Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/OszRQTuN803nh5hctNAWEtgeo5o.roa
File: OszRQTuN803nh5hctNAWEtgeo5o.roa (raw, json)
Hash identifier: +gnLSN2f05PPscC39hi0U/jNrSf8Wcnl0dQCWXUJDbM=
Subject key identifier: 3A:CC:D1:41:3B:8D:F3:4D:E7:87:98:5C:B4:D0:16:12:D8:1E:A3:9A
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01873643EF938710B869B9BA05232E50A673
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/OszRQTuN803nh5hctNAWEtgeo5o.roa
Signing time: Fri 31 Mar 2023 06:03:54 +0000
ROA not before: Fri 31 Mar 2023 06:03:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3507
IP address blocks: 93.114.192.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
193.23.130.0/24 maxlen: 24
45.156.158.0/24 maxlen: 24
89.34.127.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
93.115.109.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
188.241.214.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Apr 2023 10:33:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:36:43:ef:93:87:10:b8:69:b9:ba:05:23:2e:50:a6:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 31 06:03:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3accd1413b8df34de787985cb4d01612d81ea39a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:6d:42:a7:bf:89:52:75:78:bd:49:cb:7a:18:
25:2e:07:7e:dd:e7:e7:53:00:de:1a:ec:17:28:95:
55:76:30:8d:fd:29:c0:26:2f:ac:79:e9:bd:d8:a6:
f6:99:f8:33:2d:ea:33:2c:f4:d9:33:91:26:1b:ac:
02:76:46:4b:71:40:89:c8:b9:f9:97:55:a4:19:d3:
15:39:75:1b:f1:2b:08:41:36:25:7e:c1:24:cc:6c:
c9:9f:66:9e:b9:12:3d:a3:96:1f:fe:09:07:21:1c:
0a:99:ee:85:d2:1f:32:4d:20:df:b9:9c:d8:76:dd:
cf:24:64:ea:18:ec:32:1a:5a:dc:57:92:a3:c3:58:
46:89:06:27:89:41:c0:b9:df:f2:17:80:6f:1d:e1:
0e:7b:3a:58:e5:44:cd:d7:68:23:61:18:85:09:6a:
09:2f:b6:58:cb:48:9c:cc:5a:79:d4:c4:61:a8:85:
26:b1:c0:4d:f9:ef:47:5a:80:05:83:c6:6d:0f:9b:
ff:c9:df:e6:d5:bb:c6:66:33:3a:1d:ec:4b:dd:0f:
9f:6c:96:98:80:2e:26:d0:4b:8d:91:31:ef:58:80:
9b:cf:29:f9:79:26:b6:7f:73:32:ea:b2:b8:97:01:
01:35:a3:8b:90:c4:26:cb:a4:b7:44:f7:16:0c:38:
d1:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:CC:D1:41:3B:8D:F3:4D:E7:87:98:5C:B4:D0:16:12:D8:1E:A3:9A
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/OszRQTuN803nh5hctNAWEtgeo5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.158.0/24
89.33.84.0/24
89.34.127.0/24
89.35.154.0/24
89.37.62.0/24
93.114.192.0/24
93.115.109.0/24
188.240.232.0/24
188.241.110.0/24
188.241.214.0/24
193.23.130.0/24
Signature Algorithm: sha256WithRSAEncryption
90:df:01:f5:3c:84:46:88:c3:3c:71:61:0f:2b:a1:bf:6e:33:
22:fb:3c:8f:25:01:78:05:97:a0:9d:fd:cc:19:76:8c:ce:f6:
e9:d3:8c:92:ce:9e:61:bc:b6:bf:8f:f4:25:a7:9f:16:93:cd:
ae:2f:a6:e8:21:ed:4f:e9:2f:eb:ec:fb:51:76:3c:03:d2:0e:
17:fe:f6:75:79:e4:15:bc:08:00:6a:a9:95:e6:f5:70:b0:40:
12:23:1e:92:36:cb:78:20:7d:be:01:d3:99:62:c3:59:e1:ba:
10:3e:75:57:d1:05:eb:57:14:18:8b:5f:54:36:37:39:c2:9c:
12:94:0d:18:1e:b9:5c:fb:f2:20:d6:53:c8:b1:15:cf:d5:75:
d3:44:c0:60:12:9e:a9:ee:5c:d0:0f:a8:c2:3b:bc:fb:94:3d:
bd:6e:e7:c0:86:6d:0d:85:f4:96:fa:76:55:3d:9b:87:d4:53:
f1:9a:69:d2:10:03:1a:9c:c6:d4:2e:20:8c:0e:54:c3:7c:2b:
9c:ed:ea:a2:b8:66:b0:80:b7:7e:da:90:37:3d:39:0d:e9:df:
7c:42:81:f7:31:ea:bc:b2:fa:76:7e:5a:79:b1:b5:b5:12:0d:
00:5c:21:f1:52:d9:e5:3e:6f:4a:fb:79:60:d6:65:b1:51:a8:
4d:19:c8:47
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYc2Q++ThxC4abm6BSMuUKZzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzMxMDYwMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWNjZDE0MTNiOGRmMzRkZTc4Nzk4NWNiNGQwMTYxMmQ4MWVhMzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwm1Cp7+JUnV4vUnLehglLgd+3efn
UwDeGuwXKJVVdjCN/SnAJi+seem92Kb2mfgzLeozLPTZM5EmG6wCdkZLcUCJyLn5
l1WkGdMVOXUb8SsIQTYlfsEkzGzJn2aeuRI9o5Yf/gkHIRwKme6F0h8yTSDfuZzY
dt3PJGTqGOwyGlrcV5Kjw1hGiQYniUHAud/yF4BvHeEOezpY5UTN12gjYRiFCWoJ
L7ZYy0iczFp51MRhqIUmscBN+e9HWoAFg8ZtD5v/yd/m1bvGZjM6HexL3Q+fbJaY
gC4m0EuNkTHvWICbzyn5eSa2f3My6rK4lwEBNaOLkMQmy6S3RPcWDDjRJQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFDrM0UE7jfNN54eYXLTQFhLYHqOaMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvT3N6UlFUdU44MDNuaDVoY3ROQVdFdGdlbzVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALZyeAwQA
WSFUAwQAWSJ/AwQAWSOaAwQAWSU+AwQAXXLAAwQAXXNtAwQAvPDoAwQAvPFuAwQA
vPHWAwQAwReCMA0GCSqGSIb3DQEBCwUAA4IBAQCQ3wH1PIRGiMM8cWEPK6G/bjMi
+zyPJQF4BZegnf3MGXaMzvbp04ySzp5hvLa/j/Qlp58Wk82uL6boIe1P6S/r7PtR
djwD0g4X/vZ1eeQVvAgAaqmV5vVwsEASIx6SNst4IH2+AdOZYsNZ4boQPnVX0QXr
VxQYi19UNjc5wpwSlA0YHrlc+/Ig1lPIsRXP1XXTRMBgEp6p7lzQD6jCO7z7lD29
bufAhm0NhfSW+nZVPZuH1FPxmmnSEAManMbULiCMDlTDfCuc7eqiuGawgLd+2pA3
PTkN6d98QoH3Meq8svp2flp5sbW1Eg0AXCHxUtnlPm9K+3lg1mWxUahNGchH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:45 2024 by rpki-client on console-fra.rpki-client.org