Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ab3UzWqHqcSvCVI3jbWKnz17kqs.roa
File: ab3UzWqHqcSvCVI3jbWKnz17kqs.roa (raw, json)
Hash identifier: 79ZHoGB+6C9+lylbyE2VIGF+hJtqmrYpPFplU5YYuBg=
Subject key identifier: 69:BD:D4:CD:6A:87:A9:C4:AF:09:52:37:8D:B5:8A:9F:3D:7B:92:AB
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018677B8FFC724513221CF221AA92EFD73F0
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ab3UzWqHqcSvCVI3jbWKnz17kqs.roa
Signing time: Wed 22 Feb 2023 06:04:18 +0000
ROA not before: Wed 22 Feb 2023 06:04:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206092
IP address blocks: 203.26.81.0/24 maxlen: 24
185.192.71.0/24 maxlen: 24
188.212.135.0/24 maxlen: 24
89.38.70.0/24 maxlen: 24
45.67.96.0/24 maxlen: 24
193.19.109.0/24 maxlen: 24
45.135.186.0/24 maxlen: 24
203.159.81.0/24 maxlen: 24
45.135.187.0/24 maxlen: 24
45.130.83.0/24 maxlen: 24
45.130.81.0/24 maxlen: 24
45.130.80.0/24 maxlen: 24
89.47.15.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:77:b8:ff:c7:24:51:32:21:cf:22:1a:a9:2e:fd:73:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 22 06:04:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69bdd4cd6a87a9c4af0952378db58a9f3d7b92ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:3f:a9:9e:d9:14:bb:36:33:a9:b7:e0:2a:f5:
13:af:31:31:fa:c0:56:c3:a0:26:6d:76:53:54:6d:
aa:e9:b6:e2:78:37:5e:85:89:21:1d:97:da:27:bd:
56:cf:d3:21:c0:03:00:38:da:23:b5:bd:21:00:87:
8f:d1:22:70:78:29:67:77:8c:8c:06:a7:b0:ba:d0:
43:f5:8c:89:14:70:2a:63:12:ec:83:09:8d:fc:86:
72:f8:3f:fe:6a:57:89:41:c9:92:00:64:68:5d:69:
96:22:fc:9f:2a:cd:20:0b:9e:a2:fa:fe:1f:20:da:
42:e6:20:9a:17:27:00:76:16:cf:ca:87:e2:59:1e:
87:41:80:ed:ac:06:74:be:77:3b:86:78:53:38:1e:
82:2a:6a:5f:a5:af:75:e4:67:bb:4e:58:28:2d:f1:
c3:57:3d:60:8a:99:f9:ff:a1:4c:17:60:d2:6c:8e:
d5:7e:10:72:04:af:fc:12:2a:bb:8f:cc:e9:79:18:
44:28:85:67:1b:39:38:5e:dd:95:a9:a3:2c:03:97:
a2:a2:95:f9:56:7d:d0:5e:53:6c:b4:27:8e:32:4d:
de:b0:97:27:5c:ff:00:1b:e3:d7:4a:81:3f:1e:8d:
a4:09:d6:de:e2:3f:64:9f:b0:db:62:c4:97:8c:b6:
c0:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:BD:D4:CD:6A:87:A9:C4:AF:09:52:37:8D:B5:8A:9F:3D:7B:92:AB
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ab3UzWqHqcSvCVI3jbWKnz17kqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.96.0/24
45.130.80.0/23
45.130.83.0/24
45.135.186.0/23
89.38.70.0/24
