Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/3zL-Vr0QtyavSPQPiwpm6oaBKfU.roa
File: 3zL-Vr0QtyavSPQPiwpm6oaBKfU.roa (raw, json)
Hash identifier: sB50A4o20+PgErLjomQa+fgfzmA3dQLX/uu7uOrLKBU=
Subject key identifier: DF:32:FE:56:BD:10:B7:26:AF:48:F4:0F:8B:0A:66:EA:86:81:29:F5
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B7507A1CA1FBFFE6BAC00225345240607
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/3zL-Vr0QtyavSPQPiwpm6oaBKfU.roa
Signing time: Sat 28 Oct 2023 06:45:16 +0000
ROA not before: Sat 28 Oct 2023 06:45:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.254.0/23 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:75:07:a1:ca:1f:bf:fe:6b:ac:00:22:53:45:24:06:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 28 06:45:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df32fe56bd10b726af48f40f8b0a66ea868129f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:43:e5:06:6d:c7:f7:8b:2e:ea:05:6b:23:fd:
21:5b:54:62:76:b9:09:e5:d3:c0:12:2b:43:c6:ab:
25:29:ae:89:db:e1:69:41:ab:88:32:cd:53:61:74:
f0:7d:06:35:d3:89:f2:e6:39:ee:93:7e:7f:bc:d0:
86:c6:7a:21:d9:8a:0a:64:f2:b2:17:65:ee:dc:a8:
f1:f0:ef:51:3c:3b:70:58:ae:71:08:c0:23:94:6f:
85:72:c5:aa:90:7a:bb:19:3d:ec:18:c4:63:dc:81:
37:17:00:0d:4e:c6:76:0b:34:db:35:4c:74:4b:b4:
86:a6:81:02:42:bd:75:56:b9:89:8c:5c:82:6b:66:
5d:52:02:db:d9:06:e9:58:be:26:f2:c5:a9:fd:63:
09:70:4b:dc:75:41:39:19:6b:94:df:45:45:4a:7a:
8b:c1:9c:61:9f:f8:2d:be:4c:f5:6f:8b:a8:fc:90:
e9:39:dd:16:09:4e:2b:66:40:0a:3a:cc:dc:ba:61:
44:fe:39:f6:dc:a0:3d:ef:46:a0:ce:e6:a4:51:2e:
0a:fc:ec:9b:57:f5:96:86:d4:09:93:2f:d1:78:25:
dd:f0:6c:ad:f5:71:6f:96:d8:ae:76:f4:13:8d:48:
92:04:c4:cb:48:bb:80:f8:71:f4:37:23:d2:60:7a:
2b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:32:FE:56:BD:10:B7:26:AF:48:F4:0F:8B:0A:66:EA:86:81:29:F5
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/3zL-Vr0QtyavSPQPiwpm6oaBKfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
87.247.148.0/22
89.33.85.0/24
89.35.154.0/24
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.168.0/22
188.212.133.0/24
188.212.159.0/24
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
42:4a:99:88:e9:ae:89:ac:8d:c9:30:11:30:b9:0f:e7:8c:5e:
d8:10:17:79:9d:0d:81:ef:be:19:c5:5c:2e:8a:6b:bb:56:0d:
8b:e1:4b:24:e6:ef:83:12:10:55:c6:99:b0:6e:d7:22:f1:13:
b4:d8:e9:df:0f:c7:21:b5:51:a3:e3:c8:1a:56:dd:72:62:17:
cf:fe:b9:ba:ba:bd:15:f2:ba:7d:e7:cc:ea:48:d8:60:6b:d6:
4a:d1:31:53:fe:f2:90:42:fb:2b:40:06:db:23:24:11:89:81:
84:5c:b3:30:c0:98:f4:69:62:0f:cf:b5:d3:ea:1f:a4:4a:2d:
04:29:74:6a:4a:8b:1e:25:ea:af:3a:bd:92:84:5a:7d:68:7f:
72:e8:e5:cb:75:ae:ec:2a:5f:a6:5f:bc:b2:7b:be:8e:d4:bd:
c4:7a:c2:f6:0a:73:2e:a0:e5:4b:31:1a:7b:e4:07:c0:62:e7:
f9:6c:d9:86:c2:d0:6b:b0:32:3d:43:8f:04:54:e3:cb:b1:3d:
29:30:c7:1f:59:48:dc:48:ed:be:cd:0b:58:c6:af:77:cd:41:
7a:70:db:c7:35:c7:42:49:94:6b:9d:dc:56:87:98:0c:4f:e3:
be:87:26:58:aa:85:c3:c8:cd:c8:80:7a:71:24:28:a1:f9:36:
d7:a4:f5:62
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAYt1B6HKH7/+a6wAIlNFJAYHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDI4MDY0NTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjMyZmU1NmJkMTBiNzI2YWY0OGY0MGY4YjBhNjZlYTg2ODEyOWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUPlBm3H94su6gVrI/0hW1RidrkJ
5dPAEitDxqslKa6J2+FpQauIMs1TYXTwfQY104ny5jnuk35/vNCGxnoh2YoKZPKy
F2Xu3Kjx8O9RPDtwWK5xCMAjlG+FcsWqkHq7GT3sGMRj3IE3FwANTsZ2CzTbNUx0
S7SGpoECQr11VrmJjFyCa2ZdUgLb2QbpWL4m8sWp/WMJcEvcdUE5GWuU30VFSnqL
wZxhn/gtvkz1b4uo/JDpOd0WCU4rZkAKOszcumFE/jn23KA970agzuakUS4K/Oyb
V/WWhtQJky/ReCXd8Gyt9XFvltiudvQTjUiSBMTLSLuA+HH0NyPSYHorBwIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFN8y/la9ELcmr0j0D4sKZuqGgSn1MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvM3pMLVZyMFF0eWF2U1BRUGl3cG02b2FCS2ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAIt
krgDBAAtnJ0DBAJX95QDBABZIVUDBABZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAG5
h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAK5/6gDBAC81IUDBAC81J8DBAC8
1tEDBAG88OADBAC88OMDBAC88fMDBAHBF4ADBALV6FwwDQYJKoZIhvcNAQELBQAD
ggEBAEJKmYjpromsjckwETC5D+eMXtgQF3mdDYHvvhnFXC6Ka7tWDYvhSyTm74MS
EFXGmbBu1yLxE7TY6d8PxyG1UaPjyBpW3XJiF8/+ubq6vRXyun3nzOpI2GBr1krR
MVP+8pBC+ytABtsjJBGJgYRcszDAmPRpYg/PtdPqH6RKLQQpdGpKix4l6q86vZKE
Wn1of3Lo5ct1ruwqX6ZfvLJ7vo7UvcR6wvYKcy6g5UsxGnvkB8Bi5/ls2YbC0Guw
Mj1DjwRU48uxPSkwxx9ZSNxI7b7NC1jGr3fNQXpw28c1x0JJlGud3FaHmAxP476H
JliqhcPIzciAenEkKKH5Ntek9WI=
-----END CERTIFICATE-----
Generated at Mon Oct 30 19:51:34 2023 by rpki-client on console-ams.rpki-client.org