Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/B0bBoCzcD6HChJKnGPYpdz_tF74.roa
File: B0bBoCzcD6HChJKnGPYpdz_tF74.roa (raw, json)
Hash identifier: IlSHhZ+8wdIih8Ff5WxrIjkVb1hH84EkQKdniZawv74=
Subject key identifier: 07:46:C1:A0:2C:DC:0F:A1:C2:84:92:A7:18:F6:29:77:3F:ED:17:BE
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B8FE42737F682345B214D33534848B44C
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/B0bBoCzcD6HChJKnGPYpdz_tF74.roa
Signing time: Thu 02 Nov 2023 11:56:15 +0000
ROA not before: Thu 02 Nov 2023 11:56:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7393
IP address blocks: 37.140.222.0/24 maxlen: 24
188.241.248.0/24 maxlen: 24
193.221.210.0/24 maxlen: 24
94.154.126.0/24 maxlen: 24
185.161.123.0/24 maxlen: 24
194.26.200.0/24 maxlen: 24
185.151.145.0/24 maxlen: 24
185.184.216.0/24 maxlen: 24
79.110.228.0/24 maxlen: 24
79.110.230.0/24 maxlen: 24
45.86.37.0/24 maxlen: 24
188.244.126.0/24 maxlen: 24
193.163.192.0/24 maxlen: 24
193.163.195.0/24 maxlen: 24
194.150.76.0/24 maxlen: 24
193.163.193.0/24 maxlen: 24
91.247.172.0/24 maxlen: 24
37.72.136.0/24 maxlen: 24
213.109.156.0/24 maxlen: 24
213.109.159.0/24 maxlen: 24
176.126.119.0/24 maxlen: 24
193.201.14.0/24 maxlen: 24
193.201.12.0/24 maxlen: 24
188.241.159.0/24 maxlen: 24
62.204.60.0/24 maxlen: 24
62.197.128.0/24 maxlen: 24
5.180.178.0/24 maxlen: 24
212.24.123.0/24 maxlen: 24
46.253.135.0/24 maxlen: 24
62.122.191.0/24 maxlen: 24
89.38.136.0/24 maxlen: 24
78.142.243.0/24 maxlen: 24
193.38.154.0/24 maxlen: 24
217.119.135.0/24 maxlen: 24
185.234.15.0/24 maxlen: 24
213.173.37.0/24 maxlen: 24
91.209.12.0/24 maxlen: 24
176.118.35.0/24 maxlen: 24
91.246.32.0/24 maxlen: 24
91.246.37.0/24 maxlen: 24
193.3.181.0/24 maxlen: 24
91.242.233.0/24 maxlen: 24
193.3.187.0/24 maxlen: 24
176.97.195.0/24 maxlen: 24
185.235.225.0/24 maxlen: 24
176.97.200.0/24 maxlen: 24
185.235.228.0/24 maxlen: 24
185.252.213.0/24 maxlen: 24
62.233.38.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8f:e4:27:37:f6:82:34:5b:21:4d:33:53:48:48:b4:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 2 11:56:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0746c1a02cdc0fa1c28492a718f629773fed17be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:0b:ea:9e:cb:b3:34:c7:d2:83:c8:f4:3c:d9:
72:f6:f8:93:19:19:92:e7:76:dc:5d:6b:02:f8:13:
0e:09:0d:3c:2d:05:3d:71:1b:20:b0:97:93:bd:7c:
3b:5e:ed:67:34:64:1a:88:f7:d3:93:11:3a:fd:63:
0c:7e:d9:71:35:e2:75:4f:72:d9:ae:07:56:7b:c4:
a9:e7:31:e6:c1:6e:fc:71:59:34:a7:23:d4:69:83:
3a:6e:bb:67:e2:3d:51:ed:31:dd:b9:18:68:65:2f:
ca:67:24:5e:ce:15:a8:bd:8d:3e:ac:14:10:de:b3:
d7:86:e2:01:48:97:21:09:e4:bc:1f:72:a6:91:47:
70:c7:f3:74:8f:46:d6:48:2b:68:52:6f:81:9c:8f:
5b:d2:5c:91:7f:32:2a:c0:0b:8e:d7:19:1d:a5:d9:
69:e8:38:85:a3:16:91:53:48:05:00:09:ef:8a:94:
8c:c5:66:c5:6f:cb:f2:3f:fd:a9:12:cd:d1:35:15:
54:01:87:e2:cc:5e:a5:c6:00:c6:5d:ed:75:86:b1:
37:8a:7c:0e:9a:bf:bb:5b:a0:28:15:c6:62:2e:c6:
54:84:64:23:d3:d4:7b:8b:68:8b:c6:a3:aa:60:fa:
15:4f:1b:c0:05:03:83:6f:16:d1:3f:10:53:e4:af:
7b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:46:C1:A0:2C:DC:0F:A1:C2:84:92:A7:18:F6:29:77:3F:ED:17:BE
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/B0bBoCzcD6HChJKnGPYpdz_tF74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.178.0/24
37.72.136.0/24
37.140.222.0/24
