Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/At4xBaNWBMvxLHCQ4SByUAYsyPg.roa
File: At4xBaNWBMvxLHCQ4SByUAYsyPg.roa (raw, json)
Hash identifier: gHLLf2PhX7wy217ocaYwYDBEIvNR81cBRS9oZmnT95A=
Subject key identifier: 02:DE:31:05:A3:56:04:CB:F1:2C:70:90:E1:20:72:50:06:2C:C8:F8
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018AD0677C3E127F0ABE43F338AF11536D48
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/At4xBaNWBMvxLHCQ4SByUAYsyPg.roa
Signing time: Tue 26 Sep 2023 07:32:37 +0000
ROA not before: Tue 26 Sep 2023 07:32:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.112.64.0/22 maxlen: 24
188.241.242.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.255.0/24 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d0:67:7c:3e:12:7f:0a:be:43:f3:38:af:11:53:6d:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Sep 26 07:32:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02de3105a35604cbf12c7090e1207250062cc8f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:93:ab:15:9b:44:79:89:94:d8:44:87:38:d9:
d9:58:c1:83:d3:29:45:22:73:a1:57:74:f3:12:57:
69:a6:57:32:7f:f6:e8:f3:50:0b:38:f7:60:ef:13:
e5:f0:3b:70:d3:03:7c:5f:06:46:8b:66:56:01:4b:
22:ab:5b:68:1a:63:f3:cb:c4:39:cf:fc:36:db:31:
14:4d:7d:51:92:6a:6c:57:2b:38:74:48:a0:f9:4d:
7e:6b:0f:af:29:16:aa:f2:db:41:a4:b2:c0:66:ca:
49:31:11:6c:cf:f0:45:cc:ec:97:61:36:3f:bb:03:
fe:70:3d:bc:8f:01:51:31:ba:07:37:54:27:f4:6f:
b0:ee:79:7e:35:c5:17:a5:2d:c8:69:3f:73:d3:98:
94:fe:9b:25:ed:43:58:aa:4c:89:89:6c:2e:4a:18:
b4:38:ef:fb:d5:a2:d3:58:37:6c:cb:c5:6f:18:ac:
8a:2c:95:81:64:4a:cf:32:8d:11:76:77:a9:58:06:
44:fc:79:43:5b:d0:ad:b9:20:52:d2:1d:38:1e:a2:
7b:76:52:9c:5d:63:04:7a:d8:cd:52:04:c6:ec:38:
4f:f0:cc:ea:8b:ae:8f:34:24:fa:0b:2c:de:36:de:
e7:78:95:44:8c:92:4a:68:57:9f:b5:dd:c7:f5:1a:
d8:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:DE:31:05:A3:56:04:CB:F1:2C:70:90:E1:20:72:50:06:2C:C8:F8
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/At4xBaNWBMvxLHCQ4SByUAYsyPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
87.247.148.0/22
89.33.84.0/23
89.35.154.0/24
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.112.64.0/22
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.169.0-185.255.171.255
188.212.133.0/24
188.212.155.0/24
188.212.158.0/24
188.213.202.0/23
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.240.233.0/24
188.241.110.0/24
188.241.242.0/23
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:b9:4b:d1:88:bc:d5:eb:c6:0b:36:74:8d:f5:e8:21:6a:cb:
48:01:2b:15:24:cb:95:63:fe:ea:9b:69:98:9a:7d:8c:08:28:
05:ff:b5:18:2b:de:73:57:cd:ec:fc:67:e4:e4:61:af:f8:82:
55:a6:bf:23:cb:b4:6f:78:8a:57:b2:ff:a9:04:99:37:19:6a:
1d:68:6d:36:47:51:56:de:87:37:1a:8e:8e:7f:b4:71:77:df:
5f:53:4d:44:54:93:21:4d:66:f9:f8:16:36:10:52:12:4d:83:
a9:1a:63:d9:64:86:81:79:6c:be:2c:89:a8:ce:9d:dd:09:06:
3c:ab:2d:2f:cd:0f:cd:fb:09:e8:40:24:bc:53:89:db:30:16:
a2:19:58:c6:f4:fb:0b:f9:66:35:ab:0a:b2:c8:0b:83:b5:18:
79:39:df:8d:c9:c7:30:7f:21:55:40:e6:73:ed:7e:f6:28:44:
04:f5:60:fb:25:48:a6:ba:14:9f:00:bd:8f:82:a5:60:23:33:
8d:3c:e3:87:b9:47:5d:dc:37:ca:c6:05:c5:9e:65:e8:f4:cb:
3f:fb:c0:80:4e:dc:bf:24:7b:c5:e9:32:e7:e0:3d:96:21:66:
0d:4a:94:6c:a4:b4:1a:ce:9c:b6:94:8e:ce:17:55:e5:27:18:
6f:88:2a:8a
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAYrQZ3w+En8KvkPzOK8RU21IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwOTI2MDczMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmRlMzEwNWEzNTYwNGNiZjEyYzcwOTBlMTIwNzI1MDA2MmNjOGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopOrFZtEeYmU2ESHONnZWMGD0ylF
InOhV3TzEldpplcyf/bo81ALOPdg7xPl8Dtw0wN8XwZGi2ZWAUsiq1toGmPzy8Q5
z/w22zEUTX1RkmpsVys4dEig+U1+aw+vKRaq8ttBpLLAZspJMRFsz/BFzOyXYTY/
uwP+cD28jwFRMboHN1Qn9G+w7nl+NcUXpS3IaT9z05iU/psl7UNYqkyJiWwuShi0
OO/71aLTWDdsy8VvGKyKLJWBZErPMo0RdnepWAZE/HlDW9CtuSBS0h04HqJ7dlKc
XWMEetjNUgTG7DhP8Mzqi66PNCT6CyzeNt7neJVEjJJKaFeftd3H9RrY1wIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFALeMQWjVgTL8SxwkOEgclAGLMj4MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvQXQ0eEJhTldCTXZ4TEhDUTRTQnlVQVlzeVBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBsQQCAAEwgaoDBAIt
krgDBAAtnJ0DBAJX95QDBAFZIVQDBABZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAK5
cEADBAG5h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycwDAMEALn/qQMEArn/qAME
ALzUhQMEALzUmwMEALzUngMEAbzVygMEALzW0QMEAbzw4AMEALzw4wMEALzw6QME
ALzxbgMEAbzx8gMEAcEXgAMEAtXoXDANBgkqhkiG9w0BAQsFAAOCAQEAbrlL0Yi8
1evGCzZ0jfXoIWrLSAErFSTLlWP+6ptpmJp9jAgoBf+1GCvec1fN7Pxn5ORhr/iC
Vaa/I8u0b3iKV7L/qQSZNxlqHWhtNkdRVt6HNxqOjn+0cXffX1NNRFSTIU1m+fgW
NhBSEk2DqRpj2WSGgXlsviyJqM6d3QkGPKstL80PzfsJ6EAkvFOJ2zAWohlYxvT7
C/lmNasKssgLg7UYeTnfjcnHMH8hVUDmc+1+9ihEBPVg+yVIproUnwC9j4KlYCMz
jTzjh7lHXdw3ysYFxZ5l6PTLP/vAgE7cvyR7xeky5+A9liFmDUqUbKS0Gs6ctpSO
zhdV5ScYb4gqig==
-----END CERTIFICATE-----
Generated at Tue Sep 26 18:30:35 2023 by rpki-client on console-fra.rpki-client.org