Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aZzMULxCqEWMQz4rdfQgp5dn5IQ.roa
File: aZzMULxCqEWMQz4rdfQgp5dn5IQ.roa (raw, json)
Hash identifier: cIAY65yg0m9eZrFj0ExxbqRSqWaIS9bIBw2nSLG94lE=
Subject key identifier: 69:9C:CC:50:BC:42:A8:45:8C:43:3E:2B:75:F4:20:A7:97:67:E4:84
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0188A3B81DB2C1800E6F83253B2AE5B1A7D9
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aZzMULxCqEWMQz4rdfQgp5dn5IQ.roa
Signing time: Sat 10 Jun 2023 05:12:12 +0000
ROA not before: Sat 10 Jun 2023 05:12:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 89.35.154.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
188.241.182.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
185.135.141.0/24 maxlen: 24
45.156.159.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a3:b8:1d:b2:c1:80:0e:6f:83:25:3b:2a:e5:b1:a7:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jun 10 05:12:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=699ccc50bc42a8458c433e2b75f420a79767e484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ea:8f:bb:af:ec:a7:d5:ea:78:6c:bd:88:9a:
a1:e0:87:01:94:c3:50:60:53:f1:b4:39:2a:7c:d9:
40:36:40:e5:63:08:2d:0b:c9:5d:05:53:2a:1e:c6:
7e:61:19:62:b5:79:ef:34:80:b1:c9:d9:f3:4b:f5:
93:d8:72:4e:3b:7e:a5:5b:c5:f7:cd:a0:a1:15:c2:
a4:0e:1a:51:cf:74:e5:c3:0b:03:44:d9:5b:34:64:
10:c7:51:5b:11:8e:60:f3:9e:b8:c2:f9:4f:d3:51:
2c:a2:7c:fe:61:52:8f:d9:d0:c1:4e:32:65:e3:ce:
1a:90:5b:5c:4f:65:6e:84:d5:7b:3b:6c:f3:63:b7:
45:f7:8f:95:b4:4d:c4:ce:ba:b9:19:65:0f:16:71:
a2:63:fd:c6:22:b9:b2:29:56:9f:35:bf:88:67:e5:
84:8d:5b:5b:f4:b9:ae:c8:14:50:fd:dd:96:28:4a:
ef:8b:bb:4c:4f:6a:43:75:5a:24:a5:df:00:aa:40:
cb:81:7f:4c:a9:f0:d0:96:c6:ef:75:c0:28:ed:1a:
9a:7b:e4:2f:46:0a:db:b7:6b:f1:f0:97:9d:40:44:
6c:f1:2e:26:57:7e:3f:c8:b9:f6:4a:01:f6:e8:5d:
3f:36:fd:c1:92:47:75:72:76:11:72:d0:43:a8:ed:
42:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:9C:CC:50:BC:42:A8:45:8C:43:3E:2B:75:F4:20:A7:97:67:E4:84
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aZzMULxCqEWMQz4rdfQgp5dn5IQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.159.0/24
87.247.149.0/24
89.35.154.0/24
89.37.62.0/23
91.188.204.0/24
185.135.141.0/24
188.212.155.0/24
188.240.233.0/24
188.241.110.0/24
188.241.182.0/24
188.241.243.0/24
213.232.94.0/23
Signature Algorithm: sha256WithRSAEncryption
40:a3:d0:a4:33:77:da:f8:5c:cc:39:de:ac:8f:a0:e1:ad:7e:
3c:e2:e4:86:31:20:3a:4b:d7:c6:49:4b:9e:c1:e8:21:26:00:
1b:6b:2f:ff:f7:57:57:82:60:29:c5:b0:68:b3:cb:c7:8d:d6:
1d:f5:c3:3f:f3:ef:0a:0a:a3:6e:8e:00:65:ff:e4:1f:e7:22:
f1:9c:4f:f6:6b:2d:23:78:21:6b:b8:18:43:38:77:13:19:24:
4b:e4:f0:8b:c0:94:44:e2:cc:4c:61:d6:41:c9:ef:c7:37:3e:
30:b8:b7:05:54:40:72:84:6d:b0:7a:b9:f2:34:e5:bd:eb:7c:
bb:7a:43:8c:6a:eb:ee:b7:74:93:a7:d6:84:33:a1:8b:84:d4:
45:5c:9c:b8:32:cf:84:2a:ae:67:4b:7a:e4:e4:57:60:45:5f:
08:c0:43:fe:df:75:6c:a2:de:ab:38:36:74:f5:9f:28:12:23:
3d:d8:3b:61:7e:7f:e3:47:66:ba:7e:6d:25:ff:7f:da:9c:52:
e6:d4:13:3b:b7:df:6d:b0:fe:ec:24:20:73:15:5f:56:8e:e5:
2b:b7:48:cb:ef:c5:ab:8f:dd:b9:75:23:1f:97:cb:b9:97:f6:
5c:13:fe:77:da:cb:e4:fb:41:4b:84:a7:39:e9:c2:7c:4a:2a:
5f:02:f8:a6
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYijuB2ywYAOb4MlOyrlsafZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNjEwMDUxMjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTljY2M1MGJjNDJhODQ1OGM0MzNlMmI3NWY0MjBhNzk3NjdlNDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOqPu6/sp9XqeGy9iJqh4IcBlMNQ
YFPxtDkqfNlANkDlYwgtC8ldBVMqHsZ+YRlitXnvNICxydnzS/WT2HJOO36lW8X3
zaChFcKkDhpRz3TlwwsDRNlbNGQQx1FbEY5g8564wvlP01Esonz+YVKP2dDBTjJl
484akFtcT2VuhNV7O2zzY7dF94+VtE3Ezrq5GWUPFnGiY/3GIrmyKVafNb+IZ+WE
jVtb9LmuyBRQ/d2WKErvi7tMT2pDdVokpd8AqkDLgX9MqfDQlsbvdcAo7Rqae+Qv
Rgrbt2vx8JedQERs8S4mV34/yLn2SgH26F0/Nv3Bkkd1cnYRctBDqO1CWwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGmczFC8QqhFjEM+K3X0IKeXZ+SEMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvYVp6TVVMeENxRVdNUXo0cmRmUWdwNWRuNUlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALZyfAwQA
V/eVAwQAWSOaAwQBWSU+AwQAW7zMAwQAuYeNAwQAvNSbAwQAvPDpAwQAvPFuAwQA
vPG2AwQAvPHzAwQB1eheMA0GCSqGSIb3DQEBCwUAA4IBAQBAo9CkM3fa+FzMOd6s
j6DhrX484uSGMSA6S9fGSUueweghJgAbay//91dXgmApxbBos8vHjdYd9cM/8+8K
CqNujgBl/+Qf5yLxnE/2ay0jeCFruBhDOHcTGSRL5PCLwJRE4sxMYdZBye/HNz4w
uLcFVEByhG2wernyNOW963y7ekOMauvut3STp9aEM6GLhNRFXJy4Ms+EKq5nS3rk
5FdgRV8IwEP+33Vsot6rODZ09Z8oEiM92Dthfn/jR2a6fm0l/3/anFLm1BM7t99t
sP7sJCBzFV9WjuUrt0jL78Wrj925dSMfl8u5l/ZcE/532svk+0FLhKc56cJ8Sipf
Avim
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:02 2023 by rpki-client on console-fra.rpki-client.org