Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/cgrfepZdgsOaWtSgvPlDU9_qd14.roa
File: cgrfepZdgsOaWtSgvPlDU9_qd14.roa (raw, json)
Hash identifier: E5BlFhR1sqrvH2M/dFLOqTVBswFHxa6e6cmMLttHtUQ=
Subject key identifier: 72:0A:DF:7A:96:5D:82:C3:9A:5A:D4:A0:BC:F9:43:53:DF:EA:77:5E
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018A6958E4C43BE565C1EF10EAD9D9D52DE9
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/cgrfepZdgsOaWtSgvPlDU9_qd14.roa
Signing time: Wed 06 Sep 2023 07:15:47 +0000
ROA not before: Wed 06 Sep 2023 07:15:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.33.14.0/24 maxlen: 24
193.19.106.0/24 maxlen: 24
213.32.250.0/24 maxlen: 24
213.32.248.0/24 maxlen: 24
213.32.249.0/24 maxlen: 24
213.32.251.0/24 maxlen: 24
103.205.24.0/24 maxlen: 24
103.205.26.0/24 maxlen: 24
103.205.25.0/24 maxlen: 24
103.205.27.0/24 maxlen: 24
188.214.27.0/24 maxlen: 24
185.230.250.0/24 maxlen: 24
185.230.248.0/24 maxlen: 24
185.230.251.0/24 maxlen: 24
185.230.249.0/24 maxlen: 24
192.166.212.0/22 maxlen: 24
193.42.52.0/24 maxlen: 24
193.42.53.0/24 maxlen: 24
193.42.54.0/23 maxlen: 24
185.9.54.0/24 maxlen: 24
62.197.132.0/24 maxlen: 24
62.197.134.0/24 maxlen: 24
62.197.133.0/24 maxlen: 24
62.197.135.0/24 maxlen: 24
185.103.72.0/24 maxlen: 24
185.103.74.0/24 maxlen: 24
185.103.73.0/24 maxlen: 24
185.115.146.0/24 maxlen: 24
185.115.147.0/24 maxlen: 24
77.75.62.0/24 maxlen: 24
77.75.60.0/24 maxlen: 24
77.75.63.0/24 maxlen: 24
194.4.158.0/24 maxlen: 24
194.4.156.0/23 maxlen: 24
194.4.159.0/24 maxlen: 24
185.115.144.0/24 maxlen: 24
185.115.144.0/23 maxlen: 24
185.115.145.0/24 maxlen: 24
78.142.242.0/24 maxlen: 24
78.142.242.0/23 maxlen: 24
78.142.241.0/24 maxlen: 24
45.159.152.0/24 maxlen: 24
45.159.154.0/24 maxlen: 24
45.159.153.0/24 maxlen: 24
45.159.155.0/24 maxlen: 24
89.38.101.0/24 maxlen: 24
89.40.160.0/24 maxlen: 24
185.229.104.0/24 maxlen: 24
185.229.105.0/24 maxlen: 24
185.229.106.0/24 maxlen: 24
185.229.107.0/24 maxlen: 24
203.0.9.0/24 maxlen: 24
89.43.210.0/23 maxlen: 24
185.245.238.0/24 maxlen: 24
185.245.237.0/24 maxlen: 24
89.43.211.0/24 maxlen: 24
89.43.209.0/24 maxlen: 24
185.245.236.0/24 maxlen: 24
203.0.8.0/24 maxlen: 24
89.43.208.0/24 maxlen: 24
89.43.212.0/22 maxlen: 24
89.43.210.0/24 maxlen: 24
185.245.239.0/24 maxlen: 24
103.212.82.0/24 maxlen: 24
89.47.89.0/24 maxlen: 24
185.121.229.0/24 maxlen: 24
178.239.201.0/24 maxlen: 24
185.121.231.0/24 maxlen: 24
