Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/bUtVLCEVwkniwD3cLizM5FdtUwQ.roa
File: bUtVLCEVwkniwD3cLizM5FdtUwQ.roa (raw, json)
Hash identifier: KOS8Li51Hn4eN8sN3q3sCxJSLMun6L7nyF9Xl68rEpc=
Subject key identifier: 6D:4B:55:2C:21:15:C2:49:E2:C0:3D:DC:2E:2C:CC:E4:57:6D:53:04
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01892A50E0D9CD2AC16AD145E78F4B79654F
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/bUtVLCEVwkniwD3cLizM5FdtUwQ.roa
Signing time: Thu 06 Jul 2023 08:28:10 +0000
ROA not before: Thu 06 Jul 2023 08:28:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.255.39.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
188.241.214.0/24 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
45.156.159.0/24 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
89.35.155.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.230.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.103.72.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:2a:50:e0:d9:cd:2a:c1:6a:d1:45:e7:8f:4b:79:65:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 6 08:28:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d4b552c2115c249e2c03ddc2e2ccce4576d5304
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:02:da:59:41:3f:54:cf:04:71:c3:c2:9a:2a:
33:e5:a7:e6:a9:34:26:74:d2:32:af:85:5e:ee:c3:
6e:de:5d:88:85:5d:b8:ad:6a:b7:32:48:19:06:98:
bd:fd:5b:ea:bc:9a:bc:9d:ea:96:bd:66:19:8a:24:
1c:6c:95:6c:90:f3:aa:c8:47:a5:72:53:67:53:2f:
b1:c0:66:27:0a:33:07:7a:8b:36:4d:e8:89:08:20:
b5:73:10:c4:a0:65:9d:bc:87:d1:01:d4:61:b0:38:
d8:c8:26:02:4c:20:54:5f:94:ed:fe:0c:d1:14:ef:
e4:10:37:51:08:24:62:9a:7e:e5:e8:8f:81:8f:db:
4a:db:72:99:17:e7:94:4c:30:a3:55:04:2a:ff:a1:
60:e8:a6:9e:31:1b:33:e9:43:f2:9d:26:41:7f:53:
03:5a:23:45:bf:89:b5:38:e3:e4:f4:e0:9c:c5:9b:
70:a8:ca:4e:d4:37:5b:55:8f:5f:fe:c8:06:e3:f7:
70:31:b9:f4:f7:33:a3:f7:64:48:16:71:2e:86:db:
77:16:1e:06:56:cd:27:c7:fb:1e:e9:fb:24:9a:15:
15:d3:8f:87:49:53:15:18:9c:e0:f7:4e:5c:61:6d:
6c:c9:f0:c1:70:8a:b5:fc:c8:e2:52:3e:e4:dd:d1:
89:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:4B:55:2C:21:15:C2:49:E2:C0:3D:DC:2E:2C:CC:E4:57:6D:53:04
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/bUtVLCEVwkniwD3cLizM5FdtUwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.157.0/24
45.156.159.0/24
87.247.148.0/22
89.33.84.0/23
89.35.154.0/23
89.37.63.0/24
91.188.204.0/24
91.188.206.0/23
93.115.254.0/23
185.103.72.0/24
185.135.140.0/24
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.169.0-185.255.171.255
188.212.132.0/23
188.212.155.0/24
188.212.158.0/24
188.213.203.0/24
