Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/4gJq3Zvjxd4XX2Xdibbh-icrrPw.roa
File: 4gJq3Zvjxd4XX2Xdibbh-icrrPw.roa (raw, json)
Hash identifier: hl1/9VAtgxf4JYwvoJvJwg0YPT2IvpddOwA9cy1Wx70=
Subject key identifier: E2:02:6A:DD:9B:E3:C5:DE:17:5F:65:DD:89:B6:E1:FA:27:2B:AC:FC
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01874B604C1EC026EEC85C25C5D751B267A9
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/4gJq3Zvjxd4XX2Xdibbh-icrrPw.roa
Signing time: Tue 04 Apr 2023 08:26:54 +0000
ROA not before: Tue 04 Apr 2023 08:26:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3507
IP address blocks: 93.114.192.0/24 maxlen: 24
193.23.130.0/24 maxlen: 24
45.156.158.0/24 maxlen: 24
89.34.127.0/24 maxlen: 24
93.115.109.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
188.241.214.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4b:60:4c:1e:c0:26:ee:c8:5c:25:c5:d7:51:b2:67:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 4 08:26:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2026add9be3c5de175f65dd89b6e1fa272bacfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:de:df:aa:f4:0a:30:fa:64:e5:98:78:8e:41:
9b:eb:3f:57:32:a3:7c:b8:c4:60:ab:ed:e8:2a:f5:
34:28:b1:a0:5c:cf:fb:8e:93:80:b9:88:e6:fb:66:
d0:ae:b4:dd:61:67:8e:e2:b3:c8:7d:f6:9c:2d:3f:
bf:a1:4c:a0:03:da:c1:e4:e9:c7:5a:1b:f1:92:79:
0f:f5:a1:d9:3a:df:7b:ac:5a:42:fd:06:7b:c8:7f:
36:a8:fe:1a:bc:3e:86:12:2a:08:b4:f7:fc:5a:a0:
e3:2d:80:e3:3a:80:7b:e6:89:39:16:ba:4b:a4:f3:
37:97:0c:3e:ab:7e:47:14:14:f1:8f:de:a5:2c:02:
dd:80:63:e5:a1:57:c5:72:6c:e4:69:e2:02:a5:e6:
d4:34:2f:59:ae:54:c6:6c:ed:ee:96:14:02:bd:7c:
7d:eb:ec:98:25:66:b9:96:1b:03:98:cf:15:c5:7b:
e5:26:01:9d:48:f3:35:36:d3:f1:7c:f8:f7:e8:e6:
e7:e4:8f:96:98:74:a6:36:12:86:74:3d:58:4e:ac:
8c:b4:60:6b:94:48:8b:0e:85:a5:b9:4f:91:34:c4:
3d:80:4f:d2:87:da:06:6c:88:46:3d:ec:88:7a:29:
06:62:ba:31:55:b7:4f:9c:a6:e1:16:c8:00:ab:c8:
a6:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:02:6A:DD:9B:E3:C5:DE:17:5F:65:DD:89:B6:E1:FA:27:2B:AC:FC
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/4gJq3Zvjxd4XX2Xdibbh-icrrPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.158.0/24
89.34.127.0/24
89.37.62.0/24
93.114.192.0/24
93.115.109.0/24
188.240.232.0/24
188.241.110.0/24
188.241.214.0/24
193.23.130.0/24
Signature Algorithm: sha256WithRSAEncryption
34:bc:c3:ac:e0:a9:80:f3:de:2b:de:92:0d:1f:a6:3a:8a:c9:
a7:4b:ff:fe:fc:0a:fa:dd:af:e2:9f:be:19:d5:c8:82:9d:bd:
3c:90:34:f4:5d:e7:e0:6d:e7:7b:39:74:5a:18:34:30:1c:70:
34:e3:5f:e8:13:37:5e:f0:1b:3a:94:bd:c2:30:70:b0:c9:e0:
51:10:d6:89:f5:91:6e:dd:d7:d9:9d:3a:b9:ef:dd:a5:02:14:
50:19:c3:ce:f3:75:51:5a:50:44:11:1c:4b:dc:ac:96:76:0d:
e6:62:1a:7b:08:de:8d:54:ac:7c:66:e8:80:5e:01:ec:d0:ac:
9b:07:70:4e:9f:78:e7:68:4a:8b:51:12:fc:04:93:49:11:30:
d8:fb:b1:4b:b3:72:3f:1a:36:6f:96:c9:9e:8e:06:f4:e4:71:
47:b3:27:a0:04:e7:e3:8e:21:49:27:e3:59:ef:d9:ee:41:2a:
f0:4f:8e:4f:73:21:7c:69:aa:56:a3:44:de:55:2e:ce:b3:0c:
0a:2c:d3:d0:81:39:3e:78:04:42:0d:8d:85:8e:9d:33:65:26:
a0:02:59:9c:aa:a7:4c:56:27:50:0a:3d:7e:30:1d:55:ea:69:
be:a0:40:9e:51:3e:56:9a:89:9a:15:5b:c5:a0:71:e0:3c:90:
a3:de:35:fe
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYdLYEwewCbuyFwlxddRsmepMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDA0MDgyNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjAyNmFkZDliZTNjNWRlMTc1ZjY1ZGQ4OWI2ZTFmYTI3MmJhY2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA597fqvQKMPpk5Zh4jkGb6z9XMqN8
uMRgq+3oKvU0KLGgXM/7jpOAuYjm+2bQrrTdYWeO4rPIffacLT+/oUygA9rB5OnH
WhvxknkP9aHZOt97rFpC/QZ7yH82qP4avD6GEioItPf8WqDjLYDjOoB75ok5FrpL
pPM3lww+q35HFBTxj96lLALdgGPloVfFcmzkaeICpebUNC9ZrlTGbO3ulhQCvXx9
6+yYJWa5lhsDmM8VxXvlJgGdSPM1NtPxfPj36Obn5I+WmHSmNhKGdD1YTqyMtGBr
lEiLDoWluU+RNMQ9gE/Sh9oGbIhGPeyIeikGYroxVbdPnKbhFsgAq8imEwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOICat2b48XeF19l3Ym24fonK6z8MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvNGdKcTNadmp4ZDRYWDJYZGliYmgtaWNyclB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALZyeAwQA
WSJ/AwQAWSU+AwQAXXLAAwQAXXNtAwQAvPDoAwQAvPFuAwQAvPHWAwQAwReCMA0G
CSqGSIb3DQEBCwUAA4IBAQA0vMOs4KmA894r3pINH6Y6ismnS//+/Ar63a/in74Z
1ciCnb08kDT0Xefgbed7OXRaGDQwHHA041/oEzde8Bs6lL3CMHCwyeBRENaJ9ZFu
3dfZnTq5792lAhRQGcPO83VRWlBEERxL3KyWdg3mYhp7CN6NVKx8ZuiAXgHs0Kyb
B3BOn3jnaEqLURL8BJNJETDY+7FLs3I/GjZvlsmejgb05HFHsyegBOfjjiFJJ+NZ
79nuQSrwT45PcyF8aapWo0TeVS7OswwKLNPQgTk+eARCDY2Fjp0zZSagAlmcqqdM
VidQCj1+MB1V6mm+oECeUT5WmomaFVvFoHHgPJCj3jX+
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:57 2023 by rpki-client on console-fra.rpki-client.org