Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/42V8u1WM8uemyDjn0-Vf7A26JiA.roa
File: 42V8u1WM8uemyDjn0-Vf7A26JiA.roa (raw, json)
Hash identifier: Dkz/8fDodiTgQGgBK5iL6FZbQteUquAzqSJKpdhYDoA=
Subject key identifier: E3:65:7C:BB:55:8C:F2:E7:A6:C8:38:E7:D3:E5:5F:EC:0D:BA:26:20
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018A69916CB01B241C0C663D708DE6B9B1D2
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/42V8u1WM8uemyDjn0-Vf7A26JiA.roa
Signing time: Wed 06 Sep 2023 08:17:32 +0000
ROA not before: Wed 06 Sep 2023 08:17:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213035
IP address blocks: 185.121.122.0/23 maxlen: 24
185.121.121.0/24 maxlen: 24
185.239.243.0/24 maxlen: 24
220.158.198.0/24 maxlen: 24
45.144.226.0/24 maxlen: 24
220.158.196.0/23 maxlen: 24
62.197.138.0/23 maxlen: 24
193.239.164.0/23 maxlen: 24
62.197.137.0/24 maxlen: 24
62.197.140.0/22 maxlen: 24
45.146.186.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:69:91:6c:b0:1b:24:1c:0c:66:3d:70:8d:e6:b9:b1:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Sep 6 08:17:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3657cbb558cf2e7a6c838e7d3e55fec0dba2620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:33:29:77:11:42:94:99:7e:ed:cc:bd:32:9e:
e9:b8:0d:1e:ba:9c:31:1d:1f:d8:5e:57:0b:46:fa:
5a:7e:79:26:fb:86:e9:7a:f8:14:db:07:26:43:49:
5c:06:a2:85:ec:9a:2f:85:bc:dd:78:af:95:e2:5e:
f8:87:bd:4e:12:77:c6:fe:4e:84:90:fc:75:71:3b:
c1:55:cf:1b:f0:92:63:d1:d9:22:8a:db:d1:78:7d:
57:46:50:f6:07:b7:3f:9b:59:ba:63:fa:3a:68:44:
c9:1d:8e:e0:c2:d9:18:00:9a:91:b4:7f:b0:90:9c:
45:9c:ab:65:2a:6b:30:b5:e6:e7:bf:d6:de:3f:0a:
10:bd:8c:45:a7:01:5d:82:57:97:d2:4a:09:bd:6c:
ba:4f:0f:ab:76:2e:7b:05:ca:e3:e8:04:3a:e7:c6:
74:dd:75:b9:26:09:b4:8f:2e:9a:18:ee:ea:f8:33:
d2:24:c2:6a:7c:f0:ea:40:a6:5b:1c:35:b8:db:7b:
7d:b1:36:50:73:a1:b5:f0:dd:6b:a5:74:07:dd:e1:
94:70:cd:e5:8d:f9:a6:c5:e4:08:c8:64:83:ab:60:
82:6a:86:13:af:81:5f:76:78:26:35:a7:8e:36:f5:
a1:a9:99:67:89:06:10:ea:aa:6f:56:df:f3:ab:d4:
09:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:65:7C:BB:55:8C:F2:E7:A6:C8:38:E7:D3:E5:5F:EC:0D:BA:26:20
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/42V8u1WM8uemyDjn0-Vf7A26JiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.226.0/24
45.146.186.0/24
62.197.137.0-62.197.143.255
185.121.121.0-185.121.123.255
