3WAvUWiD4jdlf0dQOjLMWgh12sE.roa
File: 3WAvUWiD4jdlf0dQOjLMWgh12sE.roa (raw, json)
Hash identifier: P4Xoxn05Y7WLGlDpCCpBtDKq3smeSol7tQii6Bt6Az8=
Subject key identifier: DD:60:2F:51:68:83:E2:37:65:7F:47:50:3A:32:CC:5A:08:75:DA:C1
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018721ED3AC770FE783B6699E6E7378B60CF
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/3WAvUWiD4jdlf0dQOjLMWgh12sE.roa
Signing time: Mon 27 Mar 2023 07:16:47 +0000
ROA not before: Mon 27 Mar 2023 07:16:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38337
IP address blocks: 92.114.85.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
213.232.94.0/24 maxlen: 24
45.156.159.0/24 maxlen: 24
185.255.37.0/24 maxlen: 24
188.240.230.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:21:ed:3a:c7:70:fe:78:3b:66:99:e6:e7:37:8b:60:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 27 07:16:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd602f516883e237657f47503a32cc5a0875dac1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d1:fa:06:9a:cb:62:f4:52:a3:48:ed:b0:54:
0f:82:79:15:be:8c:6a:d2:46:fc:a0:30:aa:fa:fa:
10:ed:2a:9c:6f:21:21:de:c0:f6:61:47:37:44:2f:
a3:ff:95:b5:f4:ab:34:a3:86:cc:68:16:2b:ea:7d:
8e:37:b9:b4:21:65:57:c9:56:b2:73:ed:72:3d:2f:
e5:bc:e0:a0:1e:62:18:b9:59:c9:63:59:f3:3a:0d:
c8:fb:44:ef:be:b2:94:e4:de:b7:5e:f6:8e:16:69:
26:f2:c5:dc:4c:75:08:5e:66:a4:9c:ab:b2:00:bb:
35:1f:82:81:ee:94:8d:c9:af:8e:30:af:7e:81:be:
c7:f6:03:05:8b:ea:1a:2c:4c:a5:dc:aa:98:93:f8:
f3:cd:3a:14:96:84:be:da:e0:f3:51:e8:d5:50:40:
e8:15:36:68:37:96:60:a8:dc:2b:58:67:b9:dd:91:
9d:4b:91:fc:48:04:99:c6:3b:ff:b4:95:ec:85:5b:
b9:72:df:fe:66:ce:47:37:e8:67:30:2a:5e:43:a3:
86:76:9a:fe:cd:3e:5f:81:ef:42:1e:38:1c:ac:ab:
0e:1e:7c:a7:d9:3f:60:78:b6:22:d2:12:79:7d:12:
ff:08:7b:68:2a:32:93:94:45:90:53:c8:59:f5:6a:
9a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:60:2F:51:68:83:E2:37:65:7F:47:50:3A:32:CC:5A:08:75:DA:C1
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/3WAvUWiD4jdlf0dQOjLMWgh12sE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.159.0/24
92.114.85.0/24
185.255.37.0/24
188.240.230.0/24
188.241.243.0/24
193.23.129.0/24
213.232.94.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:a3:95:93:0f:08:3a:37:d1:2d:7d:3e:bc:81:b3:eb:2c:fd:
d6:d1:5f:e6:09:ae:d1:6e:77:a0:5f:ee:8a:35:17:04:19:df:
2f:fb:10:10:bf:55:37:bd:14:d9:60:82:cb:3f:db:88:39:93:
3c:fc:08:0c:7e:5a:53:07:dc:cb:e0:8e:41:82:e3:0c:af:21:
f2:dc:75:43:8a:0d:12:ca:cf:51:27:b9:e3:82:f8:60:24:0e:
26:40:0c:40:36:9c:e4:0b:8f:f3:fd:9e:5c:2a:87:14:93:02:
49:45:3e:ab:2a:00:cc:a3:ed:b7:a5:e7:e4:7f:b2:92:73:37:
32:cf:56:44:8a:22:46:67:e1:48:51:1c:70:ab:d1:33:e9:84:
21:9e:f1:c2:a9:de:f8:30:f4:41:67:b6:e7:d5:b1:f2:98:11:
0d:1e:f8:39:8d:2b:30:59:91:37:e6:ca:34:cb:21:05:7f:18:
85:34:13:55:6d:b2:fd:17:d3:04:27:2b:29:e5:c4:68:f7:42:
88:49:98:5c:2a:39:c6:78:1c:f1:6e:21:80:cb:71:72:d5:8f:
b5:59:56:ea:90:e2:a7:4a:07:d0:33:76:f2:03:6c:74:55:9b:
6a:16:b0:b4:01:73:06:0d:c1:6e:97:c5:20:bf:fc:bf:c9:f3:
c8:bd:66:7e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYch7TrHcP54O2aZ5uc3i2DPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzI3MDcxNjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDYwMmY1MTY4ODNlMjM3NjU3ZjQ3NTAzYTMyY2M1YTA4NzVkYWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtH6BprLYvRSo0jtsFQPgnkVvoxq
0kb8oDCq+voQ7SqcbyEh3sD2YUc3RC+j/5W19Ks0o4bMaBYr6n2ON7m0IWVXyVay
c+1yPS/lvOCgHmIYuVnJY1nzOg3I+0TvvrKU5N63XvaOFmkm8sXcTHUIXmaknKuy
ALs1H4KB7pSNya+OMK9+gb7H9gMFi+oaLEyl3KqYk/jzzToUloS+2uDzUejVUEDo
FTZoN5ZgqNwrWGe53ZGdS5H8SASZxjv/tJXshVu5ct/+Zs5HN+hnMCpeQ6OGdpr+
zT5fge9CHjgcrKsOHnyn2T9geLYi0hJ5fRL/CHtoKjKTlEWQU8hZ9WqaRQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFN1gL1Fog+I3ZX9HUDoyzFoIddrBMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvM1dBdlVXaUQ0amRsZjBkUU9qTE1XZ2gxMnNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALZyfAwQA
XHJVAwQAuf8lAwQAvPDmAwQAvPHzAwQAwReBAwQA1eheMA0GCSqGSIb3DQEBCwUA
A4IBAQAeo5WTDwg6N9EtfT68gbPrLP3W0V/mCa7RbnegX+6KNRcEGd8v+xAQv1U3
vRTZYILLP9uIOZM8/AgMflpTB9zL4I5BguMMryHy3HVDig0Sys9RJ7njgvhgJA4m
QAxANpzkC4/z/Z5cKocUkwJJRT6rKgDMo+23pefkf7KSczcyz1ZEiiJGZ+FIURxw
q9Ez6YQhnvHCqd74MPRBZ7bn1bHymBENHvg5jSswWZE35so0yyEFfxiFNBNVbbL9
F9MEJysp5cRo90KISZhcKjnGeBzxbiGAy3Fy1Y+1WVbqkOKnSgfQM3byA2x0VZtq
FrC0AXMGDcFul8Ugv/y/yfPIvWZ+
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:57 2023 by rpki-client on console-fra.rpki-client.org