Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Zkc6s4ZQIVyUI3T80PUvW4jR25I.roa
File: Zkc6s4ZQIVyUI3T80PUvW4jR25I.roa (raw, json)
Hash identifier: eUQJtdoDc94apdIRrYgnXN5aHmdOC5VceqgF5JxRd2Q=
Subject key identifier: 66:47:3A:B3:86:50:21:5C:94:23:74:FC:D0:F5:2F:5B:88:D1:DB:92
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018924A9702A31E2E31AB177BA4BAB2C5D8B
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Zkc6s4ZQIVyUI3T80PUvW4jR25I.roa
Signing time: Wed 05 Jul 2023 06:07:11 +0000
ROA not before: Wed 05 Jul 2023 06:07:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.255.39.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
188.241.214.0/24 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
45.156.159.0/24 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
89.35.155.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.230.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.103.72.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:24:a9:70:2a:31:e2:e3:1a:b1:77:ba:4b:ab:2c:5d:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 5 06:07:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66473ab38650215c942374fcd0f52f5b88d1db92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:67:26:1c:47:75:d2:fc:44:8e:6d:26:4f:c7:
3c:53:b5:d3:30:b4:6e:e1:3f:8b:af:37:c7:29:8b:
53:c0:e7:f1:b4:32:75:46:7f:44:ef:09:75:80:e9:
b9:ee:5d:13:12:3d:86:ae:58:02:82:3e:cd:b2:ea:
88:8d:d1:12:4c:7d:a6:cc:5f:44:16:5a:eb:1f:b2:
a2:c5:43:64:84:d9:53:68:3e:27:10:b1:64:5b:23:
60:a6:dd:10:e3:97:19:5a:f7:9c:1c:09:c2:40:53:
bd:d0:19:20:1f:0d:e5:85:03:c4:b0:4b:9d:c3:80:
d2:08:e0:b1:e2:b9:24:be:af:ed:ba:cf:38:70:5d:
14:a6:fc:b5:44:1a:32:56:8c:80:15:e0:ff:ae:1c:
63:36:9b:1c:b6:ab:d2:dc:d3:fe:82:81:f2:18:43:
ea:ad:a5:a3:2d:da:e8:33:5b:13:e8:23:4d:c5:c5:
d1:5d:13:df:b8:9f:cc:d3:a1:86:81:28:75:cf:75:
77:5a:24:85:38:07:d8:f3:6f:35:37:93:29:cd:7d:
e1:34:92:5f:17:2e:f9:2f:62:40:ba:ef:8a:03:47:
cf:e2:f5:f1:3a:23:f8:eb:c5:89:69:a3:d5:bc:c4:
e7:f0:2a:da:7c:b8:a7:c6:99:f0:36:35:b6:6d:76:
2d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:47:3A:B3:86:50:21:5C:94:23:74:FC:D0:F5:2F:5B:88:D1:DB:92
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Zkc6s4ZQIVyUI3T80PUvW4jR25I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.157.0/24
45.156.159.0/24
87.247.148.0/22
89.33.85.0/24
89.35.154.0/23
89.37.63.0/24
91.188.204.0/24
91.188.206.0/23
93.115.254.0/23
185.103.72.0/24
185.135.140.0/24
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.169.0-185.255.171.255
188.212.132.0/23
188.212.155.0/24
188.212.158.0/24
188.213.203.0/24