185.239.243.0/24
193.239.164.0/23
220.158.196.0-220.158.198.255
Signature Algorithm: sha256WithRSAEncryption
7a:b8:e1:e1:2f:d4:42:29:c9:a2:d0:1e:41:6b:94:64:8e:eb:
41:84:99:bb:05:0d:b4:c8:9a:16:44:73:e1:eb:02:d4:30:a6:
81:59:c5:2e:88:2b:65:c6:c2:a6:2a:fb:1f:15:16:85:08:29:
47:53:2f:ea:67:1d:74:d9:96:cc:a6:1d:83:f3:d8:3c:c7:a1:
02:8a:0a:fa:2a:ff:d0:ff:98:50:3a:2f:0a:1b:d1:ce:ae:dd:
1b:eb:b2:88:ea:0a:ca:be:cc:a1:f6:61:6a:2a:6f:ef:7e:62:
5c:a4:18:05:f9:b7:c8:b4:75:f3:c3:c9:dd:82:87:a8:72:b5:
3a:d5:0a:aa:1a:de:50:6d:0a:48:77:cc:df:01:08:ef:19:af:
2b:f6:50:93:dc:26:fa:ff:2c:58:a5:6d:22:16:63:78:ec:c1:
f2:74:4a:e7:e9:39:5c:85:a3:0e:6c:7d:75:4f:3e:41:c2:17:
36:3e:8a:d7:64:e5:a1:59:3a:8f:0a:8d:ba:bc:c5:36:64:0f:
db:67:03:0e:3c:9e:85:6e:8d:db:05:80:3c:09:a8:88:94:4c:
a1:59:43:9e:af:e4:e1:6b:c4:c9:71:2e:1b:3e:f8:79:19:c1:
76:e1:4c:ed:b2:cd:cd:d8:48:25:a8:c4:cd:71:7c:97:84:81:
05:09:bb:4d
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYppkWywGyQcDGY9cI3mubHSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwOTA2MDgxNzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzY1N2NiYjU1OGNmMmU3YTZjODM4ZTdkM2U1NWZlYzBkYmEyNjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDMpdxFClJl+7cy9Mp7puA0eupwx
HR/YXlcLRvpafnkm+4bpevgU2wcmQ0lcBqKF7JovhbzdeK+V4l74h71OEnfG/k6E
kPx1cTvBVc8b8JJj0dkiitvReH1XRlD2B7c/m1m6Y/o6aETJHY7gwtkYAJqRtH+w
kJxFnKtlKmswtebnv9bePwoQvYxFpwFdgleX0koJvWy6Tw+rdi57Bcrj6AQ658Z0
3XW5Jgm0jy6aGO7q+DPSJMJqfPDqQKZbHDW423t9sTZQc6G18N1rpXQH3eGUcM3l
jfmmxeQIyGSDq2CCaoYTr4FfdngmNaeONvWhqZlniQYQ6qpvVt/zq9QJywIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFONlfLtVjPLnpsg459PlX+wNuiYgMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvNDJWOHUxV004dWVteURqbjAtVmY3QTI2SmlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALZDiAwQA
LZK6MAwDBAA+xYkDBAQ+xYAwDAMEALl5eQMEArl5eAMEALnv8wMEAcHvpDAMAwQC
3J7EAwQA3J7GMA0GCSqGSIb3DQEBCwUAA4IBAQB6uOHhL9RCKcmi0B5Ba5RkjutB
hJm7BQ20yJoWRHPh6wLUMKaBWcUuiCtlxsKmKvsfFRaFCClHUy/qZx102ZbMph2D
89g8x6ECigr6Kv/Q/5hQOi8KG9HOrt0b67KI6grKvsyh9mFqKm/vfmJcpBgF+bfI
tHXzw8ndgoeocrU61QqqGt5QbQpId8zfAQjvGa8r9lCT3Cb6/yxYpW0iFmN47MHy
dErn6TlchaMObH11Tz5Bwhc2PorXZOWhWTqPCo26vMU2ZA/bZwMOPJ6Fbo3bBYA8
CaiIlEyhWUOer+Tha8TJcS4bPvh5GcF24Uztss3N2EglqMTNcXyXhIEFCbtN
-----END CERTIFICATE-----
Generated at Fri Nov 3 07:34:12 2023 by rpki-client on console-fra.rpki-client.org