Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/V0N6NDrcmx19m1L9YvL52dr3CY4.roa
File: V0N6NDrcmx19m1L9YvL52dr3CY4.roa (raw, json)
Hash identifier: gzveYK+jqguaWKHlLSwQifGM+j6ubM8dRzgc+0Tk+fo=
Subject key identifier: 57:43:7A:34:3A:DC:9B:1D:7D:9B:52:FD:62:F2:F9:D9:DA:F7:09:8E
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018BB4AA3BDD18A6D7DC6C044899A7DC1C75
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/V0N6NDrcmx19m1L9YvL52dr3CY4.roa
Signing time: Thu 09 Nov 2023 15:18:57 +0000
ROA not before: Thu 09 Nov 2023 15:18:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.254.0/23 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b4:aa:3b:dd:18:a6:d7:dc:6c:04:48:99:a7:dc:1c:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 9 15:18:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=57437a343adc9b1d7d9b52fd62f2f9d9daf7098e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:19:a9:aa:8e:09:b8:ea:e6:60:b9:ef:b7:d7:
b4:d7:cc:b7:23:1f:52:38:5b:fb:22:64:b3:0d:62:
6d:ad:db:7d:18:b2:55:17:5f:4c:d5:c5:f9:a7:22:
4b:78:c8:13:4b:18:b2:4c:1e:43:7e:02:f9:83:dd:
3e:4d:81:85:55:db:47:c2:e8:f0:9a:1b:60:07:24:
06:de:08:53:e6:f6:2f:21:dc:1f:53:27:5f:1c:a2:
2c:0e:47:7b:5a:3a:be:7a:e5:8b:39:c0:95:24:87:
d6:cd:c2:80:ab:82:72:6a:e3:92:f0:32:16:a2:00:
a6:3c:0a:41:0e:cf:de:d2:51:59:51:61:c3:4e:6b:
7e:3d:e2:98:83:02:75:7b:50:7d:04:1e:58:ba:29:
70:c0:fb:b0:bf:db:94:b7:b6:0e:b3:6b:b6:67:e7:
23:3d:1d:87:10:fd:42:1c:3a:4b:31:1a:39:e8:c8:
d4:57:24:d2:0e:6b:b0:85:eb:65:92:55:77:ba:5c:
65:b9:58:12:9d:9b:17:0a:6b:a0:f4:c3:19:91:4c:
ad:e2:08:9a:50:d1:3c:cb:44:08:05:c7:7c:84:2b:
70:64:88:96:56:2e:f9:3d:a2:97:d5:b3:ed:25:8d:
f5:d7:f2:0e:34:0d:f6:bf:2f:c9:ff:58:dc:db:69:
19:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:43:7A:34:3A:DC:9B:1D:7D:9B:52:FD:62:F2:F9:D9:DA:F7:09:8E
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/V0N6NDrcmx19m1L9YvL52dr3CY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
87.247.148.0/22
89.33.84.0/23
89.35.154.0/24
89.37.62.0/23
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.168.0/22
188.212.132.0/23
188.212.159.0/24
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.241.110.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
16:63:d1:3b:c0:0b:8c:1a:8e:f4:9a:67:67:e5:1e:94:de:b1:
54:42:0f:40:81:25:9a:85:b1:85:96:9a:a0:67:7a:11:e2:54:
6b:a2:50:5c:07:58:47:bd:5b:39:19:84:64:92:b7:ae:9b:0a:
2b:ab:b5:a2:4a:a0:c5:58:86:2d:d4:c0:ec:b3:79:d4:f7:36:
04:68:4c:66:5c:93:88:0a:7c:1f:2b:77:a4:53:dc:5c:83:db:
f7:9e:02:65:8a:f1:c1:02:3d:60:f2:a3:61:70:82:4c:02:ce:
67:70:c2:5a:02:a4:66:42:a5:53:55:70:8f:94:86:2b:2b:5c:
4b:2c:7d:36:d4:be:e4:45:e8:98:15:b9:96:14:fe:35:49:03:
43:dd:b7:d2:ed:8e:04:0a:ce:55:53:21:d7:de:80:9f:c3:0d:
5d:3b:19:35:bc:21:56:5d:d9:ac:91:c2:9b:1f:c9:ab:de:f9:
5e:a5:67:fc:a7:ab:f7:cd:14:01:0a:45:a6:75:c0:b9:95:85:
e8:bc:01:61:93:60:45:dc:10:55:6a:37:76:b1:34:8f:e1:df:
43:cf:9f:ff:b9:97:9f:5b:bf:6e:82:18:76:b0:74:e6:e0:c4:
6a:85:52:d3:bb:b8:61:38:e2:16:3c:ee:2a:29:60:4b:82:40:
fa:c1:c6:82
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYu0qjvdGKbX3GwESJmn3Bx1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTA5MTUxODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzQzN2EzNDNhZGM5YjFkN2Q5YjUyZmQ2MmYyZjlkOWRhZjcwOThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Rmpqo4JuOrmYLnvt9e018y3Ix9S
OFv7ImSzDWJtrdt9GLJVF19M1cX5pyJLeMgTSxiyTB5DfgL5g90+TYGFVdtHwujw
mhtgByQG3ghT5vYvIdwfUydfHKIsDkd7Wjq+euWLOcCVJIfWzcKAq4JyauOS8DIW
ogCmPApBDs/e0lFZUWHDTmt+PeKYgwJ1e1B9BB5YuilwwPuwv9uUt7YOs2u2Z+cj
PR2HEP1CHDpLMRo56MjUVyTSDmuwhetlklV3ulxluVgSnZsXCmug9MMZkUyt4gia
UNE8y0QIBcd8hCtwZIiWVi75PaKX1bPtJY311/IONA32vy/J/1jc22kZeQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFFdDejQ63JsdfZtS/WLy+dna9wmOMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVjBONk5EcmNteDE5bTFMOVl2TDUyZHIzQ1k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAIt
krgDBAAtnJ0DBAJX95QDBAFZIVQDBABZI5oDBAFZJT4DBAJbvMwDBAFdc/4DBAG5
h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAK5/6gDBAG81IQDBAC81J8DBAC8
1tEDBAG88OADBAC88OMDBAC88W4DBAC88fMDBAHBF4ADBALV6FwwDQYJKoZIhvcN
AQELBQADggEBABZj0TvAC4wajvSaZ2flHpTesVRCD0CBJZqFsYWWmqBnehHiVGui
UFwHWEe9WzkZhGSSt66bCiurtaJKoMVYhi3UwOyzedT3NgRoTGZck4gKfB8rd6RT
3FyD2/eeAmWK8cECPWDyo2FwgkwCzmdwwloCpGZCpVNVcI+UhisrXEssfTbUvuRF
6JgVuZYU/jVJA0Pdt9LtjgQKzlVTIdfegJ/DDV07GTW8IVZd2ayRwpsfyave+V6l
Z/ynq/fNFAEKRaZ1wLmVhei8AWGTYEXcEFVqN3axNI/h30PPn/+5l59bv26CGHaw
dObgxGqFUtO7uGE44hY87iopYEuCQPrBxoI=
-----END CERTIFICATE-----
Generated at Fri Nov 10 15:58:19 2023 by rpki-client on console-fra.rpki-client.org