178.239.203.0/24 maxlen: 24
185.121.228.0/24 maxlen: 24
178.239.200.0/24 maxlen: 24
178.239.202.0/24 maxlen: 24
185.121.230.0/24 maxlen: 24
178.239.204.0/24 maxlen: 24
93.114.246.0/24 maxlen: 24
185.236.60.0/24 maxlen: 24
185.236.62.0/24 maxlen: 24
185.236.63.0/24 maxlen: 24
185.236.61.0/24 maxlen: 24
223.27.112.0/24 maxlen: 24
223.27.114.0/24 maxlen: 24
178.239.192.0/23 maxlen: 24
178.239.192.0/24 maxlen: 24
178.239.193.0/24 maxlen: 24
178.239.195.0/24 maxlen: 24
178.239.194.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:69:58:e4:c4:3b:e5:65:c1:ef:10:ea:d9:d9:d5:2d:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Sep 6 07:15:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=720adf7a965d82c39a5ad4a0bcf94353dfea775e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c5:f2:3a:01:cc:59:8a:34:b2:78:1c:0d:f7:
bd:2a:5d:bb:4a:77:83:a2:f3:88:db:cf:fe:55:ef:
28:9d:24:74:6b:80:20:86:9b:c4:e8:0d:45:5a:22:
85:8f:6b:aa:12:0e:13:72:b0:2e:6e:b8:b8:39:02:
19:e7:f9:42:cc:0b:dc:33:f7:5b:3c:96:08:98:9c:
34:63:68:8c:da:e5:ca:a6:2e:fc:86:61:04:a8:64:
68:29:03:92:db:8d:41:1c:e4:3c:88:32:52:be:80:
9a:4b:ee:60:83:2e:1b:04:66:ff:4e:30:8a:26:6a:
ca:7d:2a:c3:e1:bf:49:51:34:32:e2:1f:9d:d0:25:
37:71:ca:ed:ee:14:fa:3f:01:0b:96:b2:19:a3:07:
6b:e8:14:98:38:07:74:50:cd:07:33:d8:18:5e:24:
d1:cb:33:83:74:f3:6e:0a:23:e4:31:58:04:db:91:
60:c1:8c:25:59:e7:95:53:58:d3:09:5d:23:22:c7:
22:5d:d3:1d:b4:0a:f5:14:5c:f1:32:f7:c0:84:a8:
b3:c3:36:da:4c:45:ab:31:9e:c0:cb:9b:f2:7f:a3:
98:d7:fb:c5:7f:d4:c8:32:d7:d1:d5:04:eb:aa:60:
61:90:62:c9:62:3c:64:9f:c0:a9:04:11:fd:64:61:
1a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:0A:DF:7A:96:5D:82:C3:9A:5A:D4:A0:BC:F9:43:53:DF:EA:77:5E
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/cgrfepZdgsOaWtSgvPlDU9_qd14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.152.0/22
62.197.132.0/22
77.75.60.0/24
77.75.62.0/23
78.142.241.0-78.142.243.255
89.33.14.0/24
89.38.101.0/24
89.40.160.0/24
89.43.208.0/21
89.47.89.0/24
93.114.246.0/24
103.205.24.0/22
103.212.82.0/24
178.239.192.0/22
178.239.200.0-178.239.204.255
185.9.54.0/24
185.103.72.0-185.103.74.255
185.115.144.0/22
185.121.228.0/22
185.229.104.0/22
185.230.248.0/22
185.236.60.0/22
185.245.236.0/22
188.214.27.0/24
192.166.212.0/22
193.19.106.0/24
193.42.52.0/22
194.4.156.0/22
203.0.8.0/23
213.32.248.0/22
223.27.112.0/24
223.27.114.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:62:8b:3e:5f:5d:9f:7a:c0:32:f8:e0:a3:d4:04:44:81:9a:
48:13:bb:8b:e6:83:7f:d9:a8:25:1e:11:8a:26:1b:cc:dc:0d:
3d:24:f4:5c:aa:4a:8d:83:bf:e0:7f:fa:bc:9a:02:52:1b:a4:
f0:34:bd:c6:6f:3a:ee:51:dc:d4:c6:bd:fa:e7:8c:9a:5d:10:
af:d2:9f:f4:ab:71:0e:24:ea:30:88:0a:ab:f4:2b:0d:33:1b:
79:4e:de:4f:aa:7d:40:1c:d5:e6:76:44:4c:34:13:4a:13:d6:
4a:d5:08:7b:5d:61:d3:16:9e:1a:d6:14:a7:38:35:df:b3:27:
63:6d:35:b3:74:6d:45:25:2a:55:8d:03:28:c8:d9:12:ce:ef:
f9:98:3f:57:00:f1:cb:8c:fb:17:14:1f:d7:07:43:d2:5b:61:
5c:ad:5e:40:36:90:4f:2d:92:da:cc:88:08:65:e2:7c:3c:83:
1f:3d:e2:bf:7b:02:05:a9:58:ca:be:d9:bc:a3:3e:f9:3b:a3:
bf:93:78:50:d3:e5:d6:20:fe:dd:5a:af:d1:f6:ae:09:f6:ee:
20:c8:01:fb:fb:bf:c5:2a:1b:2f:31:da:65:ab:1e:3f:95:5b:
a9:7b:3c:b8:d1:7b:18:d2:c2:78:ea:af:91:f4:34:0e:3c:b9:
33:72:d4:e8
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgISAYppWOTEO+Vlwe8Q6tnZ1S3pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwOTA2MDcxNTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjBhZGY3YTk2NWQ4MmMzOWE1YWQ0YTBiY2Y5NDM1M2RmZWE3NzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcXyOgHMWYo0sngcDfe9Kl27SneD
ovOI28/+Ve8onSR0a4AghpvE6A1FWiKFj2uqEg4TcrAubri4OQIZ5/lCzAvcM/db
PJYImJw0Y2iM2uXKpi78hmEEqGRoKQOS241BHOQ8iDJSvoCaS+5ggy4bBGb/TjCK
JmrKfSrD4b9JUTQy4h+d0CU3ccrt7hT6PwELlrIZowdr6BSYOAd0UM0HM9gYXiTR
yzODdPNuCiPkMVgE25FgwYwlWeeVU1jTCV0jIsciXdMdtAr1FFzxMvfAhKizwzba
TEWrMZ7Ay5vyf6OY1/vFf9TIMtfR1QTrqmBhkGLJYjxkn8CpBBH9ZGEa4wIDAQAB
o4IC4DCCAtwwHQYDVR0OBBYEFHIK33qWXYLDmlrUoLz5Q1Pf6ndeMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvY2dyZmVwWmRnc09hV3RTZ3ZQbERVOV9xZDE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH1BggrBgEFBQcBBwEB/wSB5TCB4jCB3wQCAAEwgdgDBAIt
n5gDBAI+xYQDBABNSzwDBAFNSz4wDAMEAE6O8QMEAk6O8AMEAFkhDgMEAFkmZQME
AFkooAMEA1kr0AMEAFkvWQMEAF1y9gMEAmfNGAMEAGfUUgMEArLvwDAMAwQDsu/I
AwQAsu/MAwQAuQk2MAwDBAO5Z0gDBAC5Z0oDBAK5c5ADBAK5eeQDBAK55WgDBAK5
5vgDBAK57DwDBAK59ewDBAC81hsDBALAptQDBADBE2oDBALBKjQDBALCBJwDBAHL
AAgDBALVIPgDBADfG3ADBADfG3IwDQYJKoZIhvcNAQELBQADggEBAE5iiz5fXZ96
wDL44KPUBESBmkgTu4vmg3/ZqCUeEYomG8zcDT0k9FyqSo2Dv+B/+ryaAlIbpPA0
vcZvOu5R3NTGvfrnjJpdEK/Sn/SrcQ4k6jCICqv0Kw0zG3lO3k+qfUAc1eZ2REw0
E0oT1krVCHtdYdMWnhrWFKc4Nd+zJ2NtNbN0bUUlKlWNAyjI2RLO7/mYP1cA8cuM
+xcUH9cHQ9JbYVytXkA2kE8tktrMiAhl4nw8gx894r97AgWpWMq+2byjPvk7o7+T
eFDT5dYg/t1ar9H2rgn27iDIAfv7v8UqGy8x2mWrHj+VW6l7PLjRexjSwnjqr5H0
NA48uTNy1Og=
Generated at Sun Sep 24 08:10:04 2023 by rpki-client on console-ams.rpki-client.org