188.240.224.0/23
188.240.227.0/24
188.240.230.0/24
188.240.232.0/23
188.241.110.0/24
188.241.214.0/24
213.232.92.0/23
Signature Algorithm: sha256WithRSAEncryption
19:53:15:73:f0:9b:c1:2f:30:76:ed:39:1e:0a:ba:2b:bb:39:
ff:5d:44:26:24:fe:eb:4c:1b:92:41:a0:03:0a:57:d6:33:63:
13:9c:98:04:cd:e5:e9:5b:f1:08:4a:27:2c:72:4f:d3:82:d6:
00:25:6e:75:f5:84:b4:fc:a4:94:11:74:6b:e3:14:b4:15:08:
6b:20:6f:5f:87:e0:59:6c:61:7a:91:9f:93:10:a5:68:03:c7:
61:dd:c2:b7:6b:f7:94:d1:00:78:8f:db:76:3f:c8:35:0b:e4:
73:fd:ad:c7:a7:0b:be:35:c4:17:48:50:20:d1:1c:3f:c6:36:
cf:1e:20:4f:84:53:5b:d1:59:c0:7e:7a:16:60:1e:00:48:f7:
3e:7f:a0:10:dd:b2:af:d8:ca:cf:dd:34:fe:26:e8:2f:7e:f5:
3e:c0:38:03:cf:69:28:a6:6b:ea:db:bf:aa:a9:98:31:1f:dc:
7c:2e:76:e5:2e:c0:e9:06:42:40:48:69:7a:91:4b:6d:88:92:
e8:9d:bb:83:79:c9:9a:7f:72:41:a0:68:02:6b:ce:5f:94:7a:
c9:1e:c7:0d:9a:df:b4:b0:c2:df:20:da:59:63:f6:9f:8d:b1:
b4:d4:ac:91:f0:8a:51:d8:b3:43:96:e3:2a:f6:fd:0f:85:3c:
7e:f3:68:91
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAYkkqXAqMeLjGrF3ukurLF2LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzA1MDYwNzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjQ3M2FiMzg2NTAyMTVjOTQyMzc0ZmNkMGY1MmY1Yjg4ZDFkYjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3mcmHEd10vxEjm0mT8c8U7XTMLRu
4T+LrzfHKYtTwOfxtDJ1Rn9E7wl1gOm57l0TEj2GrlgCgj7NsuqIjdESTH2mzF9E
FlrrH7KixUNkhNlTaD4nELFkWyNgpt0Q45cZWvecHAnCQFO90BkgHw3lhQPEsEud
w4DSCOCx4rkkvq/tus84cF0Upvy1RBoyVoyAFeD/rhxjNpsctqvS3NP+goHyGEPq
raWjLdroM1sT6CNNxcXRXRPfuJ/M06GGgSh1z3V3WiSFOAfY8281N5MpzX3hNJJf
Fy75L2JAuu+KA0fP4vXxOiP468WJaaPVvMTn8CrafLinxpnwNjW2bXYtzQIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFGZHOrOGUCFclCN0/ND1L1uI0duSMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWmtjNnM0WlFJVnlVSTNUODBQVXZXNGpSMjVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBsQQCAAEwgaoDBAAt
nJ0DBAAtnJ8DBAJX95QDBABZIVUDBAFZI5oDBABZJT8DBABbvMwDBAFbvM4DBAFd
c/4DBAC5Z0gDBAC5h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycwDAMEALn/qQME
Arn/qAMEAbzUhAMEALzUmwMEALzUngMEALzVywMEAbzw4AMEALzw4wMEALzw5gME
Abzw6AMEALzxbgMEALzx1gMEAdXoXDANBgkqhkiG9w0BAQsFAAOCAQEAGVMVc/Cb
wS8wdu05Hgq6K7s5/11EJiT+60wbkkGgAwpX1jNjE5yYBM3l6VvxCEonLHJP04LW
ACVudfWEtPyklBF0a+MUtBUIayBvX4fgWWxhepGfkxClaAPHYd3Ct2v3lNEAeI/b
dj/INQvkc/2tx6cLvjXEF0hQINEcP8Y2zx4gT4RTW9FZwH56FmAeAEj3Pn+gEN2y
r9jKz900/iboL371PsA4A89pKKZr6tu/qqmYMR/cfC525S7A6QZCQEhpepFLbYiS
6J27g3nJmn9yQaBoAmvOX5R6yR7HDZrftLDC3yDaWWP2n42xtNSskfCKUdizQ5bj
Kvb9D4U8fvNokQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:55 2023 by rpki-client on console-ams.rpki-client.org