Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/F7txrGSr80q8ifQ0NHSbm90sZgU.roa
File: F7txrGSr80q8ifQ0NHSbm90sZgU.roa (raw, json)
Hash identifier: Rr8IxX4w7gnDK92pfb4Qnqv/KFh6xjYS5YR4Ks22tAk=
Subject key identifier: 17:BB:71:AC:64:AB:F3:4A:BC:89:F4:34:34:74:9B:9B:DD:2C:66:05
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0188D7237103F30C93F8F8286C66A720BC54
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/F7txrGSr80q8ifQ0NHSbm90sZgU.roa
Signing time: Tue 20 Jun 2023 04:50:04 +0000
ROA not before: Tue 20 Jun 2023 04:50:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.33.14.0/24 maxlen: 24
193.19.106.0/24 maxlen: 24
213.32.249.0/24 maxlen: 24
103.205.26.0/24 maxlen: 24
103.205.25.0/24 maxlen: 24
103.205.27.0/24 maxlen: 24
185.230.250.0/24 maxlen: 24
185.230.248.0/24 maxlen: 24
185.230.249.0/24 maxlen: 24
192.166.212.0/22 maxlen: 24
193.42.52.0/24 maxlen: 24
193.42.54.0/23 maxlen: 24
185.9.54.0/24 maxlen: 24
62.197.132.0/24 maxlen: 24
62.197.135.0/24 maxlen: 24
185.103.73.0/24 maxlen: 24
185.115.146.0/24 maxlen: 24
77.75.62.0/24 maxlen: 24
77.75.60.0/24 maxlen: 24
77.75.63.0/24 maxlen: 24
194.4.156.0/23 maxlen: 24
194.4.159.0/24 maxlen: 24
185.115.144.0/24 maxlen: 24
185.115.144.0/23 maxlen: 24
185.115.145.0/24 maxlen: 24
78.142.242.0/24 maxlen: 24
78.142.242.0/23 maxlen: 24
45.159.152.0/24 maxlen: 24
45.159.154.0/24 maxlen: 24
45.159.153.0/24 maxlen: 24
185.229.104.0/24 maxlen: 24
185.229.105.0/24 maxlen: 24
185.229.106.0/24 maxlen: 24
185.229.107.0/24 maxlen: 24
89.43.211.0/24 maxlen: 24
89.43.210.0/23 maxlen: 24
185.245.238.0/24 maxlen: 24
185.245.236.0/24 maxlen: 24
203.0.8.0/24 maxlen: 24
185.245.239.0/24 maxlen: 24
89.43.208.0/24 maxlen: 24
185.245.237.0/24 maxlen: 24
89.43.210.0/24 maxlen: 24
89.47.89.0/24 maxlen: 24
178.239.201.0/24 maxlen: 24
185.121.231.0/24 maxlen: 24
178.239.203.0/24 maxlen: 24
185.121.228.0/24 maxlen: 24
178.239.200.0/24 maxlen: 24
185.121.230.0/24 maxlen: 24
93.114.246.0/24 maxlen: 24
185.236.62.0/24 maxlen: 24
185.236.63.0/24 maxlen: 24
223.27.112.0/24 maxlen: 24
178.239.192.0/23 maxlen: 24
178.239.192.0/24 maxlen: 24
178.239.193.0/24 maxlen: 24
178.239.194.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d7:23:71:03:f3:0c:93:f8:f8:28:6c:66:a7:20:bc:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jun 20 04:50:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17bb71ac64abf34abc89f43434749b9bdd2c6605
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b1:d2:84:79:58:de:96:f8:50:5a:ed:10:6c:
86:7e:87:1f:93:20:6c:43:20:0e:a7:d0:e5:6d:ef:
54:98:f0:b3:73:4a:8a:e8:04:ad:58:f6:86:8e:d6:
cd:22:2b:97:4a:30:84:13:3d:b7:9a:9e:ca:f0:f1:
f9:95:f8:4d:f8:d5:20:2a:98:f4:66:b8:af:6c:ab:
4f:1b:40:d4:23:0a:f0:f6:73:38:48:75:f2:d8:01:
90:bb:dc:7e:33:26:3d:22:e5:1c:fb:c4:86:42:8e:
3a:26:36:97:32:1c:c3:89:90:8e:2c:74:01:8a:d0:
70:a1:a5:b1:f4:60:e4:ef:8e:73:81:f8:96:b1:29:
3b:bb:13:d7:68:68:e2:40:fb:a0:ab:35:98:6c:cb:
bb:cc:d4:b3:ef:28:be:2b:bc:f2:9e:44:eb:18:19:
de:5f:b7:6e:ac:52:53:d8:d1:fd:e6:85:77:f8:23:
be:7c:9d:32:84:6c:e6:ec:67:f5:5a:dd:9f:a7:a4:
8f:6c:35:a1:5c:fd:62:79:9e:bd:22:a4:d7:f7:95:
e1:e8:39:f4:f7:ae:27:f7:1e:89:e7:a0:01:5b:f7:
81:11:92:db:5e:18:c5:64:18:06:5d:f7:3e:50:31:
41:d3:fe:58:20:04:d4:5f:93:ca:95:d9:45:54:6e:
