Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aGfnDqnXWxpJTqFzMyG_zB_hpqw.roa
File: aGfnDqnXWxpJTqFzMyG_zB_hpqw.roa (raw, json)
Hash identifier: 9C29V0vTG+M4zTuDz0kZLk5A/5GREOOpKguwDMvZ3/c=
Subject key identifier: 68:67:E7:0E:A9:D7:5B:1A:49:4E:A1:73:33:21:BF:CC:1F:E1:A6:AC
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018703223985A03E5B281DB9A820D8EC9259
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aGfnDqnXWxpJTqFzMyG_zB_hpqw.roa
Signing time: Tue 21 Mar 2023 07:46:27 +0000
ROA not before: Tue 21 Mar 2023 07:46:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.212.132.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
185.241.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
91.188.204.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
93.115.254.0/23 maxlen: 24
94.176.110.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/24 maxlen: 24
185.103.72.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:03:22:39:85:a0:3e:5b:28:1d:b9:a8:20:d8:ec:92:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 21 07:46:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6867e70ea9d75b1a494ea1733321bfcc1fe1a6ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:55:d8:7b:f5:4e:22:e4:61:f1:25:ab:3b:d2:
19:b2:ce:20:53:26:f1:7b:d8:06:ef:7d:d0:ca:d4:
64:67:5b:5e:47:3c:2f:e2:ae:93:3d:cf:28:30:3e:
d2:67:d7:29:d7:c3:97:9a:b8:01:c1:a3:c7:7f:c0:
f8:20:eb:e1:9f:60:f8:02:05:c1:76:9a:20:cd:38:
20:07:90:3a:a4:64:09:9a:fb:e7:70:a1:44:6d:10:
d4:55:c1:5a:95:d1:95:a3:b3:45:4e:d6:06:c8:e1:
fd:82:41:5f:75:6a:9f:86:f2:79:7b:6f:7c:0a:20:
79:91:39:f1:a3:84:04:7f:9f:15:c1:ae:d4:07:31:
44:18:93:3d:58:1e:2e:6f:27:e3:ed:6d:88:ec:13:
6a:f3:37:4e:45:aa:14:31:b2:5b:f8:f1:76:d9:11:
b3:d3:a8:c5:16:be:a2:ef:62:81:e3:dc:f0:01:b2:
88:dd:dc:28:52:b0:b9:45:aa:9a:dc:25:f8:38:f6:
2b:f7:5e:02:17:f5:19:b4:b4:33:72:30:81:52:5a:
23:4f:53:a4:a9:d3:9e:04:6a:06:4a:aa:ec:e9:06:
5a:fa:67:c4:29:ea:18:72:b0:60:05:39:c4:fe:6b:
38:25:6d:4a:5f:23:71:49:f2:f1:73:47:28:a4:31:
96:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:67:E7:0E:A9:D7:5B:1A:49:4E:A1:73:33:21:BF:CC:1F:E1:A6:AC
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aGfnDqnXWxpJTqFzMyG_zB_hpqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.247.148.0/24
89.37.63.0/24
91.188.204.0/24
93.115.254.0/23
94.176.110.0/24
185.103.72.0/24
185.238.10.0/24
185.241.209.0-185.241.211.255
185.255.169.0-185.255.170.255
188.212.132.0/23
188.240.232.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:5d:f4:6b:bb:94:43:90:ce:20:1e:c8:35:5a:3f:57:d8:8c:
52:75:f9:ef:a4:13:d8:db:cb:02:cd:ed:0c:07:b9:71:42:7b:
00:ce:6a:d0:61:ec:02:c9:6d:19:3e:a5:04:f1:5a:68:94:c7:
41:ba:91:11:c6:25:12:57:3b:76:f0:2e:24:cf:2f:cf:5d:40:
d5:54:e2:d3:62:11:db:18:30:fc:77:9a:b6:b1:4a:f7:1f:e3:
04:3f:ad:03:ae:82:4e:c6:fa:88:31:3f:44:75:1c:4e:2c:eb:
86:01:4c:95:84:52:40:de:b0:c4:1b:78:74:16:a0:16:7f:df:
2a:44:84:4d:d3:2b:0d:87:20:9f:72:31:bf:64:15:73:d7:d4:
77:89:73:0b:3b:1b:bb:a2:16:87:ce:c0:e2:6a:d9:d0:15:ad:
dd:c3:ee:43:14:df:79:71:ef:74:35:2e:04:4e:fe:d3:f4:2d:
ec:19:0a:5c:1a:d1:5f:53:ef:6d:1f:c7:f9:bd:cc:61:c7:82:
0b:62:b9:71:8c:df:07:44:1d:4c:3e:5d:d8:f6:ce:1f:af:85:
0d:ba:f6:be:62:7c:c0:fa:d6:f3:15:d6:c7:58:28:6f:a0:c5:
0e:f9:9b:6a:ba:e5:5e:b0:78:48:0e:4c:8b:4a:98:9f:3b:aa:
86:07:76:26
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYcDIjmFoD5bKB25qCDY7JJZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzIxMDc0NjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODY3ZTcwZWE5ZDc1YjFhNDk0ZWExNzMzMzIxYmZjYzFmZTFhNmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFXYe/VOIuRh8SWrO9IZss4gUybx
e9gG733QytRkZ1teRzwv4q6TPc8oMD7SZ9cp18OXmrgBwaPHf8D4IOvhn2D4AgXB
dpogzTggB5A6pGQJmvvncKFEbRDUVcFaldGVo7NFTtYGyOH9gkFfdWqfhvJ5e298
CiB5kTnxo4QEf58Vwa7UBzFEGJM9WB4ubyfj7W2I7BNq8zdORaoUMbJb+PF22RGz
06jFFr6i72KB49zwAbKI3dwoUrC5Raqa3CX4OPYr914CF/UZtLQzcjCBUlojT1Ok
qdOeBGoGSqrs6QZa+mfEKeoYcrBgBTnE/ms4JW1KXyNxSfLxc0copDGWvQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFGhn5w6p11saSU6hczMhv8wf4aasMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvYUdmbkRxblhXeHBKVHFGek15R196Ql9ocHF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQAV/eUAwQA
WSU/AwQAW7zMAwQBXXP+AwQAXrBuAwQAuWdIAwQAue4KMAwDBAC58dEDBAK58dAw
DAMEALn/qQMEALn/qgMEAbzUhAMEALzw6DANBgkqhkiG9w0BAQsFAAOCAQEAKl30
a7uUQ5DOIB7INVo/V9iMUnX576QT2NvLAs3tDAe5cUJ7AM5q0GHsAsltGT6lBPFa
aJTHQbqREcYlElc7dvAuJM8vz11A1VTi02IR2xgw/HeatrFK9x/jBD+tA66CTsb6
iDE/RHUcTizrhgFMlYRSQN6wxBt4dBagFn/fKkSETdMrDYcgn3Ixv2QVc9fUd4lz
Czsbu6IWh87A4mrZ0BWt3cPuQxTfeXHvdDUuBE7+0/Qt7BkKXBrRX1PvbR/H+b3M
YceCC2K5cYzfB0QdTD5d2PbOH6+FDbr2vmJ8wPrW8xXWx1gob6DFDvmbarrlXrB4
SA5Mi0qYnzuqhgd2Jg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:02 2023 by rpki-client on console-fra.rpki-client.org