Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JUpgvDwsrVmSXCppLxqGx5fgc74.roa
File: JUpgvDwsrVmSXCppLxqGx5fgc74.roa (raw, json)
Hash identifier: DFRXWlNLXe2K2U4ahcMWhtxCxnpNvsD37ziN+bne5YM=
Subject key identifier: 25:4A:60:BC:3C:2C:AD:59:92:5C:2A:69:2F:1A:86:C7:97:E0:73:BE
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B62D2ADE7631F6FF4509B4AE89B211648
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JUpgvDwsrVmSXCppLxqGx5fgc74.roa
Signing time: Tue 24 Oct 2023 17:54:16 +0000
ROA not before: Tue 24 Oct 2023 17:54:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.202.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:62:d2:ad:e7:63:1f:6f:f4:50:9b:4a:e8:9b:21:16:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 24 17:54:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=254a60bc3c2cad59925c2a692f1a86c797e073be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:99:5a:a6:60:d3:64:6f:03:fd:ae:10:f1:f4:
7a:c6:11:9a:66:0b:3b:c4:b7:4f:da:55:e0:c5:17:
ef:e2:73:28:56:87:19:33:0d:cf:47:4b:84:c8:94:
37:e4:2a:39:07:d6:97:3f:e1:b1:8c:72:20:a8:cd:
b6:7e:5f:2c:c3:0f:1e:f1:29:1e:3a:44:61:64:d5:
29:9e:10:8a:bb:df:67:ca:55:e7:f5:84:b2:f9:e9:
a1:59:c3:27:69:b8:92:f1:9d:86:cb:7d:26:c9:e8:
0a:48:8f:55:0c:bc:57:b1:0a:a7:12:e0:8a:2c:0f:
a6:e1:f4:fc:ef:ba:f6:52:49:cc:d7:00:6f:fb:89:
11:40:e0:ff:23:68:85:19:54:46:ff:72:38:35:e4:
14:e6:d6:af:d4:4d:9e:07:a8:06:73:3b:81:d9:d6:
d6:a0:b3:16:c4:10:a5:44:b0:d5:f4:4f:33:9c:89:
24:f0:37:6b:0c:b3:47:42:21:d2:46:04:86:66:7a:
1a:39:e8:f1:0e:cd:36:42:f9:ab:9e:fe:ec:7f:af:
83:af:c0:6f:f5:84:61:e7:80:57:12:44:7e:c5:3c:
31:7e:24:38:33:e8:56:f9:3c:42:67:3e:d2:6e:b4:
b2:68:c6:30:c4:5b:4c:9b:14:d3:b6:78:56:3d:e9:
de:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:4A:60:BC:3C:2C:AD:59:92:5C:2A:69:2F:1A:86:C7:97:E0:73:BE
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JUpgvDwsrVmSXCppLxqGx5fgc74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
87.247.148.0/22
89.33.85.0/24
89.35.154.0/24
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.168.0/22
188.212.133.0/24
188.212.159.0/24
188.213.202.0/24
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:21:33:9d:96:8c:41:79:d6:ed:f2:49:1b:aa:b5:5a:53:b0:
1b:e7:0f:de:b9:c3:ea:1d:6c:90:ad:16:d6:cf:07:42:53:fd:
fe:d0:3d:ec:35:7f:8d:f6:66:bd:7d:6c:5f:2b:94:2d:13:6a:
e2:d0:0a:cd:b9:03:d8:ae:e2:a5:3b:d8:f2:94:ae:7c:1b:08:
92:dd:e7:ec:b0:38:98:41:fd:c5:9c:73:1e:99:48:7b:1c:9c:
d8:de:46:3e:06:97:de:d6:7d:40:dd:e4:c1:71:5c:08:e6:aa:
e6:61:3b:7e:c8:de:03:c1:d8:a3:e6:da:ad:e8:65:aa:5b:50:
30:a9:4e:8a:4f:58:c5:0a:13:95:4d:c6:6a:6d:0c:27:44:56:
d0:97:c5:d1:ab:08:bb:b6:c7:35:43:62:38:32:cf:74:2c:41:
52:ef:9b:0b:9e:d7:e5:f2:04:d4:2b:24:95:21:b4:14:15:cc:
d2:35:50:f9:cf:a4:41:d3:d9:b8:ba:1b:e9:f5:45:27:88:c6:
2c:db:d8:cd:73:37:95:89:79:42:7b:31:89:b1:db:49:d2:2b:
8d:42:f0:b5:cb:4f:ff:79:b7:c0:5f:fb:38:43:1c:af:1d:87:
84:2e:75:b7:0e:cd:67:b1:24:b7:36:43:56:7b:f1:b2:b2:bc:
39:04:b9:e8
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYti0q3nYx9v9FCbSuibIRZIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDI0MTc1NDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTRhNjBiYzNjMmNhZDU5OTI1YzJhNjkyZjFhODZjNzk3ZTA3M2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5lapmDTZG8D/a4Q8fR6xhGaZgs7
xLdP2lXgxRfv4nMoVocZMw3PR0uEyJQ35Co5B9aXP+GxjHIgqM22fl8sww8e8Ske
OkRhZNUpnhCKu99nylXn9YSy+emhWcMnabiS8Z2Gy30myegKSI9VDLxXsQqnEuCK
LA+m4fT877r2UknM1wBv+4kRQOD/I2iFGVRG/3I4NeQU5tav1E2eB6gGczuB2dbW
oLMWxBClRLDV9E8znIkk8DdrDLNHQiHSRgSGZnoaOejxDs02Qvmrnv7sf6+Dr8Bv
9YRh54BXEkR+xTwxfiQ4M+hW+TxCZz7SbrSyaMYwxFtMmxTTtnhWPeneZwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFCVKYLw8LK1ZklwqaS8ahseX4HO+MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSlVwZ3ZEd3NyVm1TWENwcEx4cUd4NWZnYzc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAIt
krgDBAAtnJ0DBAJX95QDBABZIVUDBABZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAG5
h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAK5/6gDBAC81IUDBAC81J8DBAC8
1coDBAC81tEDBAG88OADBAC88OMDBAC88fMDBAHBF4ADBALV6FwwDQYJKoZIhvcN
AQELBQADggEBAAshM52WjEF51u3ySRuqtVpTsBvnD965w+odbJCtFtbPB0JT/f7Q
Pew1f432Zr19bF8rlC0TauLQCs25A9iu4qU72PKUrnwbCJLd5+ywOJhB/cWccx6Z
SHscnNjeRj4Gl97WfUDd5MFxXAjmquZhO37I3gPB2KPm2q3oZapbUDCpTopPWMUK
E5VNxmptDCdEVtCXxdGrCLu2xzVDYjgyz3QsQVLvmwue1+XyBNQrJJUhtBQVzNI1
UPnPpEHT2bi6G+n1RSeIxizb2M1zN5WJeUJ7MYmx20nSK41C8LXLT/95t8Bf+zhD
HK8dh4QudbcOzWexJLc2Q1Z78bKyvDkEueg=
-----END CERTIFICATE-----
Generated at Sat Oct 28 07:17:55 2023 by rpki-client on console-fra.rpki-client.org