Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/DEdZ9n8ss0CEovBWUHSapsHUEqU.roa
File: DEdZ9n8ss0CEovBWUHSapsHUEqU.roa (raw, json)
Hash identifier: WpIqZ6r+C/4+GxJL0KtZZj4Ke8TVYsnuin2ShWnJ5mg=
Subject key identifier: 0C:47:59:F6:7F:2C:B3:40:84:A2:F0:56:50:74:9A:A6:C1:D4:12:A5
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01898166363CE6427386A75A3A1EFAD42477
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/DEdZ9n8ss0CEovBWUHSapsHUEqU.roa
Signing time: Sun 23 Jul 2023 06:18:26 +0000
ROA not before: Sun 23 Jul 2023 06:18:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
188.241.214.0/24 maxlen: 24
93.115.255.0/24 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.159.0/24 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
89.35.155.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.230.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:81:66:36:3c:e6:42:73:86:a7:5a:3a:1e:fa:d4:24:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 23 06:18:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c4759f67f2cb34084a2f05650749aa6c1d412a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5e:98:55:49:c0:ea:77:55:c1:17:98:4f:78:
45:09:a1:0c:a0:59:fb:73:e9:5e:3c:65:25:7e:96:
b3:39:f1:e8:c6:30:7e:e3:64:09:20:78:4f:d5:e1:
95:38:9b:dc:34:aa:bc:58:e3:9e:52:b0:4f:88:71:
36:30:d1:07:34:e4:4a:3e:c7:8a:46:16:e4:ce:06:
9b:21:5f:42:47:a1:b7:15:75:75:37:19:e8:ab:d7:
82:14:e6:05:d7:30:11:70:db:08:1f:63:54:31:bb:
4e:4b:ea:c5:eb:c9:5e:6a:23:49:ff:27:98:77:25:
72:2d:27:3d:73:f3:13:db:82:e7:50:ad:54:62:28:
b4:5f:b6:92:7f:42:b2:b2:86:4e:e0:46:2d:20:0f:
4d:88:ec:3c:ba:8e:49:bd:2e:44:79:9f:a5:af:08:
35:db:d0:a1:0e:28:79:e0:6b:6c:e2:af:05:27:4d:
b5:7b:9a:c4:2d:88:98:ab:08:ce:d2:5d:d5:89:f1:
b2:80:36:75:89:ac:51:b6:96:2b:f9:38:f1:83:09:
4b:77:0e:e2:11:d5:00:d0:8c:4e:87:03:a0:b2:c5:
86:e4:18:22:10:20:ef:64:e6:bd:7d:e1:c8:d7:9a:
d5:f8:21:d1:ff:5f:c1:c1:39:f0:6d:eb:83:77:ff:
f1:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:47:59:F6:7F:2C:B3:40:84:A2:F0:56:50:74:9A:A6:C1:D4:12:A5
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/DEdZ9n8ss0CEovBWUHSapsHUEqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.157.0/24
45.156.159.0/24
87.247.148.0/22
89.33.84.0/23
89.35.154.0/23
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.135.140.0/24
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.169.0-185.255.171.255
188.212.132.0/23
188.212.155.0/24
188.212.158.0/24
188.213.202.0/23
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.240.230.0/24
188.240.233.0/24
188.241.110.0/24
188.241.214.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
04:0d:d5:f0:70:ab:d4:50:d5:2b:f5:b4:72:da:ef:0d:1e:f8:
8a:7a:ca:48:d6:8e:83:f2:a6:40:0d:55:98:63:7d:c0:34:ec:
11:60:cc:1b:a8:6c:3a:8f:fa:88:2b:10:47:57:83:2e:ad:37:
9e:81:29:62:42:5b:ce:66:62:f3:d8:9a:eb:70:c3:40:55:ee:
3c:a8:97:dc:08:32:f9:db:71:32:bf:01:35:53:72:5a:01:01:
10:ac:01:02:8b:f0:5d:8f:fe:3e:40:b9:07:ea:ab:5f:71:6b:
d7:2c:c3:7d:f6:e3:d6:de:1a:68:96:35:78:63:cd:55:17:1f:
cc:3b:dc:44:dc:49:34:3d:a2:7c:fe:81:b4:70:4c:7f:6b:4a:
75:0f:cb:d7:1b:8c:d9:8c:28:ff:ea:ba:da:2f:b1:a7:af:a1:
ec:a2:fa:88:eb:ff:4d:30:18:22:6a:44:fb:95:da:2c:47:3e:
39:54:21:a7:3b:e6:9e:4c:b7:90:59:fc:68:57:84:7d:2e:aa:
03:8f:2b:06:aa:80:8a:b0:ed:3d:79:cc:0d:83:c5:0f:4a:b2:
4e:42:94:c0:4d:33:8c:e6:61:da:29:db:d3:a9:74:6b:69:72:
a0:bf:63:b7:06:9a:39:0a:c4:0e:65:ab:53:66:09:d0:ed:7f:
c7:27:23:02
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAYmBZjY85kJzhqdaOh761CR3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzIzMDYxODI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzQ3NTlmNjdmMmNiMzQwODRhMmYwNTY1MDc0OWFhNmMxZDQxMmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoV6YVUnA6ndVwReYT3hFCaEMoFn7
c+lePGUlfpazOfHoxjB+42QJIHhP1eGVOJvcNKq8WOOeUrBPiHE2MNEHNORKPseK
RhbkzgabIV9CR6G3FXV1Nxnoq9eCFOYF1zARcNsIH2NUMbtOS+rF68leaiNJ/yeY
dyVyLSc9c/MT24LnUK1UYii0X7aSf0KysoZO4EYtIA9NiOw8uo5JvS5EeZ+lrwg1
29ChDih54Gts4q8FJ021e5rELYiYqwjO0l3VifGygDZ1iaxRtpYr+TjxgwlLdw7i
EdUA0IxOhwOgssWG5BgiECDvZOa9feHI15rV+CHR/1/BwTnwbeuDd//xYwIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFAxHWfZ/LLNAhKLwVlB0mqbB1BKlMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvREVkWjluOHNzMENFb3ZCV1VIU2Fwc0hVRXFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAAt
nJ0DBAAtnJ8DBAJX95QDBAFZIVQDBAFZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAC5
h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycwDAMEALn/qQMEArn/qAMEAbzUhAME
ALzUmwMEALzUngMEAbzVygMEALzW0QMEAbzw4AMEALzw4wMEALzw5gMEALzw6QME
ALzxbgMEALzx1gMEALzx8wMEAcEXgAMEAtXoXDANBgkqhkiG9w0BAQsFAAOCAQEA
BA3V8HCr1FDVK/W0ctrvDR74inrKSNaOg/KmQA1VmGN9wDTsEWDMG6hsOo/6iCsQ
R1eDLq03noEpYkJbzmZi89ia63DDQFXuPKiX3Agy+dtxMr8BNVNyWgEBEKwBAovw
XY/+PkC5B+qrX3Fr1yzDffbj1t4aaJY1eGPNVRcfzDvcRNxJND2ifP6BtHBMf2tK
dQ/L1xuM2Ywo/+q62i+xp6+h7KL6iOv/TTAYImpE+5XaLEc+OVQhpzvmnky3kFn8
aFeEfS6qA48rBqqAirDtPXnMDYPFD0qyTkKUwE0zjOZh2inb06l0a2lyoL9jtwaa
OQrEDmWrU2YJ0O1/xycjAg==
-----END CERTIFICATE-----
Generated at Tue Aug 1 12:11:21 2023 by rpki-client on console-ams.rpki-client.org