Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/DWwyxgZjmSklegVGNjUXLSLRzJw.roa
File: DWwyxgZjmSklegVGNjUXLSLRzJw.roa (raw, json)
Hash identifier: VuylHfyNudw2SvPyb0k/kgW2dcsrDgYhI/eMLngQgJ8=
Subject key identifier: 0D:6C:32:C6:06:63:99:29:25:7A:05:46:36:35:17:2D:22:D1:CC:9C
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187C6829E1A30F3D8AA125190C31919C166
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/DWwyxgZjmSklegVGNjUXLSLRzJw.roa
Signing time: Fri 28 Apr 2023 06:17:41 +0000
ROA not before: Fri 28 Apr 2023 06:17:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 89.35.154.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.241.182.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
185.135.141.0/24 maxlen: 24
45.156.159.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c6:82:9e:1a:30:f3:d8:aa:12:51:90:c3:19:19:c1:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 28 06:17:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d6c32c606639929257a05463635172d22d1cc9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:30:46:65:ae:92:51:33:49:a6:61:a2:2a:d0:
5c:fc:92:ce:82:1c:cb:90:61:58:42:c4:2d:89:79:
6a:92:9e:98:96:64:78:3a:42:d3:0c:9d:ce:6d:6c:
ae:71:0f:65:90:15:a9:2d:fe:f0:09:fa:eb:2e:5b:
81:2b:5c:33:f6:26:4a:d9:4a:fc:b7:25:b1:80:11:
88:6e:98:b2:1f:61:4c:6f:9a:3f:9c:60:d3:36:08:
3e:46:0c:36:d3:b7:44:01:be:2a:c7:69:4d:b3:58:
08:bd:7c:4a:55:b7:31:d1:3f:b4:d1:b2:8e:9a:fe:
2d:3e:cb:ca:fa:af:b7:e6:ba:50:a5:46:35:4e:3e:
7f:dc:d8:75:35:a5:63:14:ae:ab:fe:ab:d7:1a:5a:
6e:e2:d4:2e:3b:80:3d:9f:b8:63:ff:3a:78:13:c3:
2e:8b:67:6e:de:4c:de:24:7e:57:36:c4:db:a7:24:
96:f4:20:1b:c2:46:e4:3f:6a:4b:a0:52:c3:9c:61:
7b:96:81:8b:07:4f:46:c0:ac:52:c6:0b:0d:25:27:
1f:e8:50:1d:8a:73:1b:a5:c0:5f:75:2e:f4:7e:0b:
11:37:55:ed:c7:46:9f:cf:10:dd:ec:22:bb:14:52:
e8:24:52:e6:a4:67:f0:fd:5b:4b:4f:e5:f8:cd:d2:
99:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:6C:32:C6:06:63:99:29:25:7A:05:46:36:35:17:2D:22:D1:CC:9C
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/DWwyxgZjmSklegVGNjUXLSLRzJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.159.0/24
87.247.149.0/24
87.247.151.0/24
89.35.154.0/24
89.37.62.0/23
91.188.204.0/24
185.135.141.0/24
188.212.155.0/24
188.240.233.0/24
188.241.110.0/24
188.241.182.0/24
188.241.243.0/24
213.232.94.0/23
Signature Algorithm: sha256WithRSAEncryption
8d:d2:9e:3c:9f:42:38:ee:59:8f:20:64:65:e0:57:dc:d5:6e:
56:14:5b:93:40:5b:fd:70:2a:48:75:6c:4d:fa:10:a8:03:bb:
82:5d:55:44:44:32:32:db:12:e6:1f:d6:78:ff:95:fa:23:68:
3a:a3:bd:8f:db:c4:48:15:84:92:b3:7c:bd:c2:b8:cc:01:d9:
0b:e9:b2:c8:a7:9c:c6:b6:35:5b:d5:72:24:74:64:5e:01:77:
fe:26:13:30:82:77:ff:9d:81:c7:7d:91:3a:50:f4:e0:28:cb:
94:3e:0b:bb:59:55:53:84:5e:c5:d3:37:e1:a9:a9:43:23:e9:
1e:d4:5e:b7:4d:c0:f9:5e:a3:6e:4f:f5:ef:f6:19:cc:b4:cb:
5c:b9:cb:02:f3:36:52:80:9c:d7:5b:cf:be:8d:5b:b7:ca:9b:
f3:fa:79:79:c9:6c:8e:9d:df:30:d9:cd:d9:83:39:66:02:c9:
bb:28:c4:04:26:61:e9:6c:a2:df:0b:74:19:b3:b3:b0:45:d7:
bb:54:c7:68:f5:91:59:6e:17:03:ed:46:60:18:55:ef:00:cf:
f5:30:42:19:49:44:70:1a:f7:f0:cb:5f:e1:40:ea:50:4e:bd:
ed:77:07:fa:d7:d9:75:73:e8:b6:c3:c4:e9:14:d7:82:2b:b1:
a5:88:45:31
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYfGgp4aMPPYqhJRkMMZGcFmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDI4MDYxNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDZjMzJjNjA2NjM5OTI5MjU3YTA1NDYzNjM1MTcyZDIyZDFjYzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzBGZa6SUTNJpmGiKtBc/JLOghzL
kGFYQsQtiXlqkp6YlmR4OkLTDJ3ObWyucQ9lkBWpLf7wCfrrLluBK1wz9iZK2Ur8
tyWxgBGIbpiyH2FMb5o/nGDTNgg+Rgw207dEAb4qx2lNs1gIvXxKVbcx0T+00bKO
mv4tPsvK+q+35rpQpUY1Tj5/3Nh1NaVjFK6r/qvXGlpu4tQuO4A9n7hj/zp4E8Mu
i2du3kzeJH5XNsTbpySW9CAbwkbkP2pLoFLDnGF7loGLB09GwKxSxgsNJScf6FAd
inMbpcBfdS70fgsRN1Xtx0afzxDd7CK7FFLoJFLmpGfw/VtLT+X4zdKZCQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFA1sMsYGY5kpJXoFRjY1Fy0i0cycMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvRFd3eXhnWmptU2tsZWdWR05qVVhMU0xSekp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQALZyfAwQA
V/eVAwQAV/eXAwQAWSOaAwQBWSU+AwQAW7zMAwQAuYeNAwQAvNSbAwQAvPDpAwQA
vPFuAwQAvPG2AwQAvPHzAwQB1eheMA0GCSqGSIb3DQEBCwUAA4IBAQCN0p48n0I4
7lmPIGRl4Ffc1W5WFFuTQFv9cCpIdWxN+hCoA7uCXVVERDIy2xLmH9Z4/5X6I2g6
o72P28RIFYSSs3y9wrjMAdkL6bLIp5zGtjVb1XIkdGReAXf+JhMwgnf/nYHHfZE6
UPTgKMuUPgu7WVVThF7F0zfhqalDI+ke1F63TcD5XqNuT/Xv9hnMtMtcucsC8zZS
gJzXW8++jVu3ypvz+nl5yWyOnd8w2c3ZgzlmAsm7KMQEJmHpbKLfC3QZs7OwRde7
VMdo9ZFZbhcD7UZgGFXvAM/1MEIZSURwGvfwy1/hQOpQTr3tdwf619l1c+i2w8Tp
FNeCK7GliEUx
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:58 2023 by rpki-client on console-fra.rpki-client.org