e7:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:BB:71:AC:64:AB:F3:4A:BC:89:F4:34:34:74:9B:9B:DD:2C:66:05
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/F7txrGSr80q8ifQ0NHSbm90sZgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.152.0-45.159.154.255
62.197.132.0/24
62.197.135.0/24
77.75.60.0/24
77.75.62.0/23
78.142.242.0/23
89.33.14.0/24
89.43.208.0/24
89.43.210.0/23
89.47.89.0/24
93.114.246.0/24
103.205.25.0-103.205.27.255
178.239.192.0-178.239.194.255
178.239.200.0/23
178.239.203.0/24
185.9.54.0/24
185.103.73.0/24
185.115.144.0-185.115.146.255
185.121.228.0/24
185.121.230.0/23
185.229.104.0/22
185.230.248.0-185.230.250.255
185.236.62.0/23
185.245.236.0/22
192.166.212.0/22
193.19.106.0/24
193.42.52.0/24
193.42.54.0/23
194.4.156.0/23
194.4.159.0/24
203.0.8.0/24
213.32.249.0/24
223.27.112.0/24
Signature Algorithm: sha256WithRSAEncryption
12:65:d3:d1:f9:c8:a9:58:6d:b9:01:49:1e:57:b7:3a:07:a7:
5a:8d:82:d2:fb:93:4f:0d:44:57:60:84:ae:33:8a:47:76:62:
5f:2a:e5:e2:59:17:8f:a4:1f:ff:f5:c0:8e:2f:2e:f1:f3:21:
8f:5a:6b:78:86:ef:84:bb:50:91:82:33:9d:71:da:45:44:b2:
18:47:83:e7:15:0d:2a:94:72:d7:d3:38:66:6a:4d:a0:2c:16:
07:ce:e6:b6:5b:66:45:48:6a:0c:85:8f:d9:8d:7c:76:40:91:
33:4c:f4:a3:ef:fb:be:cd:73:d8:00:02:ff:ef:05:19:c6:34:
f3:2f:91:78:4b:7d:3b:82:10:d8:73:bd:72:7c:bc:6a:16:3d:
f1:55:d6:dd:ed:b3:12:2a:a4:90:d4:60:2f:da:96:89:64:1c:
02:04:5f:6f:7d:71:05:2f:92:2d:5c:89:b6:fa:53:b3:e3:30:
fc:87:d0:d1:6f:0d:d9:ca:58:39:c6:41:59:bd:3d:8d:5c:b6:
c2:ed:ba:40:1b:6c:6f:b5:69:36:c5:e3:ba:21:1b:5b:01:9d:
33:74:27:fb:a7:06:c1:d6:75:81:3a:bc:0e:fd:8f:c3:31:24:
58:1e:9b:4d:ac:71:c8:4b:cd:d4:12:00:0b:99:7f:da:df:c2:
70:8d:3b:49
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgISAYjXI3ED8wyT+PgobGanILxUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNjIwMDQ1MDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2JiNzFhYzY0YWJmMzRhYmM4OWY0MzQzNDc0OWI5YmRkMmM2NjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbHShHlY3pb4UFrtEGyGfocfkyBs
QyAOp9Dlbe9UmPCzc0qK6AStWPaGjtbNIiuXSjCEEz23mp7K8PH5lfhN+NUgKpj0
ZrivbKtPG0DUIwrw9nM4SHXy2AGQu9x+MyY9IuUc+8SGQo46JjaXMhzDiZCOLHQB
itBwoaWx9GDk745zgfiWsSk7uxPXaGjiQPugqzWYbMu7zNSz7yi+K7zynkTrGBne
X7durFJT2NH95oV3+CO+fJ0yhGzm7Gf1Wt2fp6SPbDWhXP1ieZ69IqTX95Xh6Dn0
964n9x6J56ABW/eBEZLbXhjFZBgGXfc+UDFB0/5YIATUX5PKldlFVG7nKwIDAQAB
o4IC9zCCAvMwHQYDVR0OBBYEFBe7caxkq/NKvIn0NDR0m5vdLGYFMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvRjd0eHJHU3I4MHE4aWZRME5IU2JtOTBzWmdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCwYIKwYBBQUHAQcBAf8EgfswgfgwgfUEAgABMIHuMAwD
BAMtn5gDBAAtn5oDBAA+xYQDBAA+xYcDBABNSzwDBAFNSz4DBAFOjvIDBABZIQ4D
BABZK9ADBAFZK9IDBABZL1kDBABdcvYwDAMEAGfNGQMEAmfNGDAMAwQGsu/AAwQA
su/CAwQBsu/IAwQAsu/LAwQAuQk2AwQAuWdJMAwDBAS5c5ADBAC5c5IDBAC5eeQD
BAG5eeYDBAK55WgwDAMEA7nm+AMEALnm+gMEAbnsPgMEArn17AMEAsCm1AMEAMET
agMEAMEqNAMEAcEqNgMEAcIEnAMEAMIEnwMEAMsACAMEANUg+QMEAN8bcDANBgkq
hkiG9w0BAQsFAAOCAQEAEmXT0fnIqVhtuQFJHle3OgenWo2C0vuTTw1EV2CErjOK
R3ZiXyrl4lkXj6Qf//XAji8u8fMhj1preIbvhLtQkYIznXHaRUSyGEeD5xUNKpRy
19M4ZmpNoCwWB87mtltmRUhqDIWP2Y18dkCRM0z0o+/7vs1z2AAC/+8FGcY08y+R
eEt9O4IQ2HO9cny8ahY98VXW3e2zEiqkkNRgL9qWiWQcAgRfb31xBS+SLVyJtvpT
s+Mw/IfQ0W8N2cpYOcZBWb09jVy2wu26QBtsb7VpNsXjuiEbWwGdM3Qn+6cGwdZ1
gTq8Dv2PwzEkWB6bTaxxyEvN1BIAC5l/2t/CcI07SQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:54 2023 by rpki-client on console-ams.rpki-client.org