Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/SmboKoZKvjcda2fge0XerlK1K8g.roa
File: SmboKoZKvjcda2fge0XerlK1K8g.roa (raw, json)
Hash identifier: k26ms52b8u3D1G9XKLUuH6hcZbn4QqnIbRkjB1u9yI8=
Subject key identifier: 4A:66:E8:2A:86:4A:BE:37:1D:6B:67:E0:7B:45:DE:AE:52:B5:2B:C8
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01879570638EBAE0943C044A1D37DB102E3E
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/SmboKoZKvjcda2fge0XerlK1K8g.roa
Signing time: Tue 18 Apr 2023 17:36:23 +0000
ROA not before: Tue 18 Apr 2023 17:36:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 89.35.154.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.241.182.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
45.156.159.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:95:70:63:8e:ba:e0:94:3c:04:4a:1d:37:db:10:2e:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 18 17:36:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a66e82a864abe371d6b67e07b45deae52b52bc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:03:38:c5:62:dd:1d:a3:93:8d:2f:89:b4:9c:
ba:aa:b5:0a:b1:e6:4a:9a:8d:e1:7b:ff:03:19:2d:
e8:0d:32:1f:96:e5:2b:49:ed:04:b7:19:42:ad:d2:
1c:fa:35:f4:0a:84:b7:70:26:c1:1f:14:ef:72:24:
29:f7:c5:70:78:a9:18:78:9e:da:2e:73:c1:e3:04:
8a:59:9b:4a:6a:ce:1c:3c:14:d9:78:92:e8:fe:29:
c3:a6:79:f6:db:ba:b6:ef:41:a8:ca:69:e1:f5:7e:
46:d0:3f:1d:c6:d3:4a:d6:4b:43:9d:82:b9:3a:d9:
04:e1:90:ae:d5:fd:6b:96:a9:9c:e3:9b:d8:5b:b8:
7f:4d:29:d6:53:b5:43:12:22:1a:65:fd:63:7d:a8:
af:d7:63:a2:ce:5a:cd:e0:74:10:b2:80:5d:73:50:
a6:03:e5:85:cf:c3:8f:99:15:0d:68:cf:6a:a2:a3:
76:44:e6:0b:12:e0:c1:2d:ad:07:f7:ec:ce:3b:81:
4c:a5:62:35:a6:8f:78:da:96:af:3c:ed:3a:33:25:
71:13:f8:9e:7b:82:55:a5:5b:d3:11:63:12:dd:ab:
36:c5:03:77:61:32:e5:e9:7f:94:74:67:d6:6f:3d:
5f:9b:df:4c:9b:72:62:08:c9:05:cc:ba:4a:8b:b5:
5f:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:66:E8:2A:86:4A:BE:37:1D:6B:67:E0:7B:45:DE:AE:52:B5:2B:C8
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/SmboKoZKvjcda2fge0XerlK1K8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.159.0/24
87.247.149.0/24
87.247.151.0/24
89.35.154.0/24
89.37.62.0/23
91.188.204.0/24
185.135.141.0/24
185.135.143.0/24
185.255.169.0/24
188.212.155.0/24
188.240.233.0/24
188.241.110.0/24
188.241.182.0/24
188.241.243.0/24
213.232.94.0/23
Signature Algorithm: sha256WithRSAEncryption
28:94:0b:3c:f8:6d:3b:30:6a:5d:d2:dd:dd:7c:2c:4f:29:83:
69:83:9c:65:5d:1c:93:a9:ff:6e:70:ec:28:99:0a:04:77:e7:
fd:f3:4f:7d:1d:90:7b:0d:c7:67:b9:ed:0a:52:8e:20:84:57:
0b:52:3b:23:ff:37:92:45:5e:5a:8b:2d:f1:2f:58:3d:78:2e:
8a:f7:d6:f0:e6:9d:9f:a1:6c:7a:99:5d:7a:84:cd:28:1a:7d:
f3:09:e5:66:7e:58:50:98:c2:94:4e:9c:9c:ce:18:6b:8d:cb:
f2:90:03:94:15:49:22:29:77:33:27:b6:54:56:eb:92:ee:95:
18:a2:33:eb:79:41:89:38:4f:fa:d1:a7:a2:45:4d:b2:ff:85:
32:26:05:fc:99:1e:a2:61:1d:0c:c3:fa:3c:d4:01:c3:c0:57:
46:31:1b:b7:61:30:c9:42:d9:3f:34:d5:2a:19:0a:db:5a:79:
dc:39:f3:5d:83:0f:a2:f6:e2:00:32:ca:c6:ab:e9:ce:75:fa:
e0:6d:e1:d4:d4:13:38:0a:f4:2d:91:a6:02:8e:a9:b4:26:59:
fc:ab:83:13:77:a8:e2:35:35:09:fd:53:8f:d5:ce:3b:d5:1d:
6c:05:84:76:dc:bd:40:44:5c:52:1f:16:d8:8b:70:23:9a:82:
e6:8d:ca:b6
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYeVcGOOuuCUPARKHTfbEC4+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDE4MTczNjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTY2ZTgyYTg2NGFiZTM3MWQ2YjY3ZTA3YjQ1ZGVhZTUyYjUyYmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwM4xWLdHaOTjS+JtJy6qrUKseZK
mo3he/8DGS3oDTIfluUrSe0EtxlCrdIc+jX0CoS3cCbBHxTvciQp98VweKkYeJ7a
LnPB4wSKWZtKas4cPBTZeJLo/inDpnn227q270Goymnh9X5G0D8dxtNK1ktDnYK5
OtkE4ZCu1f1rlqmc45vYW7h/TSnWU7VDEiIaZf1jfaiv12OizlrN4HQQsoBdc1Cm
A+WFz8OPmRUNaM9qoqN2ROYLEuDBLa0H9+zOO4FMpWI1po942pavPO06MyVxE/ie
e4JVpVvTEWMS3as2xQN3YTLl6X+UdGfWbz1fm99Mm3JiCMkFzLpKi7VfsQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFEpm6CqGSr43HWtn4HtF3q5StSvIMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvU21ib0tvWkt2amNkYTJmZ2UwWGVybEsxSzhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQALZyfAwQA
V/eVAwQAV/eXAwQAWSOaAwQBWSU+AwQAW7zMAwQAuYeNAwQAuYePAwQAuf+pAwQA
vNSbAwQAvPDpAwQAvPFuAwQAvPG2AwQAvPHzAwQB1eheMA0GCSqGSIb3DQEBCwUA
A4IBAQAolAs8+G07MGpd0t3dfCxPKYNpg5xlXRyTqf9ucOwomQoEd+f98099HZB7
Dcdnue0KUo4ghFcLUjsj/zeSRV5aiy3xL1g9eC6K99bw5p2foWx6mV16hM0oGn3z
CeVmflhQmMKUTpyczhhrjcvykAOUFUkiKXczJ7ZUVuuS7pUYojPreUGJOE/60aei
RU2y/4UyJgX8mR6iYR0Mw/o81AHDwFdGMRu3YTDJQtk/NNUqGQrbWnncOfNdgw+i
9uIAMsrGq+nOdfrgbeHU1BM4CvQtkaYCjqm0Jln8q4MTd6jiNTUJ/VOP1c471R1s
BYR23L1ARFxSHxbYi3AjmoLmjcq2
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:01 2023 by rpki-client on console-fra.rpki-client.org