Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/KgW4HGK1tJoc-SCyYUjwkapEPaY.roa
File: KgW4HGK1tJoc-SCyYUjwkapEPaY.roa (raw, json)
Hash identifier: pYKisEB3BeGqKQwXggmIBbISMvHoef598H/3cO/J+RU=
Subject key identifier: 2A:05:B8:1C:62:B5:B4:9A:1C:F9:20:B2:61:48:F0:91:AA:44:3D:A6
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018A928E8D35355B86A20AFF13F0B545651B
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/KgW4HGK1tJoc-SCyYUjwkapEPaY.roa
Signing time: Thu 14 Sep 2023 07:18:50 +0000
ROA not before: Thu 14 Sep 2023 07:18:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.112.64.0/22 maxlen: 24
188.241.242.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.255.0/24 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:92:8e:8d:35:35:5b:86:a2:0a:ff:13:f0:b5:45:65:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Sep 14 07:18:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a05b81c62b5b49a1cf920b26148f091aa443da6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:54:fa:03:ac:a6:bf:ae:69:96:64:b0:b1:cd:
90:ae:d3:00:71:db:4f:3a:8f:1b:e4:0d:18:78:c9:
8f:fc:e6:3e:72:90:c2:c4:16:37:56:70:5f:4f:64:
60:d4:96:17:f1:a1:76:a9:f4:34:8f:8f:70:16:57:
93:4b:04:99:ef:64:2b:5b:9e:59:0a:18:45:6b:8c:
e1:ad:6b:07:a8:32:be:d5:13:17:13:5f:a4:bf:c8:
34:7b:c2:65:93:26:8f:d8:16:9b:28:d4:8b:11:c6:
a6:e2:a8:2d:aa:b8:7d:e5:18:2a:5e:5b:39:43:e9:
55:53:08:b9:18:95:5e:60:2b:a2:a8:77:a2:98:52:
ae:5c:da:0c:c7:46:68:46:51:c0:06:6e:6a:7c:0d:
7a:d5:14:3c:9a:9d:b8:bd:00:d6:80:42:fa:da:72:
77:f8:bc:43:76:25:f3:a3:2e:11:dc:5d:2f:8e:50:
6f:5c:e1:64:51:6f:59:98:4b:0f:16:3f:de:7b:97:
91:80:0d:97:44:a5:34:52:8a:80:36:9b:26:c5:15:
41:22:30:0d:f3:d3:84:ec:4f:12:c8:fd:00:cb:2e:
64:5f:d7:42:99:e9:ae:d9:58:25:0a:c9:7b:bf:b5:
55:dc:a1:d1:77:a1:d5:11:33:f0:84:cb:d1:de:4c:
7b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:05:B8:1C:62:B5:B4:9A:1C:F9:20:B2:61:48:F0:91:AA:44:3D:A6
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/KgW4HGK1tJoc-SCyYUjwkapEPaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
87.247.148.0/22
89.33.84.0/23
89.35.154.0/24
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.112.64.0/22
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.169.0-185.255.171.255
188.212.133.0/24
188.212.155.0/24
188.212.158.0/24
188.213.202.0/23
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.240.233.0/24
188.241.110.0/24
188.241.242.0/23
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
39:ca:97:fd:48:8a:b1:07:42:19:51:3b:db:6d:12:12:62:ee:
99:6a:77:a4:ee:82:5f:e9:53:3b:89:06:93:e4:f6:ff:68:7b:
5e:c4:fe:bd:ce:a8:51:85:4a:fa:04:cf:09:14:ce:c0:c2:11:
f9:f3:c3:2b:c3:0a:c0:21:44:58:ce:e2:f0:ca:aa:c9:fb:ee:
eb:ba:b0:72:7f:f1:b3:92:92:f1:03:19:6d:89:9a:dc:e4:20:
e9:6b:91:8e:2f:22:d3:5e:59:18:f8:aa:0b:70:86:0b:f1:c9:
b5:f5:a9:43:05:7a:af:7b:5c:f9:0f:1e:ff:2f:8b:0d:ec:92:
fc:a7:4e:fb:62:de:59:4e:9c:f9:bb:a3:c1:38:8e:c3:3d:a6:
cf:d1:9c:e5:c8:23:93:3d:5d:a2:9f:66:af:d7:12:02:39:59:
51:a0:7f:b4:28:92:8b:b2:21:7e:06:ed:6e:2f:c8:75:e5:33:
ff:e3:f7:0b:bb:99:09:38:d6:2c:8b:89:54:3c:73:c0:f6:b3:
1c:5a:86:e6:54:59:7f:a9:84:c2:40:c9:50:1a:52:58:92:45:
6e:9d:ff:40:ee:ad:3e:16:dd:0d:b2:4b:4f:73:f2:fb:2b:47:
67:0a:b1:1a:73:70:f6:cf:12:0b:2e:93:57:1b:f5:fa:69:7e:
8e:fb:5f:fa
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAYqSjo01NVuGogr/E/C1RWUbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwOTE0MDcxODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTA1YjgxYzYyYjViNDlhMWNmOTIwYjI2MTQ4ZjA5MWFhNDQzZGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVT6A6ymv65plmSwsc2QrtMAcdtP
Oo8b5A0YeMmP/OY+cpDCxBY3VnBfT2Rg1JYX8aF2qfQ0j49wFleTSwSZ72QrW55Z
ChhFa4zhrWsHqDK+1RMXE1+kv8g0e8JlkyaP2BabKNSLEcam4qgtqrh95RgqXls5
Q+lVUwi5GJVeYCuiqHeimFKuXNoMx0ZoRlHABm5qfA161RQ8mp24vQDWgEL62nJ3
+LxDdiXzoy4R3F0vjlBvXOFkUW9ZmEsPFj/ee5eRgA2XRKU0UoqANpsmxRVBIjAN
89OE7E8SyP0Ayy5kX9dCmemu2VglCsl7v7VV3KHRd6HVETPwhMvR3kx74wIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFCoFuBxitbSaHPkgsmFI8JGqRD2mMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvS2dXNEhHSzF0Sm9jLVNDeVlVandrYXBFUGFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBsQQCAAEwgaoDBAIt
krgDBAAtnJ0DBAJX95QDBAFZIVQDBABZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAK5
cEADBAG5h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycwDAMEALn/qQMEArn/qAME
ALzUhQMEALzUmwMEALzUngMEAbzVygMEALzW0QMEAbzw4AMEALzw4wMEALzw6QME
ALzxbgMEAbzx8gMEAcEXgAMEAtXoXDANBgkqhkiG9w0BAQsFAAOCAQEAOcqX/UiK
sQdCGVE7220SEmLumWp3pO6CX+lTO4kGk+T2/2h7XsT+vc6oUYVK+gTPCRTOwMIR
+fPDK8MKwCFEWM7i8Mqqyfvu67qwcn/xs5KS8QMZbYma3OQg6WuRji8i015ZGPiq
C3CGC/HJtfWpQwV6r3tc+Q8e/y+LDeyS/KdO+2LeWU6c+bujwTiOwz2mz9Gc5cgj
kz1dop9mr9cSAjlZUaB/tCiSi7Ihfgbtbi/IdeUz/+P3C7uZCTjWLIuJVDxzwPaz
HFqG5lRZf6mEwkDJUBpSWJJFbp3/QO6tPhbdDbJLT3Py+ytHZwqxGnNw9s8SCy6T
Vxv1+ml+jvtf+g==
-----END CERTIFICATE-----
Generated at Fri Sep 22 18:52:14 2023 by rpki-client on console-ams.rpki-client.org