Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YANOdDUsVgiQhbpazP7nv3FBY2Y.roa
File: YANOdDUsVgiQhbpazP7nv3FBY2Y.roa (raw, json)
Hash identifier: IPzRgc1l7zNAWowWfrHPHR0aTti8yfK6QbGcJJYmbo4=
Subject key identifier: 60:03:4E:74:35:2C:56:08:90:85:BA:5A:CC:FE:E7:BF:71:41:63:66
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018A47A44E82112B4F1ED328D206AAB2673F
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YANOdDUsVgiQhbpazP7nv3FBY2Y.roa
Signing time: Wed 30 Aug 2023 18:11:04 +0000
ROA not before: Wed 30 Aug 2023 18:11:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
188.241.214.0/24 maxlen: 24
93.115.255.0/24 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
217.74.16.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
89.35.155.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:47:a4:4e:82:11:2b:4f:1e:d3:28:d2:06:aa:b2:67:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 30 18:11:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60034e74352c56089085ba5accfee7bf71416366
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:18:6c:33:48:23:b9:fd:dd:82:6c:9c:5d:6d:
c0:37:26:35:d1:50:03:d6:c0:25:2c:95:29:49:70:
5e:e4:fb:ed:97:32:d1:b3:88:b8:ec:66:86:85:5d:
5e:24:02:7a:c8:f4:78:f7:53:8a:aa:a7:ba:67:3e:
eb:36:7a:76:0f:f2:53:0d:68:55:64:97:39:db:71:
e5:c7:77:f1:8a:94:90:60:cb:c4:64:06:49:f1:48:
23:5e:9e:33:dd:19:42:5c:da:04:63:b6:e0:b0:9e:
2b:34:15:f4:68:6e:33:ba:0a:3c:af:72:d7:26:9b:
a3:68:2f:7e:9c:c3:80:1e:47:1c:e9:84:69:60:59:
36:05:ba:d6:42:79:ae:8c:74:90:b7:11:58:99:02:
3c:99:65:7b:93:a2:26:59:de:aa:9c:8c:1e:39:a1:
c4:49:fb:b8:fb:6e:45:f2:d6:4d:ae:97:14:8e:84:
db:f6:8a:98:a1:cd:e0:88:b2:c5:21:af:0a:f9:79:
e6:46:3d:2b:ba:eb:88:a9:bd:6e:38:e8:1e:7a:8c:
10:73:26:47:7d:e0:62:54:e7:fe:37:41:cf:06:d0:
d7:1d:15:44:d8:81:d2:db:d8:66:5f:1a:d8:58:94:
42:cd:d2:7b:9c:04:e5:5d:1e:ea:60:b6:3d:b0:12:
82:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:03:4E:74:35:2C:56:08:90:85:BA:5A:CC:FE:E7:BF:71:41:63:66
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YANOdDUsVgiQhbpazP7nv3FBY2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.157.0/24
87.247.148.0/22
89.33.84.0/23
89.35.154.0/23
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.169.0-185.255.171.255
188.212.133.0/24
188.212.155.0/24
188.212.158.0/24
188.213.202.0/23
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.240.233.0/24
188.241.110.0/24
188.241.214.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
217.74.16.0/24
Signature Algorithm: sha256WithRSAEncryption
08:b1:ab:05:2d:b6:90:a6:36:7d:b9:38:49:84:cf:62:5d:b7:
19:23:a4:eb:48:03:56:16:42:c2:96:ed:5c:87:02:fc:3d:d6:
37:ae:f4:4a:be:87:d7:20:2b:7b:2a:52:42:f5:80:23:c9:71:
c9:d3:e5:c1:ba:f6:be:e5:fd:62:9c:eb:e2:18:9d:ec:23:b4:
38:ad:0f:9c:1d:05:26:90:63:f4:6e:e7:08:40:7c:62:58:54:
dc:b8:49:d5:ef:dc:45:af:c9:0e:25:4c:8a:2e:43:2d:74:0b:
be:a1:0a:48:09:bf:59:1f:e9:f2:69:50:51:11:29:53:2c:f0:
3c:e0:ad:c1:82:f6:79:25:1b:d6:ab:d8:ee:59:ef:a5:c4:61:
aa:83:f3:c1:be:5a:eb:66:84:d4:40:ab:26:7b:99:55:26:c4:
32:0f:af:37:f5:59:f7:f9:67:54:32:d4:60:7b:10:8b:3d:c3:
73:d7:5f:bc:b3:79:a1:12:c3:5f:55:eb:26:65:34:3a:8f:44:
c4:8f:24:4c:c6:87:5d:d4:05:c5:48:5b:37:48:16:08:f7:b2:
45:8f:cb:c2:06:97:8d:6d:bf:aa:61:93:ab:ef:e1:43:78:8e:
61:2b:a6:55:d1:c7:bd:c4:66:24:93:c5:a6:f2:8c:9c:04:12:
8b:17:a0:5c
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAYpHpE6CEStPHtMo0gaqsmc/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwODMwMTgxMTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDAzNGU3NDM1MmM1NjA4OTA4NWJhNWFjY2ZlZTdiZjcxNDE2MzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRhsM0gjuf3dgmycXW3ANyY10VAD
1sAlLJUpSXBe5PvtlzLRs4i47GaGhV1eJAJ6yPR491OKqqe6Zz7rNnp2D/JTDWhV
ZJc523Hlx3fxipSQYMvEZAZJ8UgjXp4z3RlCXNoEY7bgsJ4rNBX0aG4zugo8r3LX
JpujaC9+nMOAHkcc6YRpYFk2BbrWQnmujHSQtxFYmQI8mWV7k6ImWd6qnIweOaHE
Sfu4+25F8tZNrpcUjoTb9oqYoc3giLLFIa8K+XnmRj0ruuuIqb1uOOgeeowQcyZH
feBiVOf+N0HPBtDXHRVE2IHS29hmXxrYWJRCzdJ7nATlXR7qYLY9sBKC+wIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFGADTnQ1LFYIkIW6Wsz+579xQWNmMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWUFOT2REVXNWZ2lRaGJwYXpQN252M0ZCWTJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBsQQCAAEwgaoDBAAt
nJ0DBAJX95QDBAFZIVQDBAFZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAG5h4wDBAC5
h48DBAC57goDBAG58dIDBAC5/ycwDAMEALn/qQMEArn/qAMEALzUhQMEALzUmwME
ALzUngMEAbzVygMEALzW0QMEAbzw4AMEALzw4wMEALzw6QMEALzxbgMEALzx1gME
ALzx8wMEAcEXgAMEAtXoXAMEANlKEDANBgkqhkiG9w0BAQsFAAOCAQEACLGrBS22
kKY2fbk4SYTPYl23GSOk60gDVhZCwpbtXIcC/D3WN670Sr6H1yAreypSQvWAI8lx
ydPlwbr2vuX9Ypzr4hid7CO0OK0PnB0FJpBj9G7nCEB8YlhU3LhJ1e/cRa/JDiVM
ii5DLXQLvqEKSAm/WR/p8mlQUREpUyzwPOCtwYL2eSUb1qvY7lnvpcRhqoPzwb5a
62aE1ECrJnuZVSbEMg+vN/VZ9/lnVDLUYHsQiz3Dc9dfvLN5oRLDX1XrJmU0Oo9E
xI8kTMaHXdQFxUhbN0gWCPeyRY/LwgaXjW2/qmGTq+/hQ3iOYSumVdHHvcRmJJPF
pvKMnAQSixegXA==
-----END CERTIFICATE-----
Generated at Mon Sep 4 18:43:07 2023 by rpki-client on console-ams.rpki-client.org