89.47.15.0/24
185.192.71.0/24
188.212.135.0/24
193.19.109.0/24
203.26.81.0/24
203.159.81.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:fa:91:9c:f7:7a:a1:c7:74:2e:e2:fa:7b:cb:49:ce:c6:c7:
60:a2:e3:ac:22:8c:bf:af:90:d0:70:59:da:62:a5:5f:49:7d:
df:65:e6:3c:a2:cd:9c:43:78:2d:72:0e:76:c0:74:bd:4e:a6:
54:ba:cc:8a:32:f1:f1:3c:51:fc:42:06:89:94:9e:ac:44:3b:
2f:f3:37:84:33:c1:23:7a:09:19:c8:cb:a5:3b:3b:1a:0e:d5:
37:f6:4f:83:d4:81:c0:9f:b6:2b:f4:a3:7e:39:d6:e3:7e:3e:
48:07:26:99:31:a4:c6:c0:51:97:80:3e:34:80:77:fc:97:7e:
ca:74:2b:63:15:20:a3:05:16:03:40:ec:b8:5d:57:02:14:ee:
a8:34:3d:57:a3:b9:79:58:87:ac:46:31:a0:7e:e5:62:02:34:
c9:1f:ed:ab:af:4b:ed:c5:ac:18:8c:a3:db:94:7f:bb:4f:17:
4f:b8:8b:17:d7:00:0d:3b:fb:c0:14:95:d5:a5:c2:be:d5:4a:
2d:68:73:79:e9:a4:02:3a:fe:45:96:69:77:6a:38:1b:9f:9b:
e6:3a:6a:e8:13:4d:ef:f5:f8:d9:aa:35:d7:0a:79:3a:49:86:
bf:8b:37:8b:15:b8:4b:3b:6f:44:2d:b5:0f:b3:cb:6e:8f:ad:
f1:e3:41:23
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYZ3uP/HJFEyIc8iGqku/XPwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjIyMDYwNDE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWJkZDRjZDZhODdhOWM0YWYwOTUyMzc4ZGI1OGE5ZjNkN2I5MmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlT+pntkUuzYzqbfgKvUTrzEx+sBW
w6AmbXZTVG2q6bbieDdehYkhHZfaJ71Wz9MhwAMAONojtb0hAIeP0SJweClnd4yM
BqewutBD9YyJFHAqYxLsgwmN/IZy+D/+aleJQcmSAGRoXWmWIvyfKs0gC56i+v4f
INpC5iCaFycAdhbPyofiWR6HQYDtrAZ0vnc7hnhTOB6CKmpfpa915Ge7TlgoLfHD
Vz1gipn5/6FMF2DSbI7VfhByBK/8Eiq7j8zpeRhEKIVnGzk4Xt2VqaMsA5eiopX5
Vn3QXlNstCeOMk3esJcnXP8AG+PXSoE/Ho2kCdbe4j9kn7DbYsSXjLbAxwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFGm91M1qh6nErwlSN421ip89e5KrMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvYWIzVXpXcUhxY1N2Q1ZJM2piV0tuejE3a3FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALUNgAwQB
LYJQAwQALYJTAwQBLYe6AwQAWSZGAwQAWS8PAwQAucBHAwQAvNSHAwQAwRNtAwQA
yxpRAwQAy59RMA0GCSqGSIb3DQEBCwUAA4IBAQCP+pGc93qhx3Qu4vp7y0nOxsdg
ouOsIoy/r5DQcFnaYqVfSX3fZeY8os2cQ3gtcg52wHS9TqZUusyKMvHxPFH8QgaJ
lJ6sRDsv8zeEM8EjegkZyMulOzsaDtU39k+D1IHAn7Yr9KN+Odbjfj5IByaZMaTG
wFGXgD40gHf8l37KdCtjFSCjBRYDQOy4XVcCFO6oND1Xo7l5WIesRjGgfuViAjTJ
H+2rr0vtxawYjKPblH+7TxdPuIsX1wANO/vAFJXVpcK+1UotaHN56aQCOv5Flml3
ajgbn5vmOmroE03v9fjZqjXXCnk6SYa/izeLFbhLO29ELbUPs8tuj63x40Ej
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:55 2023 by rpki-client on console-ams.rpki-client.org