Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/gyR37tLcSJURqSV_oChPiAMI-IM.roa
File: gyR37tLcSJURqSV_oChPiAMI-IM.roa (raw, json)
Hash identifier: K4tRmkifY7PTr9p1s9Ek1godNVeeAJ+sEi3f+3iZ3Qw=
Subject key identifier: 83:24:77:EE:D2:DC:48:95:11:A9:25:7F:A0:28:4F:88:03:08:F8:83
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018571031AB47F660E5AD9900CB2ACFFB4D4
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/gyR37tLcSJURqSV_oChPiAMI-IM.roa
Signing time: Mon 02 Jan 2023 05:45:06 +0000
ROA not before: Mon 02 Jan 2023 05:45:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209854
IP address blocks: 185.244.139.0/24 maxlen: 24
212.119.32.0/23 maxlen: 24
212.119.34.0/24 maxlen: 24
194.169.168.0/22 maxlen: 24
212.119.35.0/24 maxlen: 24
193.218.35.0/24 maxlen: 24
45.144.227.0/24 maxlen: 24
91.190.101.0/24 maxlen: 24
91.190.102.0/23 maxlen: 24
91.190.100.0/24 maxlen: 24
45.135.184.0/24 maxlen: 24
92.62.120.0/22 maxlen: 24
62.197.144.0/20 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:03:1a:b4:7f:66:0e:5a:d9:90:0c:b2:ac:ff:b4:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 2 05:45:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=832477eed2dc489511a9257fa0284f880308f883
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:e8:8f:31:43:b0:47:98:5d:49:53:03:2d:4a:
92:62:de:8a:b2:38:bc:f6:fe:16:0f:2c:f5:fb:a7:
03:0d:2c:4a:75:b5:22:02:44:ed:3d:d1:a4:41:fa:
10:cc:e1:52:87:1a:70:63:ec:16:31:c7:d3:49:04:
09:a7:b1:60:ba:4d:5f:f0:61:3c:3c:44:8b:9f:8b:
29:65:52:d8:e7:4b:e1:d1:23:54:e1:a1:f6:5a:4a:
36:71:34:d1:cf:d8:fe:d6:cd:6a:80:9c:c0:ea:23:
03:e4:40:60:4b:e4:f7:c9:bc:82:da:ab:e5:aa:fb:
81:1b:ac:56:6d:ad:d4:f5:f0:6c:2c:21:e4:d4:d1:
44:bd:b6:e0:43:58:5b:ed:75:d5:ff:76:4a:07:a3:
0f:81:ba:af:75:54:23:14:4b:5e:4f:af:ac:1e:bc:
fd:4d:13:6b:00:29:7b:25:c4:e6:0d:17:1e:e8:60:
7e:05:e1:20:fe:1a:d2:9b:fa:4d:70:fd:12:bf:86:
de:ee:78:49:c3:c3:2d:6d:d4:72:16:18:c9:ce:22:
6c:0b:dc:86:8f:40:1a:31:f3:67:2d:2f:f8:bc:0f:
f8:bf:a6:0c:02:fc:b4:9c:24:eb:38:85:cc:6b:07:
64:bb:80:3f:e3:82:d4:50:b2:29:77:2e:bb:fd:7f:
c7:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:24:77:EE:D2:DC:48:95:11:A9:25:7F:A0:28:4F:88:03:08:F8:83
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/gyR37tLcSJURqSV_oChPiAMI-IM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.184.0/24
45.144.227.0/24
62.197.144.0/20
91.190.100.0/22
92.62.120.0/22
185.244.139.0/24
193.218.35.0/24
194.169.168.0/22
212.119.32.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:04:ed:db:9c:bf:27:90:28:fe:04:de:83:96:89:98:51:f0:
8f:99:37:d7:4a:c5:f4:33:44:e3:0c:15:7a:48:9c:af:e5:a7:
34:ee:69:25:95:6c:b3:23:31:70:7d:6a:62:83:2b:3d:69:77:
d5:e4:0b:4e:57:67:d4:64:4f:41:6b:a2:9e:fe:e2:e9:0b:e5:
a5:a1:78:1b:00:7b:1a:7f:f6:e2:bd:1e:06:b6:fb:fd:99:3e:
16:ff:b7:50:95:c5:f4:88:df:6c:e3:91:6b:e5:2e:d7:80:22:
9e:be:d3:7e:dd:d6:de:ce:68:c1:d1:60:15:09:43:ca:84:47:
98:62:fb:79:7b:5b:f3:c1:39:d0:58:ee:d3:74:b9:9a:ef:ff:
67:67:3d:72:4d:c1:35:62:f4:10:2f:42:eb:1a:60:bf:cc:97:
3e:8a:5e:ff:38:85:a2:e9:8d:5c:db:26:d8:7b:1b:a1:c2:b9:
6e:dd:ef:63:e7:20:90:81:7b:82:14:e2:3a:9c:e3:2a:3e:3d:
1e:84:88:51:05:5f:f9:7e:09:d1:64:b9:af:0e:e3:89:76:d9:
7b:7a:79:43:ab:0c:aa:69:31:22:60:12:92:72:3b:a3:6c:1e:
8e:c2:fe:c0:2a:c3:43:94:9a:b4:52:8b:29:d7:25:1a:57:15:
61:07:eb:8d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYVxAxq0f2YOWtmQDLKs/7TUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzI0NzdlZWQyZGM0ODk1MTFhOTI1N2ZhMDI4NGY4ODAzMDhmODgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuiPMUOwR5hdSVMDLUqSYt6Ksji8
9v4WDyz1+6cDDSxKdbUiAkTtPdGkQfoQzOFShxpwY+wWMcfTSQQJp7Fguk1f8GE8
PESLn4spZVLY50vh0SNU4aH2Wko2cTTRz9j+1s1qgJzA6iMD5EBgS+T3ybyC2qvl
qvuBG6xWba3U9fBsLCHk1NFEvbbgQ1hb7XXV/3ZKB6MPgbqvdVQjFEteT6+sHrz9
TRNrACl7JcTmDRce6GB+BeEg/hrSm/pNcP0Sv4be7nhJw8MtbdRyFhjJziJsC9yG
j0AaMfNnLS/4vA/4v6YMAvy0nCTrOIXMawdku4A/44LUULIpdy67/X/HFwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFIMkd+7S3EiVEaklf6AoT4gDCPiDMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvZ3lSMzd0TGNTSlVScVNWX29DaFBpQU1JLUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALYe4AwQA
LZDjAwQEPsWQAwQCW75kAwQCXD54AwQAufSLAwQAwdojAwQCwqmoAwQC1HcgMA0G
CSqGSIb3DQEBCwUAA4IBAQBbBO3bnL8nkCj+BN6DlomYUfCPmTfXSsX0M0TjDBV6
SJyv5ac07mkllWyzIzFwfWpigys9aXfV5AtOV2fUZE9Ba6Ke/uLpC+WloXgbAHsa
f/bivR4Gtvv9mT4W/7dQlcX0iN9s45Fr5S7XgCKevtN+3dbezmjB0WAVCUPKhEeY
Yvt5e1vzwTnQWO7TdLma7/9nZz1yTcE1YvQQL0LrGmC/zJc+il7/OIWi6Y1c2ybY
exuhwrlu3e9j5yCQgXuCFOI6nOMqPj0ehIhRBV/5fgnRZLmvDuOJdtl7enlDqwyq
aTEiYBKScjujbB6Owv7AKsNDlJq0Uosp1yUaVxVhB+uN
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:56 2023 by rpki-client on console-ams.rpki-client.org