Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/f1qEdiC5nu1qeYl5jC3yxvfKgLQ.roa
File: f1qEdiC5nu1qeYl5jC3yxvfKgLQ.roa (raw, json)
Hash identifier: MO1XMldjd4XNcdGkIna3qUeO7AbnL0X2kMhgVjNdNRs=
Subject key identifier: 7F:5A:84:76:20:B9:9E:ED:6A:79:89:79:8C:2D:F2:C6:F7:CA:80:B4
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018653E6FF6BF25F26045487B85B50C8C047
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/f1qEdiC5nu1qeYl5jC3yxvfKgLQ.roa
Signing time: Wed 15 Feb 2023 07:08:12 +0000
ROA not before: Wed 15 Feb 2023 07:08:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3507
IP address blocks: 93.114.192.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
93.115.109.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
188.241.214.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
193.23.130.0/24 maxlen: 24
45.156.158.0/24 maxlen: 24
89.34.127.0/24 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
185.255.170.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:53:e6:ff:6b:f2:5f:26:04:54:87:b8:5b:50:c8:c0:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 15 07:08:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f5a847620b99eed6a7989798c2df2c6f7ca80b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:38:15:a9:cc:30:c0:08:09:24:8d:ff:20:48:
57:8c:f4:c0:fe:93:8b:37:83:42:95:43:fc:b1:41:
8a:21:08:01:10:9b:b0:6f:78:fd:80:61:bb:45:f2:
a7:f1:90:c7:65:fc:05:49:3c:bc:a5:64:2a:42:66:
73:24:70:c7:ff:d7:22:8e:f7:ba:80:a8:0b:21:9e:
3a:73:d4:df:a3:f9:1e:5f:93:f2:4e:c6:b0:18:99:
12:c9:dd:e1:e6:4e:f7:ca:92:32:f1:73:81:12:5e:
7c:ad:93:c5:08:4e:06:98:d7:e5:70:ce:e5:04:fd:
79:a6:10:93:92:e7:dc:4d:ad:1e:ba:58:e3:ae:1f:
69:17:84:b4:98:97:42:6e:49:b5:7b:1b:9e:40:97:
66:a1:e2:dc:f3:a2:16:85:dc:69:9f:41:57:86:77:
20:a3:25:08:a1:10:19:86:75:22:02:d7:cf:07:c8:
bb:72:ea:ee:dd:a9:83:b7:61:0f:1e:9c:20:34:e8:
80:e3:04:44:e1:2e:b7:40:87:15:11:26:d1:d6:83:
2d:15:21:8b:89:c9:84:8e:58:5b:d2:34:3e:b9:b4:
87:e6:5c:a8:c8:83:7e:18:dc:08:91:8a:0a:b3:7c:
f8:49:c5:ad:fa:55:fa:fd:a6:53:72:c1:e9:4c:f2:
fe:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:5A:84:76:20:B9:9E:ED:6A:79:89:79:8C:2D:F2:C6:F7:CA:80:B4
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/f1qEdiC5nu1qeYl5jC3yxvfKgLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.157.0-45.156.158.255
89.33.84.0/24
89.34.127.0/24
89.35.154.0/24
89.37.62.0/23
93.114.192.0/24
93.115.109.0/24
185.255.170.0/24
188.212.155.0/24
188.240.232.0/24
188.241.110.0/24
188.241.214.0/24
193.23.130.0/24
Signature Algorithm: sha256WithRSAEncryption
76:02:59:20:42:b0:a3:f0:bc:77:7a:ee:71:d9:ff:0d:de:1f:
a6:85:12:21:90:f7:ac:68:63:3b:fc:f7:d0:b2:35:b4:1b:bf:
8f:4b:d7:a4:d3:16:5c:78:d9:3b:96:96:e4:9c:a2:9f:37:b7:
c8:82:a6:8d:78:d0:78:5b:e6:f9:10:31:50:81:a9:e9:25:53:
1a:85:1f:83:ab:fa:bc:31:59:c5:b2:c8:95:02:75:5b:ac:c9:
2b:00:99:00:98:12:5b:48:5c:30:44:2d:85:11:8d:ac:af:96:
29:db:c2:07:44:11:b7:7b:2a:69:4f:c7:16:df:73:22:57:7f:
71:b6:31:7a:e4:49:56:48:59:a1:e2:62:5b:fc:9c:76:3c:f7:
85:c2:2a:1c:34:32:59:b4:b9:29:07:d2:c2:f6:ce:2d:fe:cc:
86:61:49:5d:38:0a:34:a6:09:fa:11:c2:77:a3:06:ed:8c:ef:
17:12:a1:2a:f8:3f:20:23:c4:c9:f9:ca:cf:75:a6:cd:ef:51:
21:3c:35:5b:54:d4:d4:d6:26:90:21:ca:14:13:55:09:39:cb:
3b:e7:dc:09:82:73:fa:8b:ac:22:64:e0:23:87:44:2f:2e:e3:
f8:6c:62:7b:df:fa:b7:96:75:5c:5e:de:e8:98:44:aa:36:8c:
ba:81:bc:e3
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYZT5v9r8l8mBFSHuFtQyMBHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjE1MDcwODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjVhODQ3NjIwYjk5ZWVkNmE3OTg5Nzk4YzJkZjJjNmY3Y2E4MGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTgVqcwwwAgJJI3/IEhXjPTA/pOL
N4NClUP8sUGKIQgBEJuwb3j9gGG7RfKn8ZDHZfwFSTy8pWQqQmZzJHDH/9cijve6
gKgLIZ46c9Tfo/keX5PyTsawGJkSyd3h5k73ypIy8XOBEl58rZPFCE4GmNflcM7l
BP15phCTkufcTa0euljjrh9pF4S0mJdCbkm1exueQJdmoeLc86IWhdxpn0FXhncg
oyUIoRAZhnUiAtfPB8i7curu3amDt2EPHpwgNOiA4wRE4S63QIcVESbR1oMtFSGL
icmEjlhb0jQ+ubSH5lyoyIN+GNwIkYoKs3z4ScWt+lX6/aZTcsHpTPL+mQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFH9ahHYguZ7tanmJeYwt8sb3yoC0MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvZjFxRWRpQzVudTFxZVlsNWpDM3l4dmZLZ0xRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWMAwDBAAtnJ0D
BAAtnJ4DBABZIVQDBABZIn8DBABZI5oDBAFZJT4DBABdcsADBABdc20DBAC5/6oD
BAC81JsDBAC88OgDBAC88W4DBAC88dYDBADBF4IwDQYJKoZIhvcNAQELBQADggEB
AHYCWSBCsKPwvHd67nHZ/w3eH6aFEiGQ96xoYzv899CyNbQbv49L16TTFlx42TuW
luScop83t8iCpo140Hhb5vkQMVCBqeklUxqFH4Or+rwxWcWyyJUCdVusySsAmQCY
EltIXDBELYURjayvlinbwgdEEbd7KmlPxxbfcyJXf3G2MXrkSVZIWaHiYlv8nHY8
94XCKhw0Mlm0uSkH0sL2zi3+zIZhSV04CjSmCfoRwnejBu2M7xcSoSr4PyAjxMn5
ys91ps3vUSE8NVtU1NTWJpAhyhQTVQk5yzvn3AmCc/qLrCJk4COHRC8u4/hsYnvf
+reWdVxe3uiYRKo2jLqBvOM=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:02 2023 by rpki-client on console-fra.rpki-client.org