Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/cGczLCOTxaSPFVmOWPJSguNbGeI.roa
File: cGczLCOTxaSPFVmOWPJSguNbGeI.roa (raw, json)
Hash identifier: lBXrwYfiTDskxB1Oan6VCFWemxlHsFR7JAVT5w3+mEM=
Subject key identifier: 70:67:33:2C:23:93:C5:A4:8F:15:59:8E:58:F2:52:82:E3:5B:19:E2
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187BBF5D15244147EF1B0DFC6E99CD8390A
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/cGczLCOTxaSPFVmOWPJSguNbGeI.roa
Signing time: Wed 26 Apr 2023 05:07:41 +0000
ROA not before: Wed 26 Apr 2023 05:07:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 89.35.154.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.241.182.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
185.135.141.0/24 maxlen: 24
45.156.159.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:bb:f5:d1:52:44:14:7e:f1:b0:df:c6:e9:9c:d8:39:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 26 05:07:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7067332c2393c5a48f15598e58f25282e35b19e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:02:d1:c0:4c:b3:15:4f:db:b8:ed:3e:06:bd:
e1:6b:bc:f1:da:43:ff:c7:27:86:81:8c:63:56:68:
07:12:c3:c4:ed:1a:0d:ea:2e:cd:62:e1:0c:f0:2e:
1d:ce:c0:1c:84:83:fc:90:65:44:11:31:32:28:94:
43:b9:6f:e7:b2:10:de:10:c0:61:6c:91:3f:8b:b1:
cc:6c:d8:9c:e6:6b:78:a0:be:87:ca:de:c4:97:e9:
50:de:25:33:44:58:0b:ef:3b:8a:a7:f2:0c:16:48:
15:47:f5:35:ea:b5:ea:a9:de:07:91:3c:6f:4a:3f:
69:8e:03:9f:2e:ee:84:52:2f:8f:cd:aa:0a:1e:07:
b3:a8:0f:17:cb:af:ba:df:1e:1e:d6:a3:8a:cd:78:
d6:c7:fe:fd:75:a9:41:97:3a:28:c2:9a:cb:57:08:
36:df:57:93:a7:bd:ad:15:0b:dd:b3:41:cc:9a:b7:
55:26:71:c3:73:65:96:0f:61:e6:61:ec:b1:2c:0b:
34:62:12:ba:25:8f:77:1e:5d:fa:7a:05:28:e0:cc:
9a:de:e2:97:13:ae:fd:ce:81:63:34:ec:26:32:6a:
4b:74:fa:9a:55:8f:7d:12:24:0e:23:9b:df:15:56:
c7:f6:3a:02:4d:fe:b7:2b:14:9f:3c:19:1d:7e:bc:
2e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:67:33:2C:23:93:C5:A4:8F:15:59:8E:58:F2:52:82:E3:5B:19:E2
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/cGczLCOTxaSPFVmOWPJSguNbGeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.159.0/24
87.247.149.0/24
87.247.151.0/24
89.35.154.0/24
89.37.62.0/23
91.188.204.0/24
185.135.141.0/24
185.255.169.0/24
188.212.155.0/24
188.240.233.0/24
188.241.110.0/24
188.241.182.0/24
188.241.243.0/24
213.232.94.0/23
Signature Algorithm: sha256WithRSAEncryption
17:e2:18:7a:3d:ee:20:35:00:d4:00:c0:8c:91:03:df:61:aa:
82:66:8a:fc:0a:a8:5f:7d:63:bf:0d:40:f6:ba:12:d1:38:9b:
a7:3a:89:cc:47:68:5b:cd:63:95:cc:bb:3d:05:d5:44:3a:96:
4a:da:4e:de:e2:ef:7a:20:4e:84:20:9d:64:64:a3:9c:be:97:
e9:de:42:29:ad:a7:cd:ac:b9:46:5a:5d:a0:2c:29:03:1d:eb:
38:07:98:78:37:2d:ce:72:df:16:50:7b:b1:49:39:d9:bd:cd:
0c:b7:8f:a7:88:e0:67:6c:b5:a7:80:b2:e1:94:42:a5:b5:24:
9e:5d:74:8e:18:51:a5:b6:04:80:64:f1:de:fa:27:3a:c1:01:
f6:68:6d:9d:f6:9d:47:70:ee:97:da:0a:72:38:8b:4e:1b:18:
dc:85:ff:25:7f:78:d2:80:96:57:2f:be:b2:2a:20:a7:3b:3a:
6f:77:0c:fa:b1:9b:57:94:89:1b:d2:16:e8:f3:c0:cb:47:9e:
47:22:96:4d:0c:af:d6:fb:16:6c:63:8b:ae:2e:f3:55:78:bd:
04:08:e6:6e:90:60:e5:a5:41:05:31:f7:08:37:95:c9:a3:65:
e9:91:da:8c:63:1c:26:f0:3b:e4:29:3b:e3:6d:16:95:bf:9d:
98:7b:38:20
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYe79dFSRBR+8bDfxumc2DkKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDI2MDUwNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDY3MzMyYzIzOTNjNWE0OGYxNTU5OGU1OGYyNTI4MmUzNWIxOWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQLRwEyzFU/buO0+Br3ha7zx2kP/
xyeGgYxjVmgHEsPE7RoN6i7NYuEM8C4dzsAchIP8kGVEETEyKJRDuW/nshDeEMBh
bJE/i7HMbNic5mt4oL6Hyt7El+lQ3iUzRFgL7zuKp/IMFkgVR/U16rXqqd4HkTxv
Sj9pjgOfLu6EUi+PzaoKHgezqA8Xy6+63x4e1qOKzXjWx/79dalBlzoowprLVwg2
31eTp72tFQvds0HMmrdVJnHDc2WWD2HmYeyxLAs0YhK6JY93Hl36egUo4Mya3uKX
E679zoFjNOwmMmpLdPqaVY99EiQOI5vfFVbH9joCTf63KxSfPBkdfrwuwwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFHBnMywjk8WkjxVZjljyUoLjWxniMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvY0djekxDT1R4YVNQRlZtT1dQSlNndU5iR2VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQALZyfAwQA
V/eVAwQAV/eXAwQAWSOaAwQBWSU+AwQAW7zMAwQAuYeNAwQAuf+pAwQAvNSbAwQA
vPDpAwQAvPFuAwQAvPG2AwQAvPHzAwQB1eheMA0GCSqGSIb3DQEBCwUAA4IBAQAX
4hh6Pe4gNQDUAMCMkQPfYaqCZor8CqhffWO/DUD2uhLROJunOonMR2hbzWOVzLs9
BdVEOpZK2k7e4u96IE6EIJ1kZKOcvpfp3kIprafNrLlGWl2gLCkDHes4B5h4Ny3O
ct8WUHuxSTnZvc0Mt4+niOBnbLWngLLhlEKltSSeXXSOGFGltgSAZPHe+ic6wQH2
aG2d9p1HcO6X2gpyOItOGxjchf8lf3jSgJZXL76yKiCnOzpvdwz6sZtXlIkb0hbo
88DLR55HIpZNDK/W+xZsY4uuLvNVeL0ECOZukGDlpUEFMfcIN5XJo2XpkdqMYxwm
8DvkKTvjbRaVv52Yezgg
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:02 2023 by rpki-client on console-fra.rpki-client.org