Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/PAYgg3cUyvYoC0qBBp9qpU6shS0.roa
File: PAYgg3cUyvYoC0qBBp9qpU6shS0.roa (raw, json)
Hash identifier: Lwys3aoY6WV1XY92wOh0ELX2PYApsoONurM9n0+kHVg=
Subject key identifier: 3C:06:20:83:77:14:CA:F6:28:0B:4A:81:06:9F:6A:A5:4E:AC:85:2D
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B86BC67C9E0839DF5098B8076C863CA90
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/PAYgg3cUyvYoC0qBBp9qpU6shS0.roa
Signing time: Tue 31 Oct 2023 17:16:16 +0000
ROA not before: Tue 31 Oct 2023 17:16:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7393
IP address blocks: 37.140.222.0/24 maxlen: 24
188.241.248.0/24 maxlen: 24
193.221.210.0/24 maxlen: 24
94.154.126.0/24 maxlen: 24
46.253.135.0/24 maxlen: 24
62.122.191.0/24 maxlen: 24
185.161.123.0/24 maxlen: 24
89.38.136.0/24 maxlen: 24
78.142.243.0/24 maxlen: 24
193.38.154.0/24 maxlen: 24
185.234.15.0/24 maxlen: 24
185.151.145.0/24 maxlen: 24
185.184.216.0/24 maxlen: 24
213.173.37.0/24 maxlen: 24
79.110.228.0/24 maxlen: 24
91.209.12.0/24 maxlen: 24
176.118.35.0/24 maxlen: 24
45.86.37.0/24 maxlen: 24
91.246.37.0/24 maxlen: 24
193.163.192.0/24 maxlen: 24
193.3.187.0/24 maxlen: 24
194.150.76.0/24 maxlen: 24
193.163.193.0/24 maxlen: 24
185.235.225.0/24 maxlen: 24
37.72.136.0/24 maxlen: 24
213.109.156.0/24 maxlen: 24
185.252.213.0/24 maxlen: 24
193.201.14.0/24 maxlen: 24
193.201.12.0/24 maxlen: 24
188.241.159.0/24 maxlen: 24
62.204.60.0/24 maxlen: 24
62.197.128.0/24 maxlen: 24
5.180.178.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:86:bc:67:c9:e0:83:9d:f5:09:8b:80:76:c8:63:ca:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 31 17:16:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c0620837714caf6280b4a81069f6aa54eac852d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a0:d6:c4:0f:d3:76:ea:29:34:67:ce:9d:6a:
39:c2:4f:19:69:96:da:9d:a2:f1:7b:52:1c:f7:90:
83:d8:73:47:8c:48:70:26:f8:9d:0e:51:68:79:3c:
c4:cd:10:9e:39:d8:92:bd:ce:7a:99:a9:73:d8:d6:
a3:2d:b8:3a:97:22:8d:65:71:53:fe:8d:be:5d:79:
c0:42:da:de:93:a1:a3:a0:21:c4:21:98:96:59:8b:
74:a5:4e:da:70:73:e1:b9:f8:27:d7:2a:5f:63:42:
06:98:06:b0:54:6d:1d:a1:d3:f4:6d:d9:fb:7b:ac:
62:2d:14:e1:3b:e7:86:86:31:17:9e:d1:de:5a:a6:
bf:ad:ee:7c:2d:68:74:7e:50:7d:53:31:68:21:08:
e4:86:74:88:d5:be:95:f3:85:0d:9b:32:7b:68:6b:
38:33:f4:94:62:d8:09:e0:7b:4d:70:e2:13:5a:2e:
c9:43:c7:a8:c6:6f:60:9f:52:d1:75:e8:6b:3d:fe:
11:f6:b4:80:8e:14:2e:42:fe:c0:db:0e:e3:3a:fd:
50:ef:e1:fa:12:de:f2:e5:a1:9a:41:fa:d8:34:d2:
03:e8:5a:28:06:f3:41:0c:7e:e0:69:35:33:fd:6c:
6a:fe:21:71:00:cb:c9:53:61:fb:5f:ee:30:f4:72:
43:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:06:20:83:77:14:CA:F6:28:0B:4A:81:06:9F:6A:A5:4E:AC:85:2D
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/PAYgg3cUyvYoC0qBBp9qpU6shS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.178.0/24
37.72.136.0/24
37.140.222.0/24
45.86.37.0/24
46.253.135.0/24
