Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/P2ySN-MBhl9XjY-eZVIFPH3e8nc.roa
File: P2ySN-MBhl9XjY-eZVIFPH3e8nc.roa (raw, json)
Hash identifier: RQs21E8frWLMADKngvEpFgum3K6WgcQuBmbP2vNdXRM=
Subject key identifier: 3F:6C:92:37:E3:01:86:5F:57:8D:8F:9E:65:52:05:3C:7D:DE:F2:77
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01876A4D973FA1635D8525C8AD2C32E156E8
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/P2ySN-MBhl9XjY-eZVIFPH3e8nc.roa
Signing time: Mon 10 Apr 2023 08:34:42 +0000
ROA not before: Mon 10 Apr 2023 08:34:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 188.241.243.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
45.156.159.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.241.182.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6a:4d:97:3f:a1:63:5d:85:25:c8:ad:2c:32:e1:56:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 10 08:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f6c9237e301865f578d8f9e6552053c7ddef277
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c8:52:b3:41:92:63:6b:83:9f:a3:08:1a:54:
8a:6f:60:ce:64:75:e8:cb:a4:13:e5:a1:72:fe:c5:
91:9b:dd:2a:4b:89:96:30:1c:4e:c9:37:3a:c3:a7:
87:db:9e:91:d9:ce:f2:6c:51:a0:b1:98:e2:79:f3:
16:66:96:9e:d1:7c:6a:de:23:95:fc:78:77:0a:46:
8c:52:f4:f4:62:06:e8:0e:83:69:94:61:7a:c3:26:
55:35:0a:08:14:c3:27:40:8e:80:f0:3e:88:5a:6d:
bb:76:e8:41:9b:9c:a7:65:53:2d:2a:c7:af:16:de:
ec:91:a6:99:94:7a:3a:f8:95:eb:d3:8c:85:3b:9a:
51:7a:eb:fb:d3:f1:29:d4:66:00:7c:0b:a1:5b:8b:
38:35:af:98:e4:56:b2:ea:c1:e1:5c:1c:1c:e2:00:
54:a8:36:63:a9:a9:f9:34:e6:d7:cd:5a:55:4e:44:
c3:0c:c8:79:55:3a:a3:06:c9:4d:37:c7:61:b5:f1:
51:fb:ea:72:e4:4a:a4:75:01:b8:31:14:cf:8a:61:
f1:d6:7b:94:42:3e:15:31:bc:2f:c4:c4:2b:66:ed:
d4:c8:52:b1:ee:aa:66:3e:5e:69:86:dd:b8:0b:bc:
ca:03:6e:c7:50:38:71:92:90:11:af:f8:3f:2b:32:
77:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:6C:92:37:E3:01:86:5F:57:8D:8F:9E:65:52:05:3C:7D:DE:F2:77
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/P2ySN-MBhl9XjY-eZVIFPH3e8nc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.159.0/24
87.247.149.0/24
87.247.151.0/24
89.37.62.0/23
91.188.204.0/24
185.135.141.0/24
185.135.143.0/24
185.255.169.0/24
188.212.155.0/24
188.241.182.0/24
188.241.243.0/24
Signature Algorithm: sha256WithRSAEncryption
94:01:46:a8:0f:74:b4:d4:48:d4:85:da:59:9e:37:48:9d:f9:
48:6b:6e:91:60:00:d9:fa:63:a8:62:74:e1:ce:8e:cc:4c:4d:
24:79:83:74:18:2a:34:3d:b9:53:0c:4e:0c:8e:e1:48:b9:26:
2c:a4:2c:c9:6e:6e:b7:4b:dd:6b:cb:a5:2a:6d:f9:ce:ad:c3:
25:f9:c1:74:43:f7:64:22:8d:0e:59:56:02:40:90:34:f6:a2:
da:72:c3:ca:c8:4d:2c:7c:b0:d1:d7:32:3f:85:98:0c:17:04:
53:09:5f:0f:17:46:13:fa:45:b9:d9:3e:66:fb:c3:d7:ae:49:
49:4a:69:bd:7c:67:69:48:fa:e6:da:73:6c:60:36:99:dc:32:
86:3d:e2:d8:f8:9c:47:40:e8:11:8c:53:24:e9:cc:ca:ca:5a:
c1:fc:e3:e3:df:8a:89:b6:cb:a6:00:ad:a8:ae:94:c4:74:2d:
4a:cf:fc:da:31:48:dc:bf:95:18:30:97:fa:89:92:7e:6b:95:
85:00:99:31:f7:25:a5:6d:e5:71:a0:45:f1:60:54:a9:3a:29:
9a:1d:75:06:e1:80:f1:c8:3b:4c:99:9b:01:97:48:47:87:64:
0c:94:18:f4:69:53:c7:a5:89:15:20:40:ab:41:8f:a5:fa:bf:
cc:0b:69:fb
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYdqTZc/oWNdhSXIrSwy4VboMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDEwMDgzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjZjOTIzN2UzMDE4NjVmNTc4ZDhmOWU2NTUyMDUzYzdkZGVmMjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnshSs0GSY2uDn6MIGlSKb2DOZHXo
y6QT5aFy/sWRm90qS4mWMBxOyTc6w6eH256R2c7ybFGgsZjiefMWZpae0Xxq3iOV
/Hh3CkaMUvT0YgboDoNplGF6wyZVNQoIFMMnQI6A8D6IWm27duhBm5ynZVMtKsev
Ft7skaaZlHo6+JXr04yFO5pReuv70/Ep1GYAfAuhW4s4Na+Y5Fay6sHhXBwc4gBU
qDZjqan5NObXzVpVTkTDDMh5VTqjBslNN8dhtfFR++py5EqkdQG4MRTPimHx1nuU
Qj4VMbwvxMQrZu3UyFKx7qpmPl5pht24C7zKA27HUDhxkpARr/g/KzJ3PQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFD9skjfjAYZfV42PnmVSBTx93vJ3MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUDJ5U04tTUJobDlYalktZVpWSUZQSDNlOG5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALZyfAwQA
V/eVAwQAV/eXAwQBWSU+AwQAW7zMAwQAuYeNAwQAuYePAwQAuf+pAwQAvNSbAwQA
vPG2AwQAvPHzMA0GCSqGSIb3DQEBCwUAA4IBAQCUAUaoD3S01EjUhdpZnjdInflI
a26RYADZ+mOoYnThzo7MTE0keYN0GCo0PblTDE4MjuFIuSYspCzJbm63S91ry6Uq
bfnOrcMl+cF0Q/dkIo0OWVYCQJA09qLacsPKyE0sfLDR1zI/hZgMFwRTCV8PF0YT
+kW52T5m+8PXrklJSmm9fGdpSPrm2nNsYDaZ3DKGPeLY+JxHQOgRjFMk6czKylrB
/OPj34qJtsumAK2orpTEdC1Kz/zaMUjcv5UYMJf6iZJ+a5WFAJkx9yWlbeVxoEXx
YFSpOimaHXUG4YDxyDtMmZsBl0hHh2QMlBj0aVPHpYkVIECrQY+l+r/MC2n7
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:54 2023 by rpki-client on console-ams.rpki-client.org