Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/XbL6S1YQCJaHIbowdH9dw772VXE.roa
File: XbL6S1YQCJaHIbowdH9dw772VXE.roa (raw, json)
Hash identifier: TtVhSQVhrcdcFmFyVlsAGhtZvkeLOIcbT+zyO/Em2fU=
Subject key identifier: 5D:B2:FA:4B:56:10:08:96:87:21:BA:30:74:7F:5D:C3:BE:F6:55:71
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B725D8F55A266DDFC286DBDFDB9D49AC8
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/XbL6S1YQCJaHIbowdH9dw772VXE.roa
Signing time: Fri 27 Oct 2023 18:20:16 +0000
ROA not before: Fri 27 Oct 2023 18:20:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.40.160.0/24 maxlen: 24
89.33.14.0/24 maxlen: 24
188.214.27.0/24 maxlen: 24
93.114.195.0/24 maxlen: 24
203.0.9.0/24 maxlen: 24
203.0.8.0/24 maxlen: 24
89.46.92.0/24 maxlen: 24
103.212.82.0/24 maxlen: 24
89.47.89.0/24 maxlen: 24
78.142.242.0/23 maxlen: 24
78.142.241.0/24 maxlen: 24
178.239.204.0/24 maxlen: 24
93.114.246.0/24 maxlen: 24
223.27.114.0/24 maxlen: 24
89.38.101.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:72:5d:8f:55:a2:66:dd:fc:28:6d:bd:fd:b9:d4:9a:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 27 18:20:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5db2fa4b561008968721ba30747f5dc3bef65571
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:38:97:7f:4e:c2:f7:92:e5:48:ed:6c:eb:d0:
d1:95:62:d4:99:c9:2a:ed:bb:3f:8c:8b:30:3e:3f:
8d:c2:73:d2:46:ed:f9:e7:a5:2a:0d:f4:15:b9:78:
cb:91:15:f3:26:a1:c2:99:e8:70:a2:76:d6:28:5a:
9b:aa:fa:75:20:18:fd:65:1a:00:be:38:aa:bf:5e:
a7:19:3d:a3:fe:6a:b2:64:d5:6d:40:fc:3e:1b:54:
68:77:03:fd:b7:45:30:84:b9:57:dd:da:dd:e7:07:
9d:7a:75:9f:62:e7:67:00:c6:73:46:6b:cf:c9:13:
77:9c:d1:16:fd:82:4a:87:c6:3b:e0:c3:67:0d:82:
4b:38:96:15:c9:b2:e0:ec:d3:dc:a2:32:f4:ff:32:
92:02:03:44:03:d7:e1:4e:6a:36:24:74:86:d8:29:
25:d8:b3:ff:f6:52:c8:f4:47:e6:f4:49:72:d3:af:
81:fe:02:aa:24:24:f4:a0:70:f0:36:e4:af:78:cc:
c6:53:73:ab:eb:59:21:79:8c:1c:8b:11:13:f1:d6:
29:db:7f:29:4f:aa:f2:d8:04:5a:e8:1b:f4:a5:8f:
b6:b5:7e:67:a3:b9:99:a9:b2:d6:01:06:15:c0:8d:
b5:2a:f9:6b:33:ee:87:d8:57:a6:37:11:72:3e:ea:
d1:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:B2:FA:4B:56:10:08:96:87:21:BA:30:74:7F:5D:C3:BE:F6:55:71
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/XbL6S1YQCJaHIbowdH9dw772VXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.241.0-78.142.243.255
89.33.14.0/24
89.38.101.0/24
89.40.160.0/24
89.46.92.0/24
89.47.89.0/24
