Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/F37kVZPqm1GwdM65n8qfLP2epaA.roa
File: F37kVZPqm1GwdM65n8qfLP2epaA.roa (raw, json)
Hash identifier: DFKV/pbdDwqTSAQT4YYv5/qCgG3G8byyK43CvBoKwso=
Subject key identifier: 17:7E:E4:55:93:EA:9B:51:B0:74:CE:B9:9F:CA:9F:2C:FD:9E:A5:A0
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0186BFDF8105C095C435BD4780E674E1D95C
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/F37kVZPqm1GwdM65n8qfLP2epaA.roa
Signing time: Wed 08 Mar 2023 06:19:01 +0000
ROA not before: Wed 08 Mar 2023 06:19:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 91.209.12.0/24 maxlen: 24
185.229.105.0/24 maxlen: 24
89.43.211.0/24 maxlen: 24
89.43.209.0/24 maxlen: 24
185.245.236.0/24 maxlen: 24
178.239.200.0/24 maxlen: 24
62.197.132.0/24 maxlen: 24
62.197.128.0/24 maxlen: 24
45.159.153.0/24 maxlen: 24
103.205.27.0/24 maxlen: 24
103.205.25.0/24 maxlen: 24
223.27.114.0/24 maxlen: 24
178.239.193.0/24 maxlen: 24
178.239.194.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:bf:df:81:05:c0:95:c4:35:bd:47:80:e6:74:e1:d9:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 8 06:19:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=177ee45593ea9b51b074ceb99fca9f2cfd9ea5a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:be:73:6c:93:18:1f:d1:b1:fc:c7:82:24:17:
97:77:78:cf:35:b5:96:d6:71:5c:40:d4:63:95:0e:
a9:00:4c:fb:b7:95:49:e4:96:7b:c2:8d:af:b5:c6:
65:59:5b:96:58:1f:4e:b6:06:38:d8:68:77:0b:17:
b6:80:a3:bf:62:c8:17:df:39:43:7e:3e:83:15:1a:
4f:1a:bc:70:e0:03:a7:bd:db:c0:4c:8d:79:3d:93:
3a:27:bf:e2:a3:c4:3d:7c:af:ae:22:75:b8:8f:23:
ac:84:29:16:e9:e6:45:e0:ec:7f:3a:46:3a:fc:66:
a1:98:cd:80:2a:36:21:75:a6:23:9c:ec:27:78:e4:
08:50:59:8d:8d:bb:ec:24:21:13:1e:37:c2:0c:23:
1f:1c:87:2b:a7:05:6c:93:ba:78:70:f3:6e:e0:b6:
02:c5:50:f2:69:66:dd:dc:da:09:68:46:90:b6:fb:
77:7e:5d:d3:2a:3c:fc:6b:5e:c3:4e:05:f1:93:16:
ed:95:4a:51:9d:0d:0f:8e:04:cb:e2:15:c2:d1:df:
09:c7:50:fe:4f:9f:c3:9a:8b:26:ce:02:fd:4b:6c:
a4:cf:b6:a8:7f:73:22:58:da:d5:1f:6f:7f:05:e3:
13:73:0c:4e:0f:f5:62:72:2d:cc:76:d4:46:a5:81:
ee:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:7E:E4:55:93:EA:9B:51:B0:74:CE:B9:9F:CA:9F:2C:FD:9E:A5:A0
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/F37kVZPqm1GwdM65n8qfLP2epaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.153.0/24
62.197.128.0/24
62.197.132.0/24
89.43.209.0/24
89.43.211.0/24
91.209.12.0/24
103.205.25.0/24
