Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/c43NOG4bwIP9ZDW7izj39zvc8fA.roa
File: c43NOG4bwIP9ZDW7izj39zvc8fA.roa (raw, json)
Hash identifier: LEsbjIdVg18OsvkOw38rj/IDTgrYF0S7Kb/8q4gHSK4=
Subject key identifier: 73:8D:CD:38:6E:1B:C0:83:FD:64:35:BB:8B:38:F7:F7:3B:DC:F1:F0
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01892B11597C71EA0079D0D8E7DAE041D94D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/c43NOG4bwIP9ZDW7izj39zvc8fA.roa
Signing time: Thu 06 Jul 2023 11:58:24 +0000
ROA not before: Thu 06 Jul 2023 11:58:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7393
IP address blocks: 185.161.123.0/24 maxlen: 24
89.38.136.0/24 maxlen: 24
91.209.12.0/24 maxlen: 24
78.142.243.0/24 maxlen: 24
45.86.37.0/24 maxlen: 24
188.241.248.0/24 maxlen: 24
188.241.159.0/24 maxlen: 24
193.221.210.0/24 maxlen: 24
185.184.216.0/24 maxlen: 24
62.197.128.0/24 maxlen: 24
5.180.178.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:2b:11:59:7c:71:ea:00:79:d0:d8:e7:da:e0:41:d9:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 6 11:58:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=738dcd386e1bc083fd6435bb8b38f7f73bdcf1f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:30:ac:b8:c7:ad:ad:30:9e:db:e1:a3:4f:c7:
57:43:f9:cd:03:15:11:a7:6c:ba:74:19:7c:81:b7:
3b:cc:aa:2a:97:d6:80:4e:3a:64:bb:17:42:9c:b8:
91:ea:fb:31:4e:d8:87:59:8d:51:22:23:48:1c:7c:
ce:40:5e:7b:5a:7b:93:39:38:17:14:07:cc:b3:91:
66:ab:7d:f1:ce:8e:fa:59:bf:ae:04:e0:8d:49:fa:
ea:98:e2:25:75:88:ea:ac:20:d9:06:57:da:f3:b3:
6b:a1:f9:9a:3a:4e:d7:72:38:af:10:79:8f:ac:a7:
e6:c2:e8:dc:6a:88:fa:be:2b:87:24:b9:11:aa:a9:
29:f1:29:e3:94:80:db:27:7c:25:04:d4:a5:00:74:
59:f6:0c:dd:f1:e1:56:3e:1a:1c:23:dd:e8:72:67:
62:63:80:5c:ed:ef:d2:9e:ee:92:10:9a:14:dc:de:
b9:30:1e:18:b5:eb:92:c9:7d:e9:8e:f6:6b:85:5c:
06:81:4e:0a:17:7d:be:b6:6d:2e:14:cc:f0:77:8b:
8c:c8:81:8f:c1:50:7d:38:d9:af:1c:c3:50:37:21:
d3:a8:97:02:33:f2:b0:3b:c0:eb:2d:27:e5:d0:60:
63:ad:09:fa:90:80:b6:f9:43:51:12:a2:2a:e3:f5:
c3:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:8D:CD:38:6E:1B:C0:83:FD:64:35:BB:8B:38:F7:F7:3B:DC:F1:F0
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/c43NOG4bwIP9ZDW7izj39zvc8fA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.178.0/24
45.86.37.0/24
62.197.128.0/24
78.142.243.0/24
89.38.136.0/24
91.209.12.0/24
185.161.123.0/24