93.114.195.0/24
93.114.246.0/24
103.212.82.0/24
178.239.204.0/24
188.214.27.0/24
203.0.8.0/23
223.27.114.0/24
Signature Algorithm: sha256WithRSAEncryption
31:93:ce:f6:73:a5:42:c2:e0:d1:05:63:4b:77:9a:17:e3:33:
cd:c4:91:7f:db:5e:8b:d4:0c:b7:68:02:90:87:f6:b3:6c:d8:
62:fe:a7:94:9a:43:12:2a:61:73:5f:74:ac:48:8a:f4:88:5c:
9b:5c:31:df:54:1d:27:b4:af:92:ff:59:61:d2:3c:f7:b8:fb:
67:ca:d3:5b:26:ca:76:38:de:71:09:26:a1:e6:e8:df:1b:22:
50:78:c7:8d:0f:f5:73:ae:93:71:3f:f1:6f:a1:f1:2e:9b:ba:
5b:a2:fe:ff:2f:0f:8f:46:8f:3c:ae:38:3e:3c:6f:2b:39:cc:
21:82:79:9b:ed:d0:8a:55:65:15:68:08:1b:9b:ea:87:c9:3c:
6e:52:1d:e2:97:23:26:1d:ea:99:36:08:20:41:90:ca:7a:4a:
11:75:25:56:f9:1c:47:4c:ed:94:07:7f:10:ce:00:77:b0:10:
91:4f:cb:58:28:27:c2:d0:1e:1f:4d:6a:82:00:0b:0a:11:13:
7b:fa:1e:fe:69:c7:4b:6d:76:6b:d7:4c:0c:b7:e5:62:ac:b9:
0d:94:47:cf:c8:cd:9d:14:37:46:e1:da:1b:ea:23:c8:1b:48:
19:18:8b:cd:2c:a8:df:7e:16:5d:51:64:a3:f2:7c:e4:43:b1:
8c:ff:46:57
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYtyXY9Vombd/Chtvf251JrIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDI3MTgyMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGIyZmE0YjU2MTAwODk2ODcyMWJhMzA3NDdmNWRjM2JlZjY1NTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDiXf07C95LlSO1s69DRlWLUmckq
7bs/jIswPj+NwnPSRu3556UqDfQVuXjLkRXzJqHCmehwonbWKFqbqvp1IBj9ZRoA
vjiqv16nGT2j/mqyZNVtQPw+G1RodwP9t0UwhLlX3drd5wedenWfYudnAMZzRmvP
yRN3nNEW/YJKh8Y74MNnDYJLOJYVybLg7NPcojL0/zKSAgNEA9fhTmo2JHSG2Ckl
2LP/9lLI9Efm9Ely06+B/gKqJCT0oHDwNuSveMzGU3Or61kheYwcixET8dYp238p
T6ry2ARa6Bv0pY+2tX5no7mZqbLWAQYVwI21KvlrM+6H2FemNxFyPurRDQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFF2y+ktWEAiWhyG6MHR/XcO+9lVxMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWGJMNlMxWVFDSmFISWJvd2RIOWR3NzcyVlhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWMAwDBABOjvED
BAJOjvADBABZIQ4DBABZJmUDBABZKKADBABZLlwDBABZL1kDBABdcsMDBABdcvYD
BABn1FIDBACy78wDBAC81hsDBAHLAAgDBADfG3IwDQYJKoZIhvcNAQELBQADggEB
ADGTzvZzpULC4NEFY0t3mhfjM83EkX/bXovUDLdoApCH9rNs2GL+p5SaQxIqYXNf
dKxIivSIXJtcMd9UHSe0r5L/WWHSPPe4+2fK01smynY43nEJJqHm6N8bIlB4x40P
9XOuk3E/8W+h8S6bului/v8vD49GjzyuOD48bys5zCGCeZvt0IpVZRVoCBub6ofJ
PG5SHeKXIyYd6pk2CCBBkMp6ShF1JVb5HEdM7ZQHfxDOAHewEJFPy1goJ8LQHh9N
aoIACwoRE3v6Hv5px0ttdmvXTAy35WKsuQ2UR8/IzZ0UN0bh2hvqI8gbSBkYi80s
qN9+Fl1RZKPyfORDsYz/Rlc=
-----END CERTIFICATE-----
Generated at Thu Nov 2 10:27:09 2023 by rpki-client on console-fra.rpki-client.org