Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aforKToHQsovOAd9h7R2Rcf6fdI.roa
File: aforKToHQsovOAd9h7R2Rcf6fdI.roa (raw, json)
Hash identifier: bHqNTDOvD+zl9VFhxcdxAHGMsGYgoycAWPQsPzYFNYw=
Subject key identifier: 69:FA:2B:29:3A:07:42:CA:2F:38:07:7D:87:B4:76:45:C7:FA:7D:D2
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B81F7175720D968E78F617BE6D88EB0A5
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aforKToHQsovOAd9h7R2Rcf6fdI.roa
Signing time: Mon 30 Oct 2023 19:02:16 +0000
ROA not before: Mon 30 Oct 2023 19:02:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.254.0/23 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:81:f7:17:57:20:d9:68:e7:8f:61:7b:e6:d8:8e:b0:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 30 19:02:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69fa2b293a0742ca2f38077d87b47645c7fa7dd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:70:d1:9b:15:55:d3:7e:1d:e1:d8:b4:0a:e4:
e9:73:45:b3:4c:07:fa:a1:32:45:38:37:2f:fc:37:
55:03:bd:08:b4:6b:92:58:5f:cd:5f:be:7d:9a:b6:
87:bf:f5:6d:65:57:bc:65:61:02:c7:a3:e1:92:58:
43:e8:0b:ed:c8:0b:00:f1:31:eb:e0:4f:ba:64:48:
c2:de:4b:ad:df:7a:72:f3:cd:3a:8f:50:a1:21:0d:
b4:5b:a6:36:d3:20:f9:15:f7:47:9d:2f:fc:99:72:
76:b0:e4:46:04:77:44:30:fe:e4:e7:8a:3e:42:1d:
d6:53:49:fe:53:bc:23:4a:a3:e4:2e:f4:0a:af:36:
f7:bd:a0:d8:1d:c9:63:80:c1:db:ba:e9:3c:be:a3:
ed:e7:dd:88:df:27:ce:2d:66:92:be:94:af:2c:8e:
64:78:62:68:ea:fa:06:a3:28:f5:e4:4c:af:ec:25:
ae:cf:df:63:c4:6a:b0:a5:d0:e2:0d:04:4c:20:67:
57:db:4f:f9:1b:27:e9:9e:3e:6d:b3:c0:27:3f:ea:
34:94:b4:8f:b6:24:04:7d:df:a5:b5:fa:84:85:19:
2a:d5:4a:ca:64:c2:d5:79:d2:58:e6:3c:f9:5f:4d:
30:2b:ce:2e:1f:09:26:57:d9:32:73:05:31:97:d2:
19:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:FA:2B:29:3A:07:42:CA:2F:38:07:7D:87:B4:76:45:C7:FA:7D:D2
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aforKToHQsovOAd9h7R2Rcf6fdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
87.247.148.0/22
89.33.85.0/24
89.35.154.0/24
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.168.0/22
188.212.132.0/23
188.212.159.0/24
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
71:6b:43:be:4a:75:ff:91:49:24:43:4f:55:6c:aa:ea:d3:b3:
c0:60:78:29:94:92:08:bb:78:1d:99:76:1a:b9:08:0a:19:1d:
cd:75:5c:a5:44:00:05:a7:37:ba:d0:13:56:2d:65:8d:cf:09:
af:07:ba:ac:1b:af:32:78:31:bb:41:f0:81:c3:5c:ae:ff:9e:
c0:3b:b9:05:93:0c:90:59:50:fe:9c:d5:14:a2:45:9a:0b:88:
e2:e9:89:03:a3:f0:0d:b3:28:df:e2:1b:6f:16:86:86:ad:73:
52:f2:7d:89:52:9c:7d:b0:5f:5f:ca:23:a1:f5:26:4a:f9:83:
d6:6f:ea:46:d5:cc:37:e8:4c:52:97:7c:e3:f7:71:0a:1c:55:
9e:b7:c5:33:f8:2d:b1:39:1c:f2:f3:f9:e5:2f:32:60:03:ed:
5a:9a:90:e7:d9:1d:e0:a7:d6:c4:82:cf:50:06:69:ff:8a:65:
10:c7:77:74:ce:ea:bb:58:e7:60:56:cf:a9:7b:80:16:c5:29:
9b:1b:5e:e8:4a:37:7a:c8:32:05:84:44:c3:51:42:6e:79:2a:
d3:56:54:f3:76:b9:bd:01:23:98:c5:49:df:91:59:81:e2:e2:
2a:cc:68:b7:f6:3b:4f:d1:88:5b:0e:fa:ca:b2:1d:0a:a3:99:
1e:cb:e6:a8
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAYuB9xdXINlo549he+bYjrClMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDMwMTkwMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWZhMmIyOTNhMDc0MmNhMmYzODA3N2Q4N2I0NzY0NWM3ZmE3ZGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3DRmxVV034d4di0CuTpc0WzTAf6
oTJFODcv/DdVA70ItGuSWF/NX759mraHv/VtZVe8ZWECx6PhklhD6AvtyAsA8THr
4E+6ZEjC3kut33py8806j1ChIQ20W6Y20yD5FfdHnS/8mXJ2sORGBHdEMP7k54o+
Qh3WU0n+U7wjSqPkLvQKrzb3vaDYHcljgMHbuuk8vqPt592I3yfOLWaSvpSvLI5k
eGJo6voGoyj15Eyv7CWuz99jxGqwpdDiDQRMIGdX20/5Gyfpnj5ts8AnP+o0lLSP
tiQEfd+ltfqEhRkq1UrKZMLVedJY5jz5X00wK84uHwkmV9kycwUxl9IZWwIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFGn6Kyk6B0LKLzgHfYe0dkXH+n3SMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvYWZvcktUb0hRc292T0FkOWg3UjJSY2Y2ZmRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAIt
krgDBAAtnJ0DBAJX95QDBABZIVUDBABZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAG5
h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAK5/6gDBAG81IQDBAC81J8DBAC8
1tEDBAG88OADBAC88OMDBAC88fMDBAHBF4ADBALV6FwwDQYJKoZIhvcNAQELBQAD
ggEBAHFrQ75Kdf+RSSRDT1VsqurTs8BgeCmUkgi7eB2Zdhq5CAoZHc11XKVEAAWn
N7rQE1YtZY3PCa8HuqwbrzJ4MbtB8IHDXK7/nsA7uQWTDJBZUP6c1RSiRZoLiOLp
iQOj8A2zKN/iG28Whoatc1LyfYlSnH2wX1/KI6H1Jkr5g9Zv6kbVzDfoTFKXfOP3
cQocVZ63xTP4LbE5HPLz+eUvMmAD7VqakOfZHeCn1sSCz1AGaf+KZRDHd3TO6rtY
52BWz6l7gBbFKZsbXuhKN3rIMgWERMNRQm55KtNWVPN2ub0BI5jFSd+RWYHi4irM
aLf2O0/RiFsO+sqyHQqjmR7L5qg=
-----END CERTIFICATE-----
Generated at Wed Nov 1 08:43:22 2023 by rpki-client on console-fra.rpki-client.org