62.122.191.0/24
62.197.128.0/24
62.204.60.0/24
78.142.243.0/24
79.110.228.0/24
89.38.136.0/24
91.209.12.0/24
91.246.37.0/24
94.154.126.0/24
176.118.35.0/24
185.151.145.0/24
185.161.123.0/24
185.184.216.0/24
185.234.15.0/24
185.235.225.0/24
185.252.213.0/24
188.241.159.0/24
188.241.248.0/24
193.3.187.0/24
193.38.154.0/24
193.163.192.0/23
193.201.12.0/24
193.201.14.0/24
193.221.210.0/24
194.150.76.0/24
213.109.156.0/24
213.173.37.0/24
Signature Algorithm: sha256WithRSAEncryption
79:f0:30:41:dc:30:36:74:92:e3:e7:65:a5:df:45:57:c1:d7:
88:af:34:2c:1b:91:65:3e:58:c6:b1:05:96:27:41:eb:16:4b:
f0:1f:e1:69:d3:b9:1c:1b:fb:89:c4:db:a5:4d:25:b1:bc:24:
09:3c:98:51:d1:7c:b3:a5:47:4e:7b:0b:31:8c:0a:c7:8c:02:
f5:ab:ed:7c:48:27:a8:db:56:36:23:01:d5:5a:83:5e:91:a9:
e1:da:fe:00:46:fb:bb:c1:17:6f:39:44:c2:a7:70:05:ae:99:
13:59:98:f9:d2:9d:ea:1c:e2:a6:c9:e5:cb:41:53:96:42:a9:
58:c9:dd:25:08:40:c6:00:4c:2e:e3:e1:d8:85:ef:49:ca:3a:
de:a3:40:a6:e8:f1:47:95:13:7a:17:23:bb:01:08:51:82:5e:
ea:9c:e0:b6:c8:52:9e:7a:05:d0:41:a3:ef:78:87:ed:44:8b:
06:a1:f2:24:56:16:a8:49:18:bc:f6:71:90:fe:a3:34:b7:5b:
fd:87:4e:81:da:93:31:aa:0d:2d:73:ff:bd:c4:eb:f1:21:b1:
5a:fe:cf:a6:ea:89:26:04:7d:18:66:2b:60:f1:77:0d:c0:bd:
c5:6f:bc:b9:d9:81:38:c9:5e:fc:ad:08:84:7c:21:c6:36:dd:
37:0d:dc:99
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAYuGvGfJ4IOd9QmLgHbIY8qQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDMxMTcxNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzA2MjA4Mzc3MTRjYWY2MjgwYjRhODEwNjlmNmFhNTRlYWM4NTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKDWxA/TduopNGfOnWo5wk8ZaZba
naLxe1Ic95CD2HNHjEhwJvidDlFoeTzEzRCeOdiSvc56malz2NajLbg6lyKNZXFT
/o2+XXnAQtrek6GjoCHEIZiWWYt0pU7acHPhufgn1ypfY0IGmAawVG0dodP0bdn7
e6xiLRThO+eGhjEXntHeWqa/re58LWh0flB9UzFoIQjkhnSI1b6V84UNmzJ7aGs4
M/SUYtgJ4HtNcOITWi7JQ8eoxm9gn1LRdehrPf4R9rSAjhQuQv7A2w7jOv1Q7+H6
Et7y5aGaQfrYNNID6FooBvNBDH7gaTUz/Wxq/iFxAMvJU2H7X+4w9HJDMQIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFDwGIIN3FMr2KAtKgQafaqVOrIUtMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUEFZZ2czY1V5dllvQzBxQkJwOXFwVTZzaFMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBxwQCAAEwgcADBAAF
tLIDBAAlSIgDBAAljN4DBAAtViUDBAAu/YcDBAA+er8DBAA+xYADBAA+zDwDBABO
jvMDBABPbuQDBABZJogDBABb0QwDBABb9iUDBABemn4DBACwdiMDBAC5l5EDBAC5
oXsDBAC5uNgDBAC56g8DBAC56+EDBAC5/NUDBAC88Z8DBAC88fgDBADBA7sDBADB
JpoDBAHBo8ADBADByQwDBADByQ4DBADB3dIDBADClkwDBADVbZwDBADVrSUwDQYJ
KoZIhvcNAQELBQADggEBAHnwMEHcMDZ0kuPnZaXfRVfB14ivNCwbkWU+WMaxBZYn
QesWS/Af4WnTuRwb+4nE26VNJbG8JAk8mFHRfLOlR057CzGMCseMAvWr7XxIJ6jb
VjYjAdVag16RqeHa/gBG+7vBF285RMKncAWumRNZmPnSneoc4qbJ5ctBU5ZCqVjJ
3SUIQMYATC7j4diF70nKOt6jQKbo8UeVE3oXI7sBCFGCXuqc4LbIUp56BdBBo+94
h+1Eiwah8iRWFqhJGLz2cZD+ozS3W/2HToHakzGqDS1z/73E6/EhsVr+z6bqiSYE
fRhmK2Dxdw3AvcVvvLnZgTjJXvytCIR8IcY23TcN3Jk=
-----END CERTIFICATE-----
Generated at Wed Nov 1 14:42:54 2023 by rpki-client on console-ams.rpki-client.org