Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/dEWmy5YI_TuCyfBtEbq8DAZXFts.roa
File: dEWmy5YI_TuCyfBtEbq8DAZXFts.roa (raw, json)
Hash identifier: MPbSLH43tWquznqvYwI2omD6+pzINJkkWxZdMtMmZN8=
Subject key identifier: 74:45:A6:CB:96:08:FD:3B:82:C9:F0:6D:11:BA:BC:0C:06:57:16:DB
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018958853423B17A8FB4CA2ADF9EF39152D1
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/dEWmy5YI_TuCyfBtEbq8DAZXFts.roa
Signing time: Sat 15 Jul 2023 07:47:51 +0000
ROA not before: Sat 15 Jul 2023 07:47:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
188.241.214.0/24 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.159.0/24 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
89.35.155.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.230.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.103.72.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:58:85:34:23:b1:7a:8f:b4:ca:2a:df:9e:f3:91:52:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 15 07:47:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7445a6cb9608fd3b82c9f06d11babc0c065716db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6a:67:81:fa:b6:e6:02:15:ae:19:bf:f8:37:
cf:ff:d9:77:a2:c3:eb:c8:91:20:6d:6d:83:be:15:
26:99:7f:74:6c:3a:0b:bd:8e:93:a0:02:10:5c:11:
d4:8a:7a:5f:9a:43:89:09:b2:e4:0f:f3:01:b6:5b:
b0:8c:ea:5e:ea:c3:a1:9d:c6:e4:02:f1:b4:48:45:
4f:f2:8c:7a:aa:eb:53:3c:5d:44:2d:e7:ca:3a:b1:
ce:df:bb:65:12:ef:b0:9b:72:fe:7c:5d:62:d6:0b:
b4:d2:aa:4c:3e:dc:c8:78:47:c7:1a:b4:66:02:8c:
a1:a9:95:c4:54:5b:c7:b1:91:c1:83:a2:8e:97:2e:
99:95:c3:eb:60:fe:6b:c1:ec:3c:f2:27:29:c8:6b:
cf:fc:43:39:af:08:1a:6f:ce:65:75:12:fb:4f:9e:
09:e3:f7:c4:82:07:3a:a1:d3:e5:bc:e1:7a:49:8e:
d3:44:0a:d5:0d:7e:3f:16:d5:e3:fa:72:c9:0e:7c:
17:2d:0f:80:07:be:56:fb:6f:e1:b6:60:71:46:09:
32:2a:55:9d:f4:99:36:fc:e5:31:c3:22:f7:26:fd:
92:17:38:d8:10:1c:c7:26:a9:a0:ef:9c:15:94:ca:
ef:21:78:0f:ce:07:bf:5f:d5:00:e7:99:a2:0b:4e:
ef:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:45:A6:CB:96:08:FD:3B:82:C9:F0:6D:11:BA:BC:0C:06:57:16:DB
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/dEWmy5YI_TuCyfBtEbq8DAZXFts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.157.0/24
45.156.159.0/24
87.247.148.0/22
89.33.84.0/23
89.35.154.0/23
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.103.72.0/24
185.135.140.0/24
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.169.0-185.255.171.255
188.212.132.0/23
188.212.155.0/24
188.212.158.0/24
188.213.202.0/23
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.240.230.0/24
188.240.232.0/23
188.241.110.0/24
188.241.214.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
62:e3:3c:72:20:68:25:3b:fe:f8:93:db:ff:62:56:98:48:f8:
11:fd:81:3f:99:ba:53:81:10:4d:cb:9f:09:6e:90:d3:4b:a1:
7d:04:39:2a:09:d1:04:9c:6f:f3:8e:3e:8d:9a:1f:eb:d1:d0:
55:de:58:4f:09:b4:90:46:4c:58:bd:38:72:69:66:a6:10:45:
8f:ec:d2:a2:fb:19:e7:d0:08:6f:8c:25:38:7b:64:aa:5a:b7:
b4:b4:2b:b5:20:73:e4:a3:34:b4:a1:54:be:b9:59:42:d8:6d:
95:11:0f:fd:96:7d:1f:97:91:c4:d9:04:94:be:f4:82:91:1b:
db:ac:78:03:9d:07:7c:c2:62:ad:61:d4:cd:2a:3e:43:66:1a:
85:1c:1c:8f:87:0d:55:c0:5f:08:e2:73:46:c3:2a:5f:ce:75:
64:1f:99:09:d0:7b:a8:de:2f:a2:37:d4:22:a1:68:75:9c:74:
6d:b2:fc:3d:01:c1:99:df:b7:25:24:a7:08:9d:8f:51:0e:f7:
13:fc:64:26:a8:c8:d0:a4:02:68:4b:b7:76:2e:89:49:44:62:
8e:c8:86:e8:e5:ca:80:b2:99:80:8e:af:17:8e:af:68:e1:fc:
0a:ef:0c:ba:a0:b0:46:2e:43:35:0a:ac:84:a1:3d:76:a3:39:
db:1c:75:45
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAYlYhTQjsXqPtMoq357zkVLRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzE1MDc0NzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDQ1YTZjYjk2MDhmZDNiODJjOWYwNmQxMWJhYmMwYzA2NTcxNmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGpngfq25gIVrhm/+DfP/9l3osPr
yJEgbW2DvhUmmX90bDoLvY6ToAIQXBHUinpfmkOJCbLkD/MBtluwjOpe6sOhncbk
AvG0SEVP8ox6qutTPF1ELefKOrHO37tlEu+wm3L+fF1i1gu00qpMPtzIeEfHGrRm
AoyhqZXEVFvHsZHBg6KOly6ZlcPrYP5rwew88icpyGvP/EM5rwgab85ldRL7T54J
4/fEggc6odPlvOF6SY7TRArVDX4/FtXj+nLJDnwXLQ+AB75W+2/htmBxRgkyKlWd
9Jk2/OUxwyL3Jv2SFzjYEBzHJqmg75wVlMrvIXgPzge/X9UA55miC07vDQIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFHRFpsuWCP07gsnwbRG6vAwGVxbbMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvZEVXbXk1WUlfVHVDeWZCdEVicThEQVpYRnRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBvQQCAAEwgbYDBAAt
nJ0DBAAtnJ8DBAJX95QDBAFZIVQDBAFZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAC5
Z0gDBAC5h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycwDAMEALn/qQMEArn/qAME
AbzUhAMEALzUmwMEALzUngMEAbzVygMEALzW0QMEAbzw4AMEALzw4wMEALzw5gME
Abzw6AMEALzxbgMEALzx1gMEALzx8wMEAcEXgAMEAtXoXDANBgkqhkiG9w0BAQsF
AAOCAQEAYuM8ciBoJTv++JPb/2JWmEj4Ef2BP5m6U4EQTcufCW6Q00uhfQQ5KgnR
BJxv844+jZof69HQVd5YTwm0kEZMWL04cmlmphBFj+zSovsZ59AIb4wlOHtkqlq3
tLQrtSBz5KM0tKFUvrlZQthtlREP/ZZ9H5eRxNkElL70gpEb26x4A50HfMJirWHU
zSo+Q2YahRwcj4cNVcBfCOJzRsMqX851ZB+ZCdB7qN4vojfUIqFodZx0bbL8PQHB
md+3JSSnCJ2PUQ73E/xkJqjI0KQCaEu3di6JSURijsiG6OXKgLKZgI6vF46vaOH8
Cu8MuqCwRi5DNQqshKE9dqM52xx1RQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:02 2023 by rpki-client on console-fra.rpki-client.org