Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/I_9y6fin8A8j-B-K23_5uK_WbIs.roa
File: I_9y6fin8A8j-B-K23_5uK_WbIs.roa (raw, json)
Hash identifier: GhhZutWscXn87HxsVkGRxDzLl/3oM3cQp3h/V39/0GI=
Subject key identifier: 23:FF:72:E9:F8:A7:F0:0F:23:F8:1F:8A:DB:7F:F9:B8:AF:D6:6C:8B
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018A831F2B7581E6C7C53DFDA4D0DCBC40DA
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/I_9y6fin8A8j-B-K23_5uK_WbIs.roa
Signing time: Mon 11 Sep 2023 07:22:52 +0000
ROA not before: Mon 11 Sep 2023 07:22:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.241.242.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.255.0/24 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:83:1f:2b:75:81:e6:c7:c5:3d:fd:a4:d0:dc:bc:40:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Sep 11 07:22:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23ff72e9f8a7f00f23f81f8adb7ff9b8afd66c8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:25:93:6c:b5:e1:31:b7:b6:d8:fb:85:e2:56:
42:73:12:c5:2a:3a:b6:13:e8:9e:9f:23:87:8d:5e:
e8:bd:b7:26:59:76:db:12:9a:fd:23:8a:a7:e4:ca:
ae:2e:a8:6d:6c:5c:76:fc:22:4b:e5:b5:b4:53:3a:
f3:b4:61:10:19:d5:ef:2a:dc:9e:67:3c:ff:ea:2f:
2d:98:da:82:cf:d5:27:f9:4f:0f:87:ac:4e:65:52:
83:28:3d:cd:38:93:fb:c1:12:8f:fb:24:3e:94:66:
44:47:71:20:f2:04:7b:2e:07:c3:42:78:2c:92:ba:
1e:5f:4c:bf:10:32:74:e9:a5:9d:a6:2b:c4:28:d5:
fa:3b:8d:c1:7e:b7:f6:05:e7:d7:5e:c1:89:d9:de:
58:5a:04:f8:17:ea:24:f3:00:37:75:a0:0f:76:4c:
01:28:cb:93:73:32:5a:51:d7:f4:c5:e4:69:a4:87:
58:d2:15:bb:36:a2:4a:2b:93:c2:fb:f7:3c:8d:29:
3e:17:14:69:28:ac:b0:65:a0:47:ea:56:00:93:6c:
bc:86:0d:8b:34:63:50:28:d2:cc:91:bb:fa:cf:cc:
6a:f6:0b:50:f9:48:32:e1:fe:f8:a3:36:2a:96:93:
c3:83:2b:1b:9c:4b:bc:16:22:2a:67:c6:fc:76:a8:
19:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:FF:72:E9:F8:A7:F0:0F:23:F8:1F:8A:DB:7F:F9:B8:AF:D6:6C:8B
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/I_9y6fin8A8j-B-K23_5uK_WbIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
87.247.148.0/22
89.33.84.0/23
89.35.154.0/24
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.169.0-185.255.171.255
188.212.133.0/24
188.212.155.0/24
188.212.158.0/24
188.213.202.0/23
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.240.233.0/24
188.241.110.0/24
188.241.242.0/23
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:19:d3:d4:0b:33:b1:35:9c:59:4a:af:ae:b4:ff:8a:5c:81:
52:4f:a3:e9:6a:65:14:42:c1:ec:ae:b4:04:36:ee:3b:c1:4d:
a7:ed:8c:8a:f0:c4:52:e6:2f:da:25:68:8f:3a:87:c2:f1:c9:
4b:85:ca:69:6d:dd:d5:8a:f6:b5:1b:47:64:02:05:f7:99:e4:
c3:a4:0f:df:c8:a2:b2:55:b2:a8:c9:c9:64:4b:82:fc:b2:b0:
61:82:b7:f5:f4:d6:71:a9:14:b7:d6:37:dd:82:41:49:2b:bb:
ee:2d:1b:dd:4f:4c:79:36:10:8d:11:3b:7f:9c:43:3d:ac:25:
10:87:06:72:74:af:26:70:e1:da:c8:92:9c:3c:42:a1:0f:ef:
38:09:8e:84:13:4f:78:88:2a:37:e7:95:70:c7:e5:7b:00:41:
88:34:08:a2:64:36:96:16:0c:31:23:80:5c:8c:a1:46:0e:1a:
ec:07:b9:4e:66:62:f7:fc:30:b2:3c:da:89:69:0b:55:6f:69:
e1:c9:1c:20:1c:51:f8:5d:ff:c4:56:43:ac:cf:53:92:41:e4:
9e:0e:71:51:0a:22:ee:d1:c4:b1:0c:98:e8:87:57:df:33:b2:
a3:e4:db:b3:54:64:20:dc:8d:0b:c4:e0:be:9a:5f:e9:e9:80:
ca:b7:d1:c8
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAYqDHyt1gebHxT39pNDcvEDaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwOTExMDcyMjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2ZmNzJlOWY4YTdmMDBmMjNmODFmOGFkYjdmZjliOGFmZDY2YzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiWTbLXhMbe22PuF4lZCcxLFKjq2
E+ienyOHjV7ovbcmWXbbEpr9I4qn5MquLqhtbFx2/CJL5bW0UzrztGEQGdXvKtye
Zzz/6i8tmNqCz9Un+U8Ph6xOZVKDKD3NOJP7wRKP+yQ+lGZER3Eg8gR7LgfDQngs
kroeX0y/EDJ06aWdpivEKNX6O43Bfrf2BefXXsGJ2d5YWgT4F+ok8wA3daAPdkwB
KMuTczJaUdf0xeRppIdY0hW7NqJKK5PC+/c8jSk+FxRpKKywZaBH6lYAk2y8hg2L
NGNQKNLMkbv6z8xq9gtQ+Ugy4f74ozYqlpPDgysbnEu8FiIqZ8b8dqgZKwIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFCP/cun4p/API/gfitt/+biv1myLMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSV85eTZmaW44QThqLUItSzIzXzV1S19XYklzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBAIt
krgDBAAtnJ0DBAJX95QDBAFZIVQDBABZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAG5
h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycwDAMEALn/qQMEArn/qAMEALzUhQME
ALzUmwMEALzUngMEAbzVygMEALzW0QMEAbzw4AMEALzw4wMEALzw6QMEALzxbgME
Abzx8gMEAcEXgAMEAtXoXDANBgkqhkiG9w0BAQsFAAOCAQEALRnT1AszsTWcWUqv
rrT/ilyBUk+j6WplFELB7K60BDbuO8FNp+2MivDEUuYv2iVojzqHwvHJS4XKaW3d
1Yr2tRtHZAIF95nkw6QP38iislWyqMnJZEuC/LKwYYK39fTWcakUt9Y33YJBSSu7
7i0b3U9MeTYQjRE7f5xDPawlEIcGcnSvJnDh2siSnDxCoQ/vOAmOhBNPeIgqN+eV
cMflewBBiDQIomQ2lhYMMSOAXIyhRg4a7Ae5TmZi9/wwsjzaiWkLVW9p4ckcIBxR
+F3/xFZDrM9TkkHkng5xUQoi7tHEsQyY6IdX3zOyo+Tbs1RkINyNC8Tgvppf6emA
yrfRyA==
-----END CERTIFICATE-----
Generated at Thu Sep 14 08:05:58 2023 by rpki-client on console-ams.rpki-client.org