185.184.216.0/24
188.241.159.0/24
188.241.248.0/24
193.221.210.0/24
Signature Algorithm: sha256WithRSAEncryption
00:98:f7:9e:ef:6d:c1:2e:2d:07:4e:a4:6a:7c:af:7a:1f:e0:
ce:be:6b:a5:ec:5c:a8:55:aa:95:5b:96:e9:d1:58:f9:10:63:
45:7c:2b:12:61:59:01:42:57:eb:9a:b4:d6:fb:69:30:b8:86:
75:39:8a:1f:f7:d3:31:af:66:02:86:f5:d2:89:2d:6b:7f:e2:
aa:9e:89:34:55:b6:bf:3a:3a:3a:31:6a:cc:5c:e8:fe:a0:36:
69:15:22:8c:94:98:ee:f5:e2:73:15:30:1a:36:ad:ad:1f:7d:
b3:52:61:61:3b:dd:1b:58:8c:c2:a1:be:78:e8:44:8a:0f:d1:
2d:21:1d:57:b3:c8:b5:88:7c:89:6c:7a:1d:21:4f:39:55:1c:
6c:62:01:83:53:fe:20:d2:88:40:2e:46:71:fa:2e:c9:cc:26:
47:51:96:01:70:25:96:38:58:cd:ca:53:06:8f:ce:af:63:22:
1b:39:64:14:1c:68:c3:e1:b9:8e:47:c8:78:33:6a:58:9a:c6:
e2:27:6f:e8:61:da:c9:16:b4:10:39:1f:04:2b:6e:3b:33:e8:
ea:07:30:e9:70:e5:08:b4:b4:f8:93:18:57:94:00:76:01:38:
fe:19:a9:41:2c:aa:6c:7d:04:dc:b5:e0:b0:3e:ce:07:b6:2c:
9d:a0:94:dd
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYkrEVl8ceoAedDY59rgQdlNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzA2MTE1ODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzhkY2QzODZlMWJjMDgzZmQ2NDM1YmI4YjM4ZjdmNzNiZGNmMWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTCsuMetrTCe2+GjT8dXQ/nNAxUR
p2y6dBl8gbc7zKoql9aATjpkuxdCnLiR6vsxTtiHWY1RIiNIHHzOQF57WnuTOTgX
FAfMs5Fmq33xzo76Wb+uBOCNSfrqmOIldYjqrCDZBlfa87NrofmaOk7XcjivEHmP
rKfmwujcaoj6viuHJLkRqqkp8SnjlIDbJ3wlBNSlAHRZ9gzd8eFWPhocI93ocmdi
Y4Bc7e/Snu6SEJoU3N65MB4YteuSyX3pjvZrhVwGgU4KF32+tm0uFMzwd4uMyIGP
wVB9ONmvHMNQNyHTqJcCM/KwO8DrLSfl0GBjrQn6kIC2+UNREqIq4/XDrQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFHONzThuG8CD/WQ1u4s49/c73PHwMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvYzQzTk9HNGJ3SVA5WkRXN2l6ajM5enZjOGZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQABbSyAwQA
LVYlAwQAPsWAAwQATo7zAwQAWSaIAwQAW9EMAwQAuaF7AwQAubjYAwQAvPGfAwQA
vPH4AwQAwd3SMA0GCSqGSIb3DQEBCwUAA4IBAQAAmPee723BLi0HTqRqfK96H+DO
vmul7FyoVaqVW5bp0Vj5EGNFfCsSYVkBQlfrmrTW+2kwuIZ1OYof99Mxr2YChvXS
iS1rf+Kqnok0Vba/Ojo6MWrMXOj+oDZpFSKMlJju9eJzFTAaNq2tH32zUmFhO90b
WIzCob546ESKD9EtIR1Xs8i1iHyJbHodIU85VRxsYgGDU/4g0ohALkZx+i7JzCZH
UZYBcCWWOFjNylMGj86vYyIbOWQUHGjD4bmOR8h4M2pYmsbiJ2/oYdrJFrQQOR8E
K247M+jqBzDpcOUItLT4kxhXlAB2ATj+GalBLKpsfQTcteCwPs4HtiydoJTd
-----END CERTIFICATE-----
Generated at Tue Aug 8 14:30:18 2023 by rpki-client on console-fra.rpki-client.org