Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/AQVoHitQ-HZkEiMENmn9VdLzk30.roa
File: AQVoHitQ-HZkEiMENmn9VdLzk30.roa (raw, json)
Hash identifier: 5DeQzMoM419ChDy9czRK84PQUNnasO0LIZGUVWpTQIw=
Subject key identifier: 01:05:68:1E:2B:50:F8:76:64:12:23:04:36:69:FD:55:D2:F3:93:7D
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0186E16AAA5FF70E088CCF2E80F6C69D7ACD
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/AQVoHitQ-HZkEiMENmn9VdLzk30.roa
Signing time: Tue 14 Mar 2023 18:38:29 +0000
ROA not before: Tue 14 Mar 2023 18:38:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3507
IP address blocks: 93.114.192.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
93.115.109.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
188.241.214.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
193.23.130.0/24 maxlen: 24
45.156.158.0/24 maxlen: 24
89.34.127.0/24 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e1:6a:aa:5f:f7:0e:08:8c:cf:2e:80:f6:c6:9d:7a:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 14 18:38:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0105681e2b50f876641223043669fd55d2f3937d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:f3:13:b2:1d:6e:2c:61:f7:b6:9d:27:f4:bb:
37:b8:97:2e:65:40:f1:15:29:48:bc:e0:24:e4:f9:
96:3e:ee:3a:66:6a:c4:22:8c:0b:38:9f:52:79:6f:
05:1d:55:49:fc:89:10:71:d0:a2:0b:ca:d2:cc:29:
73:66:35:62:7f:57:7f:25:d6:e9:78:11:f3:01:bb:
4e:24:c9:5b:cf:5e:3b:9e:c3:a6:ce:fa:20:e4:c0:
14:3d:54:06:41:96:b2:b3:02:4d:5c:c2:8d:9f:e1:
d1:00:4f:65:ec:44:21:ae:95:66:8d:b3:40:8d:62:
df:2f:82:d4:f1:2f:ec:fc:bd:72:97:4a:67:d5:cd:
16:db:41:0d:db:6e:e2:81:00:d5:e9:5d:21:c4:88:
26:c4:0a:f3:d1:5a:ed:67:4a:df:cd:69:85:c1:c3:
e8:08:c7:fe:40:44:22:f9:30:4e:f2:ff:23:e6:b9:
14:82:84:0b:0c:51:fd:38:21:ba:b9:07:ff:4f:17:
d7:ee:a6:bf:e2:16:dd:0b:e5:9a:3b:a2:da:f4:67:
82:e0:0a:96:8a:62:4a:59:b6:88:15:67:a3:05:c8:
d3:53:d0:a1:75:7f:6b:65:04:89:ec:6b:72:a5:72:
79:5d:b5:cd:8c:a9:ff:64:36:12:2b:dd:e6:e3:93:
56:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:05:68:1E:2B:50:F8:76:64:12:23:04:36:69:FD:55:D2:F3:93:7D
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/AQVoHitQ-HZkEiMENmn9VdLzk30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.157.0-45.156.158.255
89.33.84.0/24
89.34.127.0/24
89.35.154.0/24
89.37.62.0/24
93.114.192.0/24
93.115.109.0/24
188.212.155.0/24
188.240.232.0/24
188.241.110.0/24
188.241.214.0/24
193.23.130.0/24
Signature Algorithm: sha256WithRSAEncryption
35:aa:9c:67:26:8d:b9:c7:9d:59:d6:df:52:22:9b:a0:ea:ed:
cb:74:fa:a1:0c:23:c4:45:c8:8d:90:f5:da:c6:11:e5:e2:8e:
4f:25:90:0e:e4:15:d0:76:85:1a:88:dd:f8:49:a2:75:3b:a4:
b4:c5:ca:81:b2:c8:e7:bf:c4:be:eb:9c:58:a6:19:75:0c:e4:
67:ac:7e:bf:fc:62:80:5c:26:f7:ea:86:99:7c:3b:0e:f2:c5:
42:18:09:42:63:6e:92:7e:7a:aa:ae:3e:7b:27:f2:e0:e0:51:
56:88:1a:d7:61:ef:0c:7e:15:c6:2c:10:ba:cc:f2:e2:3e:46:
e7:af:7f:83:0f:1f:0a:ae:fc:17:9f:a5:7d:12:60:4a:42:23:
95:21:dc:3d:c7:30:c6:29:38:7f:29:68:45:52:dc:37:60:0d:
cf:5f:09:3c:e6:74:6a:22:01:69:ad:5b:3a:4b:b0:09:c1:1c:
22:58:96:56:a8:52:97:49:cd:b2:a8:3f:73:c3:48:b3:09:d2:
2c:03:25:9a:90:0d:39:24:0a:42:a4:7f:bf:82:65:fd:04:dd:
fd:be:02:01:ff:0d:79:a6:20:6b:cc:0d:b4:7a:99:7f:3c:1e:
90:8f:41:06:b8:c9:80:d2:0d:46:b5:80:5f:00:bb:ad:c3:55:
9d:f5:d0:c7
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYbhaqpf9w4IjM8ugPbGnXrNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzE0MTgzODI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTA1NjgxZTJiNTBmODc2NjQxMjIzMDQzNjY5ZmQ1NWQyZjM5MzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7vMTsh1uLGH3tp0n9Ls3uJcuZUDx
FSlIvOAk5PmWPu46ZmrEIowLOJ9SeW8FHVVJ/IkQcdCiC8rSzClzZjVif1d/Jdbp
eBHzAbtOJMlbz147nsOmzvog5MAUPVQGQZayswJNXMKNn+HRAE9l7EQhrpVmjbNA
jWLfL4LU8S/s/L1yl0pn1c0W20EN227igQDV6V0hxIgmxArz0VrtZ0rfzWmFwcPo
CMf+QEQi+TBO8v8j5rkUgoQLDFH9OCG6uQf/TxfX7qa/4hbdC+WaO6La9GeC4AqW
imJKWbaIFWejBcjTU9ChdX9rZQSJ7GtypXJ5XbXNjKn/ZDYSK93m45NWEQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFAEFaB4rUPh2ZBIjBDZp/VXS85N9MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvQVFWb0hpdFEtSFprRWlNRU5tbjlWZEx6azMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQMAwDBAAtnJ0D
BAAtnJ4DBABZIVQDBABZIn8DBABZI5oDBABZJT4DBABdcsADBABdc20DBAC81JsD
BAC88OgDBAC88W4DBAC88dYDBADBF4IwDQYJKoZIhvcNAQELBQADggEBADWqnGcm
jbnHnVnW31Iim6Dq7ct0+qEMI8RFyI2Q9drGEeXijk8lkA7kFdB2hRqI3fhJonU7
pLTFyoGyyOe/xL7rnFimGXUM5Gesfr/8YoBcJvfqhpl8Ow7yxUIYCUJjbpJ+eqqu
Pnsn8uDgUVaIGtdh7wx+FcYsELrM8uI+Ruevf4MPHwqu/BefpX0SYEpCI5Uh3D3H
MMYpOH8paEVS3DdgDc9fCTzmdGoiAWmtWzpLsAnBHCJYllaoUpdJzbKoP3PDSLMJ
0iwDJZqQDTkkCkKkf7+CZf0E3f2+AgH/DXmmIGvMDbR6mX88HpCPQQa4yYDSDUa1
gF8Au63DVZ310Mc=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:53 2023 by rpki-client on console-ams.rpki-client.org