103.205.27.0/24
178.239.193.0-178.239.194.255
178.239.200.0/24
185.229.105.0/24
185.245.236.0/24
223.27.114.0/24
Signature Algorithm: sha256WithRSAEncryption
28:d6:3f:5d:60:10:1c:6f:1b:43:28:2a:62:1f:df:c7:6e:de:
eb:df:c4:1c:40:1b:1a:67:7c:6d:86:9a:e9:92:ad:ff:a4:18:
24:71:22:48:1f:18:50:2e:51:26:99:bc:3c:cd:90:1e:ed:ec:
3f:1d:1c:e8:f8:6a:54:bb:b7:ad:44:2e:1f:2d:22:14:0b:a3:
8f:d9:e0:d1:b9:21:07:9b:fc:c9:b7:9c:8e:69:42:f7:ed:17:
4a:ec:e1:1d:ba:d0:2f:13:68:2a:13:05:50:8f:1d:ec:bc:fd:
a6:06:66:5a:21:df:8f:16:86:c0:50:cf:8b:94:0f:db:3f:5b:
65:dc:28:43:7b:a6:40:d6:54:fc:35:c6:31:67:43:60:c2:5d:
29:40:4d:aa:53:80:72:81:ff:0a:fe:d9:c8:bc:76:00:15:46:
74:0e:cb:1f:d7:08:ee:47:1d:75:90:06:56:b0:4e:53:51:f3:
40:92:d3:09:21:75:ce:05:0d:70:2d:f1:3a:52:01:b5:48:8d:
03:64:5c:e4:95:24:38:ee:3d:a3:0f:69:4f:46:89:49:e0:d2:
2e:c5:56:b4:00:71:68:71:e8:1d:4e:bc:5b:bd:69:e4:09:1a:
ab:19:a7:f4:21:8c:3d:25:08:11:19:fe:15:d6:dc:f4:30:be:
25:be:85:56
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYa/34EFwJXENb1HgOZ04dlcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzA4MDYxOTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzdlZTQ1NTkzZWE5YjUxYjA3NGNlYjk5ZmNhOWYyY2ZkOWVhNWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmL5zbJMYH9Gx/MeCJBeXd3jPNbWW
1nFcQNRjlQ6pAEz7t5VJ5JZ7wo2vtcZlWVuWWB9OtgY42Gh3Cxe2gKO/YsgX3zlD
fj6DFRpPGrxw4AOnvdvATI15PZM6J7/io8Q9fK+uInW4jyOshCkW6eZF4Ox/OkY6
/GahmM2AKjYhdaYjnOwneOQIUFmNjbvsJCETHjfCDCMfHIcrpwVsk7p4cPNu4LYC
xVDyaWbd3NoJaEaQtvt3fl3TKjz8a17DTgXxkxbtlUpRnQ0PjgTL4hXC0d8Jx1D+
T5/DmosmzgL9S2ykz7aof3MiWNrVH29/BeMTcwxOD/Vici3MdtRGpYHuJQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFBd+5FWT6ptRsHTOuZ/Knyz9nqWgMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvRjM3a1ZaUHFtMUd3ZE02NW44cWZMUDJlcGFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQALZ+ZAwQA
PsWAAwQAPsWEAwQAWSvRAwQAWSvTAwQAW9EMAwQAZ80ZAwQAZ80bMAwDBACy78ED
BACy78IDBACy78gDBAC55WkDBAC59ewDBADfG3IwDQYJKoZIhvcNAQELBQADggEB
ACjWP11gEBxvG0MoKmIf38du3uvfxBxAGxpnfG2GmumSrf+kGCRxIkgfGFAuUSaZ
vDzNkB7t7D8dHOj4alS7t61ELh8tIhQLo4/Z4NG5IQeb/Mm3nI5pQvftF0rs4R26
0C8TaCoTBVCPHey8/aYGZloh348WhsBQz4uUD9s/W2XcKEN7pkDWVPw1xjFnQ2DC
XSlATapTgHKB/wr+2ci8dgAVRnQOyx/XCO5HHXWQBlawTlNR80CS0wkhdc4FDXAt
8TpSAbVIjQNkXOSVJDjuPaMPaU9GiUng0i7FVrQAcWhx6B1OvFu9aeQJGqsZp/Qh
jD0lCBEZ/hXW3PQwviW+hVY=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:00 2023 by rpki-client on console-fra.rpki-client.org