Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aaWos3pVebK_2LdPUhn8q9uAkoo.roa
File: aaWos3pVebK_2LdPUhn8q9uAkoo.roa (raw, json)
Hash identifier: i0ycOoghXmzqWpQC6jRpzmz8TmuAnU9EU+BUdmXL8Jw=
Subject key identifier: 69:A5:A8:B3:7A:55:79:B2:BF:D8:B7:4F:52:19:FC:AB:DB:80:92:8A
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018AFAEC829E5E08F11854653B940D7E128F
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aaWos3pVebK_2LdPUhn8q9uAkoo.roa
Signing time: Wed 04 Oct 2023 13:41:58 +0000
ROA not before: Wed 04 Oct 2023 13:41:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.112.64.0/22 maxlen: 24
188.241.242.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.159.0/24 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fa:ec:82:9e:5e:08:f1:18:54:65:3b:94:0d:7e:12:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 4 13:41:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69a5a8b37a5579b2bfd8b74f5219fcabdb80928a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a1:28:db:13:19:1b:cd:e0:d9:6b:fb:e0:f7:
fd:69:c3:1f:d7:0d:ed:1d:3a:ea:ed:75:da:a6:d5:
3c:af:d0:dd:16:51:41:83:55:38:8b:45:83:e6:45:
36:cf:5f:05:f4:aa:ff:eb:b2:13:33:69:c3:04:f1:
de:41:fd:cb:3a:83:7b:82:4b:f8:3a:31:9d:56:46:
83:fb:c0:43:fc:09:85:4c:a1:06:9c:74:30:30:ea:
d6:ae:3b:13:70:cd:18:26:5f:a2:d1:56:62:99:d1:
bd:5d:fa:28:69:ce:ec:26:2f:0b:01:e5:6a:63:2e:
ba:46:6c:55:f4:58:65:5c:9a:50:8a:82:08:b9:85:
7a:96:8f:7b:56:b7:0e:f9:c7:2b:05:74:5c:48:f8:
60:c0:b0:1a:cb:29:35:fb:22:55:dc:3d:7d:c1:80:
39:02:13:cd:2f:f3:2c:24:96:8f:0e:5d:7b:ed:1b:
a1:2d:13:ea:b5:3f:48:19:e1:7e:59:af:53:e0:a8:
e2:6b:8c:71:99:8e:e7:54:34:91:98:2e:0d:a8:13:
27:af:36:d7:61:23:6e:7e:96:af:c0:44:e8:ec:61:
c9:b6:dc:6f:a7:3b:4b:73:56:ad:6b:c4:57:6a:36:
d4:61:12:6e:9f:a7:b6:d7:9a:50:1d:74:39:f4:d6:
7d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:A5:A8:B3:7A:55:79:B2:BF:D8:B7:4F:52:19:FC:AB:DB:80:92:8A
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aaWos3pVebK_2LdPUhn8q9uAkoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
45.156.159.0/24
87.247.148.0/22
89.33.84.0/23
89.35.154.0/24
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.112.64.0/22
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.168.0/22
188.212.133.0/24
188.212.155.0/24
188.212.158.0/23
188.213.202.0/23
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.240.233.0/24
188.241.242.0/23
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
26:ba:24:1a:ad:71:db:0a:4e:a3:03:28:46:58:05:b9:b2:9b:
c5:12:cf:d5:84:6e:a2:2c:07:ce:a6:5f:00:aa:77:bf:51:20:
63:51:08:e4:1a:5e:94:37:cc:5c:7d:ff:ef:d1:14:f0:1b:31:
be:35:63:1a:e0:38:2e:70:df:c9:ae:1b:e3:e5:fe:d0:f7:ab:
43:b3:c7:b2:2e:8a:a2:52:e3:ad:64:9a:71:4a:0f:7e:5a:d6:
89:a1:a1:99:0b:2e:78:90:da:39:87:58:88:09:84:ab:d3:5d:
8e:74:cf:cd:e8:e3:37:3b:df:e7:f1:01:ac:e6:d9:8c:b2:47:
42:e6:f0:4a:c7:bb:68:e9:b2:04:3f:54:5f:16:e3:77:f5:84:
cf:12:e4:76:36:ff:9e:54:b8:91:81:39:fc:bf:29:bd:90:61:
c0:44:56:a3:39:c1:f5:f3:d8:22:74:19:1b:07:2b:5c:fe:b3:
f7:9e:d4:e6:29:29:5b:0f:5f:e3:a9:9f:c9:92:74:72:d9:ff:
8e:6c:9e:9a:47:7a:32:6c:8f:f4:1d:ac:e1:72:79:10:2a:45:
f8:62:f2:fe:26:76:cd:4a:3c:d6:6f:d3:31:ec:0c:56:b7:ea:
73:9b:f4:e3:15:83:72:e9:98:a7:29:ad:d3:e7:59:38:79:ed:
46:7c:c3:a4
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAYr67IKeXgjxGFRlO5QNfhKPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDA0MTM0MTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWE1YThiMzdhNTU3OWIyYmZkOGI3NGY1MjE5ZmNhYmRiODA5MjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKEo2xMZG83g2Wv74Pf9acMf1w3t
HTrq7XXaptU8r9DdFlFBg1U4i0WD5kU2z18F9Kr/67ITM2nDBPHeQf3LOoN7gkv4
OjGdVkaD+8BD/AmFTKEGnHQwMOrWrjsTcM0YJl+i0VZimdG9Xfooac7sJi8LAeVq
Yy66RmxV9FhlXJpQioIIuYV6lo97VrcO+ccrBXRcSPhgwLAayyk1+yJV3D19wYA5
AhPNL/MsJJaPDl177RuhLRPqtT9IGeF+Wa9T4Kjia4xxmY7nVDSRmC4NqBMnrzbX
YSNufpavwETo7GHJttxvpztLc1ata8RXajbUYRJun6e215pQHXQ59NZ9LQIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFGmlqLN6VXmyv9i3T1IZ/KvbgJKKMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvYWFXb3MzcFZlYktfMkxkUFVobjhxOXVBa29vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBqQQCAAEwgaIDBAIt
krgDBAAtnJ0DBAAtnJ8DBAJX95QDBAFZIVQDBABZI5oDBABZJT8DBAJbvMwDBAFd
c/4DBAK5cEADBAG5h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAK5/6gDBAC8
1IUDBAC81JsDBAG81J4DBAG81coDBAC81tEDBAG88OADBAC88OMDBAC88OkDBAG8
8fIDBAHBF4ADBALV6FwwDQYJKoZIhvcNAQELBQADggEBACa6JBqtcdsKTqMDKEZY
Bbmym8USz9WEbqIsB86mXwCqd79RIGNRCOQaXpQ3zFx9/+/RFPAbMb41YxrgOC5w
38muG+Pl/tD3q0Ozx7IuiqJS461kmnFKD35a1omhoZkLLniQ2jmHWIgJhKvTXY50
z83o4zc73+fxAazm2YyyR0Lm8ErHu2jpsgQ/VF8W43f1hM8S5HY2/55UuJGBOfy/
Kb2QYcBEVqM5wfXz2CJ0GRsHK1z+s/ee1OYpKVsPX+Opn8mSdHLZ/45snppHejJs
j/QdrOFyeRAqRfhi8v4mds1KPNZv0zHsDFa36nOb9OMVg3LpmKcprdPnWTh57UZ8
w6Q=
-----END CERTIFICATE-----
Generated at Tue Oct 10 10:55:24 2023 by rpki-client on console-ams.rpki-client.org