188.240.224.0/23
188.240.227.0/24
188.240.230.0/24
188.240.232.0/23
188.241.110.0/24
188.241.214.0/24
193.23.128.0/23
213.232.92.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:c3:0b:a3:7d:08:15:58:a5:86:19:bc:c4:d4:e2:73:36:b3:
c9:dc:33:1a:38:f6:9b:30:07:b1:c1:ff:c0:ce:2f:bb:b1:51:
e2:55:eb:ca:6e:df:e2:82:e9:2f:4c:6f:83:f9:87:00:1e:fa:
37:96:ad:5b:36:bc:7a:c6:72:49:23:bb:59:fe:96:73:08:a3:
7f:46:8a:56:3b:26:59:47:2f:65:b2:d7:4d:3a:a3:78:9d:6d:
ce:4a:c9:1c:07:45:d6:09:28:72:7b:35:64:4b:5f:c8:cf:bd:
15:0c:1c:61:d0:33:da:23:5b:6a:37:2d:d8:07:93:fa:17:32:
97:81:00:ea:24:40:54:e0:b6:e2:ad:f0:f4:14:d5:dd:86:16:
2c:19:11:93:93:02:11:9d:65:54:2c:9b:2b:93:ae:83:4f:76:
5e:ee:09:47:87:77:d5:6d:0a:49:d5:ce:ca:8d:d0:83:d7:cf:
a7:38:41:cd:01:38:13:e9:79:95:a8:0c:22:49:7f:51:4d:2f:
46:a9:7a:44:10:ef:77:e3:e8:be:e1:ba:8a:b1:26:da:5b:f8:
21:c6:be:a8:24:0c:52:49:5a:ee:8c:41:34:92:36:6a:b2:9e:
20:42:c1:d0:d9:25:fa:15:a4:22:be:f8:6a:64:ab:af:e8:e5:
cb:10:c3:4e
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAYkqUODZzSrBatFF549LeWVPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzA2MDgyODEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDRiNTUyYzIxMTVjMjQ5ZTJjMDNkZGMyZTJjY2NlNDU3NmQ1MzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQLaWUE/VM8EccPCmioz5afmqTQm
dNIyr4Ve7sNu3l2IhV24rWq3MkgZBpi9/VvqvJq8neqWvWYZiiQcbJVskPOqyEel
clNnUy+xwGYnCjMHeos2TeiJCCC1cxDEoGWdvIfRAdRhsDjYyCYCTCBUX5Tt/gzR
FO/kEDdRCCRimn7l6I+Bj9tK23KZF+eUTDCjVQQq/6Fg6KaeMRsz6UPynSZBf1MD
WiNFv4m1OOPk9OCcxZtwqMpO1DdbVY9f/sgG4/dwMbn09zOj92RIFnEuhtt3Fh4G
Vs0nx/se6fskmhUV04+HSVMVGJzg905cYW1syfDBcIq1/MjiUj7k3dGJ+QIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFG1LVSwhFcJJ4sA93C4szORXbVMEMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvYlV0VkxDRVZ3a25pd0QzY0xpek01RmR0VXdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAAt
nJ0DBAAtnJ8DBAJX95QDBAFZIVQDBAFZI5oDBABZJT8DBABbvMwDBAFbvM4DBAFd
c/4DBAC5Z0gDBAC5h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycwDAMEALn/qQME
Arn/qAMEAbzUhAMEALzUmwMEALzUngMEALzVywMEAbzw4AMEALzw4wMEALzw5gME
Abzw6AMEALzxbgMEALzx1gMEAcEXgAMEAdXoXDANBgkqhkiG9w0BAQsFAAOCAQEA
D8MLo30IFVilhhm8xNTiczazydwzGjj2mzAHscH/wM4vu7FR4lXrym7f4oLpL0xv
g/mHAB76N5atWza8esZySSO7Wf6Wcwijf0aKVjsmWUcvZbLXTTqjeJ1tzkrJHAdF
1gkocns1ZEtfyM+9FQwcYdAz2iNbajct2AeT+hcyl4EA6iRAVOC24q3w9BTV3YYW
LBkRk5MCEZ1lVCybK5Oug092Xu4JR4d31W0KSdXOyo3Qg9fPpzhBzQE4E+l5lagM
Ikl/UU0vRql6RBDvd+PovuG6irEm2lv4Ica+qCQMUkla7oxBNJI2arKeIELB0Nkl
+hWkIr74amSrr+jlyxDDTg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:55 2023 by rpki-client on console-ams.rpki-client.org