Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/fv2YlZW-BVAvz7W85L8_MPSODuQ.roa
File: fv2YlZW-BVAvz7W85L8_MPSODuQ.roa (raw, json)
Hash identifier: X4GrwdFOkNVqH2YTpUHCbiR5a3JN7f7WpbS3xPZe1Ts=
Subject key identifier: 7E:FD:98:95:95:BE:05:50:2F:CF:B5:BC:E4:BF:3F:30:F4:8E:0E:E4
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018C5E6D16CA554A53D2A7D6CD101CD97869
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/fv2YlZW-BVAvz7W85L8_MPSODuQ.roa
Signing time: Tue 12 Dec 2023 14:27:36 +0000
ROA not before: Tue 12 Dec 2023 14:27:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.208.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.254.0/23 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Dec 2023 06:42:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5e:6d:16:ca:55:4a:53:d2:a7:d6:cd:10:1c:d9:78:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Dec 12 14:27:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7efd989595be05502fcfb5bce4bf3f30f48e0ee4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:35:7a:77:89:fc:9e:3a:fd:b9:4e:53:f4:64:
db:07:5b:1b:e5:28:7c:06:fe:d4:4c:fc:84:dd:8d:
e1:4c:cd:f5:5b:6b:a7:26:76:d6:e9:80:de:97:43:
48:ff:dc:2c:9d:bd:5e:23:d4:87:1f:2f:c4:52:84:
e7:de:8d:3c:89:26:ee:30:2f:af:55:52:2a:72:4e:
33:cb:5c:4f:4d:2a:d8:15:6d:d1:c0:b7:fc:1b:19:
b8:fe:ed:74:33:84:4c:aa:6a:04:7c:65:d0:c0:af:
e1:9e:4b:1f:f1:62:43:a8:ba:40:d9:18:59:de:09:
02:2f:4e:ea:92:d8:f4:a0:13:10:75:fb:65:02:ff:
29:01:da:4a:ea:fd:5a:4e:58:bd:bf:79:30:ad:58:
a0:3e:0e:d2:b2:77:7b:5a:92:59:5d:e3:bc:da:53:
29:85:4e:b8:e0:d3:74:d6:6b:51:c8:92:ff:8b:a8:
04:5e:58:5b:59:4e:dc:0a:2e:88:d4:57:7f:16:d9:
46:d7:98:c9:fa:d4:4c:cc:43:f8:27:9c:57:e5:47:
8a:89:d7:11:b2:ae:a9:12:a8:1e:91:9a:d3:35:29:
81:07:1c:e7:22:c5:e8:ea:c8:9b:5b:bf:04:89:8d:
95:41:68:ae:4c:d9:d4:2f:11:5c:a3:69:ba:5c:05:
f6:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:FD:98:95:95:BE:05:50:2F:CF:B5:BC:E4:BF:3F:30:F4:8E:0E:E4
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/fv2YlZW-BVAvz7W85L8_MPSODuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
87.247.148.0/22
89.33.84.0/23
89.35.154.0/24
89.37.62.0/23
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.168.0/22
188.212.133.0/24
188.212.158.0/23
188.214.208.0/23
188.240.224.0/23
188.240.227.0/24
188.241.110.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
86:7c:1b:16:b1:f3:dc:2a:24:ba:f4:e7:88:a0:e1:6f:37:17:
d2:5c:50:ad:90:c2:8c:08:d5:82:b6:0f:bb:bb:f6:29:0b:1f:
b4:39:4f:d8:fe:b1:02:05:9a:e5:c4:bb:d2:0f:a1:0d:8b:c2:
a0:16:b4:29:ab:d0:d2:4a:fd:fe:a4:eb:18:9d:c4:e0:01:54:
83:36:f2:cf:17:cb:00:28:4c:70:7d:05:c7:39:4b:ba:15:a1:
24:6e:00:3a:72:5a:06:06:8d:1c:1f:89:15:da:76:b1:5a:ad:
e7:3b:49:06:8d:2a:19:03:e6:0a:8a:1b:6f:92:b5:f3:70:f1:
b5:ce:b6:a6:b1:57:db:93:51:7d:2f:97:b0:c6:f8:e1:df:6a:
ef:ac:3d:3f:24:74:3c:94:55:1f:95:64:8b:46:10:aa:1a:81:
d8:13:f2:97:3b:ed:56:21:2d:03:be:51:69:4b:0b:bf:6a:29:
53:a7:99:3c:1e:30:d2:05:11:9a:0e:c7:89:88:8e:8a:d4:73:
dd:6d:2e:c1:1b:8e:a7:d7:d9:80:0e:60:9f:4e:7e:0e:9a:81:
ca:ec:19:72:7e:e4:c6:d3:12:26:dc:c3:00:9f:e8:45:40:28:
bd:a9:9f:9c:c2:71:f9:43:d1:d5:6a:b8:a5:20:59:a5:c9:f3:
e1:2a:37:e8
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYxebRbKVUpT0qfWzRAc2XhpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMjEyMTQyNzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWZkOTg5NTk1YmUwNTUwMmZjZmI1YmNlNGJmM2YzMGY0OGUwZWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDV6d4n8njr9uU5T9GTbB1sb5Sh8
Bv7UTPyE3Y3hTM31W2unJnbW6YDel0NI/9wsnb1eI9SHHy/EUoTn3o08iSbuMC+v
VVIqck4zy1xPTSrYFW3RwLf8Gxm4/u10M4RMqmoEfGXQwK/hnksf8WJDqLpA2RhZ
3gkCL07qktj0oBMQdftlAv8pAdpK6v1aTli9v3kwrVigPg7Ssnd7WpJZXeO82lMp
hU644NN01mtRyJL/i6gEXlhbWU7cCi6I1Fd/FtlG15jJ+tRMzEP4J5xX5UeKidcR
sq6pEqgekZrTNSmBBxznIsXo6sibW78EiY2VQWiuTNnULxFco2m6XAX2zwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFH79mJWVvgVQL8+1vOS/PzD0jg7kMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvZnYyWWxaVy1CVkF2ejdXODVMOF9NUFNPRHVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAIt
krgDBAAtnJ0DBAJX95QDBAFZIVQDBABZI5oDBAFZJT4DBAJbvMwDBAFdc/4DBAG5
h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAK5/6gDBAC81IUDBAG81J4DBAG8
1tADBAG88OADBAC88OMDBAC88W4DBAC88fMDBAHBF4ADBALV6FwwDQYJKoZIhvcN
AQELBQADggEBAIZ8Gxax89wqJLr054ig4W83F9JcUK2QwowI1YK2D7u79ikLH7Q5
T9j+sQIFmuXEu9IPoQ2LwqAWtCmr0NJK/f6k6xidxOABVIM28s8XywAoTHB9Bcc5
S7oVoSRuADpyWgYGjRwfiRXadrFarec7SQaNKhkD5gqKG2+StfNw8bXOtqaxV9uT
UX0vl7DG+OHfau+sPT8kdDyUVR+VZItGEKoagdgT8pc77VYhLQO+UWlLC79qKVOn
mTweMNIFEZoOx4mIjorUc91tLsEbjqfX2YAOYJ9Ofg6agcrsGXJ+5MbTEibcwwCf
6EVAKL2pn5zCcflD0dVquKUgWaXJ8+EqN+g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:47 2024 by rpki-client on console-fra.rpki-client.org