Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/dnA5MjQ80WUbspKQ9ms-PIg5_rw.roa
File: dnA5MjQ80WUbspKQ9ms-PIg5_rw.roa (raw, json)
Hash identifier: jQ+3YpNkPJedLrkSVN7bXXF3mDo5VCZyXgQNiSpBgmE=
Subject key identifier: 76:70:39:32:34:3C:D1:65:1B:B2:92:90:F6:6B:3E:3C:88:39:FE:BC
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018755944CC297ACE46A837B3F1B9C79893E
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/dnA5MjQ80WUbspKQ9ms-PIg5_rw.roa
Signing time: Thu 06 Apr 2023 07:59:54 +0000
ROA not before: Thu 06 Apr 2023 07:59:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 185.121.230.0/24 maxlen: 24
185.121.231.0/24 maxlen: 24
185.230.248.0/24 maxlen: 24
185.229.104.0/24 maxlen: 24
194.4.159.0/24 maxlen: 24
89.43.208.0/24 maxlen: 24
213.32.249.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:55:94:4c:c2:97:ac:e4:6a:83:7b:3f:1b:9c:79:89:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 6 07:59:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76703932343cd1651bb29290f66b3e3c8839febc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d4:1b:71:86:72:45:04:a9:0c:75:97:d3:db:
a0:61:f0:1e:72:45:f7:b6:79:20:32:a7:d0:c2:1a:
f8:9d:e4:4c:7c:06:e0:1a:9b:dc:60:a0:f4:bb:31:
31:40:a0:52:85:e1:b9:29:82:dd:58:de:52:c3:a1:
d4:9e:dc:50:39:02:e6:fc:b2:0a:83:cd:ee:e1:c1:
09:21:ae:5a:7e:ed:3b:b0:ad:10:50:ea:d2:f0:f5:
8e:07:56:df:7c:03:27:22:3f:d4:69:91:29:e5:0f:
bc:e4:a7:e9:f6:74:96:c5:fe:80:59:af:70:8f:db:
bd:52:af:4a:18:f4:09:ec:b0:f8:e7:c4:10:5d:df:
21:2b:0d:4a:ec:d1:78:e6:97:cd:7f:f8:bf:07:b1:
3c:cb:69:25:0b:ba:9f:6e:f2:2b:72:8e:91:d1:96:
88:0b:7a:01:9a:db:b3:ce:f7:b7:72:e7:62:57:c9:
0e:8f:6b:c3:75:14:35:3c:c9:35:2b:47:6a:8d:82:
aa:8d:03:bc:c7:69:b9:a1:d6:6f:89:3c:8d:ed:48:
4c:35:9a:9a:09:94:10:cb:f2:8b:97:6e:39:5d:41:
c3:29:71:c2:38:48:23:f5:6c:ed:87:d9:42:9b:ea:
02:12:12:73:83:b3:90:5e:8b:ab:cb:65:c5:8b:f7:
cd:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:70:39:32:34:3C:D1:65:1B:B2:92:90:F6:6B:3E:3C:88:39:FE:BC
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/dnA5MjQ80WUbspKQ9ms-PIg5_rw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.43.208.0/24
185.121.230.0/23
185.229.104.0/24
185.230.248.0/24
194.4.159.0/24
213.32.249.0/24
Signature Algorithm: sha256WithRSAEncryption
21:34:e5:65:6c:c7:bd:cf:4a:ac:bd:5e:bb:c9:c5:9b:b4:b5:
71:4b:e0:81:9f:d1:c1:cb:3b:64:e9:c4:80:03:a6:64:12:0f:
b1:cd:79:c8:77:61:2d:1a:46:a1:97:66:b1:05:86:d8:6e:54:
73:19:9a:a5:29:86:61:41:bb:17:35:f9:df:d7:8b:4e:1f:56:
f8:d3:1a:9b:2a:11:fc:d6:3c:96:b9:c4:4c:64:92:66:f3:57:
9a:7c:7d:13:5d:c5:ee:b2:0d:03:c6:84:f3:22:cc:5b:2f:30:
32:5c:20:fc:ea:ff:14:e2:b1:57:cb:0f:4e:51:3a:0d:35:ad:
00:4b:b6:5c:d5:ab:42:0b:01:50:38:b3:b6:17:12:64:eb:c5:
13:bd:f1:73:2a:92:62:a7:e1:cd:8e:01:80:3d:15:1b:3a:37:
1c:fc:05:ec:06:89:72:3e:22:13:84:eb:ec:2b:c4:01:22:b4:
54:c3:4c:06:2e:02:01:31:dc:d1:0d:4b:28:f1:1d:4b:39:04:
1d:5c:d5:1b:10:9f:d7:5f:cf:c6:1a:0e:c6:43:56:0f:b9:4d:
df:27:90:e8:85:c7:68:ec:03:ba:c3:13:8a:42:31:5c:db:a4:
dc:0c:b2:87:2d:7a:94:56:7c:bc:0e:29:4e:72:3d:08:1a:74:
4b:3e:39:f0
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYdVlEzCl6zkaoN7PxuceYk+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDA2MDc1OTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjcwMzkzMjM0M2NkMTY1MWJiMjkyOTBmNjZiM2UzYzg4MzlmZWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9QbcYZyRQSpDHWX09ugYfAeckX3
tnkgMqfQwhr4neRMfAbgGpvcYKD0uzExQKBSheG5KYLdWN5Sw6HUntxQOQLm/LIK
g83u4cEJIa5afu07sK0QUOrS8PWOB1bffAMnIj/UaZEp5Q+85Kfp9nSWxf6AWa9w
j9u9Uq9KGPQJ7LD458QQXd8hKw1K7NF45pfNf/i/B7E8y2klC7qfbvIrco6R0ZaI
C3oBmtuzzve3cudiV8kOj2vDdRQ1PMk1K0dqjYKqjQO8x2m5odZviTyN7UhMNZqa
CZQQy/KLl245XUHDKXHCOEgj9Wzth9lCm+oCEhJzg7OQXoury2XFi/fNswIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHZwOTI0PNFlG7KSkPZrPjyIOf68MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvZG5BNU1qUTgwV1Vic3BLUTltcy1QSWc1X3J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAWSvQAwQB
uXnmAwQAueVoAwQAueb4AwQAwgSfAwQA1SD5MA0GCSqGSIb3DQEBCwUAA4IBAQAh
NOVlbMe9z0qsvV67ycWbtLVxS+CBn9HByztk6cSAA6ZkEg+xzXnId2EtGkahl2ax
BYbYblRzGZqlKYZhQbsXNfnf14tOH1b40xqbKhH81jyWucRMZJJm81eafH0TXcXu
sg0DxoTzIsxbLzAyXCD86v8U4rFXyw9OUToNNa0AS7Zc1atCCwFQOLO2FxJk68UT
vfFzKpJip+HNjgGAPRUbOjcc/AXsBolyPiIThOvsK8QBIrRUw0wGLgIBMdzRDUso
8R1LOQQdXNUbEJ/XX8/GGg7GQ1YPuU3fJ5Dohcdo7AO6wxOKQjFc26TcDLKHLXqU
Vny8DilOcj0IGnRLPjnw
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:55 2023 by rpki-client on console-ams.rpki-client.org