Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VQClsFpOTEpwB2PeouMk9SYKl9g.roa
File: VQClsFpOTEpwB2PeouMk9SYKl9g.roa (raw, json)
Hash identifier: q42eo5KnW1cLh0+za1aDxHLBhXrkDgS3uJF5bS03mro=
Subject key identifier: 55:00:A5:B0:5A:4E:4C:4A:70:07:63:DE:A2:E3:24:F5:26:0A:97:D8
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B947D87F77875A7C29C2F33DAD86F19B6
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VQClsFpOTEpwB2PeouMk9SYKl9g.roa
Signing time: Fri 03 Nov 2023 09:22:16 +0000
ROA not before: Fri 03 Nov 2023 09:22:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.255.0/24 maxlen: 24
93.115.254.0/23 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Nov 2023 19:15:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:94:7d:87:f7:78:75:a7:c2:9c:2f:33:da:d8:6f:19:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 3 09:22:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5500a5b05a4e4c4a700763dea2e324f5260a97d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ee:65:55:6a:ef:17:75:f5:8a:8b:c7:48:b9:
7f:14:4b:46:c0:91:5b:67:7d:83:43:ce:51:35:b6:
ce:63:66:d4:7b:d6:15:ce:7b:67:87:c9:ef:e5:0f:
51:3a:ec:4e:10:ec:c8:b8:6f:d9:62:01:c9:16:8d:
73:b1:7c:0f:77:0c:db:4a:44:27:b6:4a:01:c8:ce:
63:c2:ef:43:36:6a:d2:c5:1a:f6:ef:b1:25:ca:e4:
7d:44:5a:59:8e:26:e6:7d:2e:23:da:ce:d0:57:c3:
e8:9c:33:95:93:52:41:27:6a:70:3c:07:b7:31:f2:
26:8c:3e:cd:e0:ba:8b:13:21:7c:17:90:12:ce:aa:
48:39:ae:04:5e:b1:9e:1c:32:40:2b:05:11:61:72:
87:ab:f4:1f:f4:2d:1a:ca:98:36:6f:02:7d:49:50:
00:20:7e:ec:a1:91:ee:ce:06:2b:29:18:08:6a:fe:
d0:a1:55:e1:80:ea:b3:83:24:16:4a:b8:45:98:5d:
d3:d7:1e:c8:56:f1:1d:c2:f1:78:3f:7f:91:61:e4:
16:48:c5:d3:c5:30:50:e5:49:04:c4:6c:69:eb:67:
03:6b:54:8e:a3:5c:c7:c8:4f:9f:9b:fb:92:4d:ed:
b6:43:fd:7d:98:f8:06:e7:ba:85:f4:95:e6:16:29:
65:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:00:A5:B0:5A:4E:4C:4A:70:07:63:DE:A2:E3:24:F5:26:0A:97:D8
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VQClsFpOTEpwB2PeouMk9SYKl9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
87.247.148.0/22
89.33.85.0/24
89.35.154.0/24
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.168.0/22
188.212.132.0/23
188.212.159.0/24
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.241.110.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
44:58:6a:b3:7f:38:b3:9c:53:9a:54:d2:42:3d:b5:a2:d1:52:
02:8b:58:cd:03:9e:c4:96:d2:fb:f2:dd:22:92:8b:0d:c1:72:
e8:04:39:e5:b0:45:1b:fb:03:93:3c:64:62:18:2c:cf:c2:26:
43:48:25:33:72:80:47:47:be:fd:ad:db:fa:4c:c6:0a:2f:2f:
ca:f1:99:c7:d2:b4:05:12:c0:47:0c:66:e6:ab:53:22:94:14:
12:82:6e:91:85:4a:cd:22:87:79:8f:6f:c0:22:e2:a1:21:19:
27:cf:40:a5:e0:f1:50:38:1a:dc:d6:57:e9:e4:8c:a0:c0:2b:
01:43:68:70:3b:db:7e:5c:ce:f3:77:54:21:f2:32:c2:4d:ff:
a0:f0:ab:d6:b4:6e:fb:fc:7c:9d:a3:bf:05:87:b3:66:80:d5:
84:e1:34:81:30:25:c5:b6:34:fd:14:dd:9b:41:7e:ce:c4:98:
fc:8c:8b:30:c0:19:06:ce:20:48:bd:76:12:a9:d0:be:11:ba:
61:17:b0:a0:cd:2e:6a:d5:47:7b:f2:ba:03:2c:fc:3e:3e:16:
5c:b7:c8:3c:9a:44:a5:69:74:df:3a:b6:75:2c:03:53:59:fd:
24:c3:dd:25:bd:96:eb:92:64:f2:82:96:94:12:ec:b4:59:95:
72:98:cf:55
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYuUfYf3eHWnwpwvM9rYbxm2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTAzMDkyMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTAwYTViMDVhNGU0YzRhNzAwNzYzZGVhMmUzMjRmNTI2MGE5N2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+5lVWrvF3X1iovHSLl/FEtGwJFb
Z32DQ85RNbbOY2bUe9YVzntnh8nv5Q9ROuxOEOzIuG/ZYgHJFo1zsXwPdwzbSkQn
tkoByM5jwu9DNmrSxRr277ElyuR9RFpZjibmfS4j2s7QV8PonDOVk1JBJ2pwPAe3
MfImjD7N4LqLEyF8F5ASzqpIOa4EXrGeHDJAKwURYXKHq/Qf9C0aypg2bwJ9SVAA
IH7soZHuzgYrKRgIav7QoVXhgOqzgyQWSrhFmF3T1x7IVvEdwvF4P3+RYeQWSMXT
xTBQ5UkExGxp62cDa1SOo1zHyE+fm/uSTe22Q/19mPgG57qF9JXmFillHwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFFUApbBaTkxKcAdj3qLjJPUmCpfYMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVlFDbHNGcE9URXB3QjJQZW91TWs5U1lLbDlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAIt
krgDBAAtnJ0DBAJX95QDBABZIVUDBABZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAG5
h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAK5/6gDBAG81IQDBAC81J8DBAC8
1tEDBAG88OADBAC88OMDBAC88W4DBAC88fMDBAHBF4ADBALV6FwwDQYJKoZIhvcN
AQELBQADggEBAERYarN/OLOcU5pU0kI9taLRUgKLWM0DnsSW0vvy3SKSiw3BcugE
OeWwRRv7A5M8ZGIYLM/CJkNIJTNygEdHvv2t2/pMxgovL8rxmcfStAUSwEcMZuar
UyKUFBKCbpGFSs0ih3mPb8Ai4qEhGSfPQKXg8VA4GtzWV+nkjKDAKwFDaHA7235c
zvN3VCHyMsJN/6Dwq9a0bvv8fJ2jvwWHs2aA1YThNIEwJcW2NP0U3ZtBfs7EmPyM
izDAGQbOIEi9dhKp0L4RumEXsKDNLmrVR3vyugMs/D4+Fly3yDyaRKVpdN86tnUs
A1NZ/STD3SW9luuSZPKClpQS7LRZlXKYz1U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:11 2024 by rpki-client on console-ams.rpki-client.org