45.86.37.0/24
46.253.135.0/24
62.122.191.0/24
62.197.128.0/24
62.204.60.0/24
62.233.38.0/24
78.142.243.0/24
79.110.228.0/24
79.110.230.0/24
89.38.136.0/24
91.209.12.0/24
91.242.233.0/24
91.246.32.0/24
91.246.37.0/24
91.247.172.0/24
94.154.126.0/24
176.97.195.0/24
176.97.200.0/24
176.118.35.0/24
176.126.119.0/24
185.151.145.0/24
185.161.123.0/24
185.184.216.0/24
185.234.15.0/24
185.235.225.0/24
185.235.228.0/24
185.252.213.0/24
188.241.159.0/24
188.241.248.0/24
188.244.126.0/24
193.3.181.0/24
193.3.187.0/24
193.38.154.0/24
193.163.192.0/23
193.163.195.0/24
193.201.12.0/24
193.201.14.0/24
193.221.210.0/24
194.26.200.0/24
194.150.76.0/24
212.24.123.0/24
213.109.156.0/24
213.109.159.0/24
213.173.37.0/24
217.119.135.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:81:64:ba:c8:82:bf:73:b8:5a:e6:ff:d4:8c:0d:24:69:8a:
25:11:aa:0b:5f:57:d7:01:99:ce:c5:ce:92:23:37:fa:b0:44:
1e:a2:be:57:13:59:26:b7:89:b6:77:0c:94:ec:40:5d:65:d2:
ff:79:d4:78:e7:56:c4:52:01:3d:34:95:e5:9e:45:e3:3c:c1:
7e:14:c9:3c:dc:16:f0:c3:a8:5f:69:71:1f:70:0c:9c:72:29:
c4:27:c6:7c:71:77:56:d2:70:a3:ea:8c:f2:54:fa:6d:43:e2:
5e:a9:08:a0:1e:60:11:aa:f2:67:d1:96:b7:1b:0e:7c:98:3d:
d9:84:6e:ab:03:7a:22:04:6a:45:6b:5f:34:3b:9e:ff:41:3b:
c2:94:49:f7:35:3e:4a:c3:4d:38:71:a1:13:77:dc:39:78:40:
29:84:7a:0b:42:93:94:20:2f:2f:26:37:a6:49:f2:7c:a7:f4:
a1:c2:97:12:40:99:e8:21:2b:43:bc:f9:3b:3e:8d:87:a5:80:
71:b6:38:ce:76:c5:c5:c2:04:f7:1e:d3:2c:c3:34:17:14:0b:
7b:05:28:09:74:f7:c4:d3:8c:38:c5:81:39:b6:a8:a3:e3:0b:
b8:1c:62:77:d8:e8:24:5e:04:c9:fd:59:13:f9:89:23:46:a5:
ed:11:96:29
-----BEGIN CERTIFICATE-----
MIIGITCCBQmgAwIBAgISAYuP5Cc39oI0WyFNM1NISLRMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTAyMTE1NjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzQ2YzFhMDJjZGMwZmExYzI4NDkyYTcxOGY2Mjk3NzNmZWQxN2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwvqnsuzNMfSg8j0PNly9viTGRmS
53bcXWsC+BMOCQ08LQU9cRsgsJeTvXw7Xu1nNGQaiPfTkxE6/WMMftlxNeJ1T3LZ
rgdWe8Sp5zHmwW78cVk0pyPUaYM6brtn4j1R7THduRhoZS/KZyRezhWovY0+rBQQ
3rPXhuIBSJchCeS8H3KmkUdwx/N0j0bWSCtoUm+BnI9b0lyRfzIqwAuO1xkdpdlp
6DiFoxaRU0gFAAnvipSMxWbFb8vyP/2pEs3RNRVUAYfizF6lxgDGXe11hrE3inwO
mr+7W6AoFcZiLsZUhGQj09R7i2iLxqOqYPoVTxvABQODbxbRPxBT5K97fQIDAQAB
o4IDLTCCAykwHQYDVR0OBBYEFAdGwaAs3A+hwoSSpxj2KXc/7Re+MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvQjBiQm9DemNENkhDaEpLbkdQWXBkel90Rjc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQQYIKwYBBQUHAQcBAf8EggEwMIIBLDCCASgEAgABMIIB
IAMEAAW0sgMEACVIiAMEACWM3gMEAC1WJQMEAC79hwMEAD56vwMEAD7FgAMEAD7M
PAMEAD7pJgMEAE6O8wMEAE9u5AMEAE9u5gMEAFkmiAMEAFvRDAMEAFvy6QMEAFv2
IAMEAFv2JQMEAFv3rAMEAF6afgMEALBhwwMEALBhyAMEALB2IwMEALB+dwMEALmX
kQMEALmhewMEALm42AMEALnqDwMEALnr4QMEALnr5AMEALn81QMEALzxnwMEALzx
+AMEALz0fgMEAMEDtQMEAMEDuwMEAMEmmgMEAcGjwAMEAMGjwwMEAMHJDAMEAMHJ
DgMEAMHd0gMEAMIayAMEAMKWTAMEANQYewMEANVtnAMEANVtnwMEANWtJQMEANl3
hzANBgkqhkiG9w0BAQsFAAOCAQEAa4FkusiCv3O4Wub/1IwNJGmKJRGqC19X1wGZ
zsXOkiM3+rBEHqK+VxNZJreJtncMlOxAXWXS/3nUeOdWxFIBPTSV5Z5F4zzBfhTJ
PNwW8MOoX2lxH3AMnHIpxCfGfHF3VtJwo+qM8lT6bUPiXqkIoB5gEaryZ9GWtxsO
fJg92YRuqwN6IgRqRWtfNDue/0E7wpRJ9zU+SsNNOHGhE3fcOXhAKYR6C0KTlCAv
LyY3pknyfKf0ocKXEkCZ6CErQ7z5Oz6Nh6WAcbY4znbFxcIE9x7TLMM0FxQLewUo
CXT3xNOMOMWBObaoo+MLuBxid9joJF4Eyf1ZE/mJI0al7RGWKQ==
-----END CERTIFICATE-----
Generated at Thu Nov 2 13:21:58 2023 by rpki-client on console-ams.rpki-client.org