Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/iEph7S01MDRm4yzVxMnzr_B3ejY.roa
File: iEph7S01MDRm4yzVxMnzr_B3ejY.roa (raw, json)
Hash identifier: 4k8gC51isjIZ+8CAbNjI0VE3DhYjFLpx85Tb29qeGEs=
Subject key identifier: 88:4A:61:ED:2D:35:30:34:66:E3:2C:D5:C4:C9:F3:AF:F0:77:7A:36
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B8B68FF9C27F178D3B3EFF55B74D6792A
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/iEph7S01MDRm4yzVxMnzr_B3ejY.roa
Signing time: Wed 01 Nov 2023 15:03:16 +0000
ROA not before: Wed 01 Nov 2023 15:03:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7393
IP address blocks: 37.140.222.0/24 maxlen: 24
188.241.248.0/24 maxlen: 24
193.221.210.0/24 maxlen: 24
94.154.126.0/24 maxlen: 24
212.24.123.0/24 maxlen: 24
46.253.135.0/24 maxlen: 24
62.122.191.0/24 maxlen: 24
185.161.123.0/24 maxlen: 24
89.38.136.0/24 maxlen: 24
78.142.243.0/24 maxlen: 24
194.26.200.0/24 maxlen: 24
193.38.154.0/24 maxlen: 24
217.119.135.0/24 maxlen: 24
185.234.15.0/24 maxlen: 24
185.151.145.0/24 maxlen: 24
185.184.216.0/24 maxlen: 24
213.173.37.0/24 maxlen: 24
79.110.228.0/24 maxlen: 24
79.110.230.0/24 maxlen: 24
91.209.12.0/24 maxlen: 24
176.118.35.0/24 maxlen: 24
91.246.32.0/24 maxlen: 24
45.86.37.0/24 maxlen: 24
91.246.37.0/24 maxlen: 24
188.244.126.0/24 maxlen: 24
193.163.192.0/24 maxlen: 24
193.3.187.0/24 maxlen: 24
193.163.195.0/24 maxlen: 24
194.150.76.0/24 maxlen: 24
193.163.193.0/24 maxlen: 24
91.247.172.0/24 maxlen: 24
185.235.225.0/24 maxlen: 24
176.97.200.0/24 maxlen: 24
185.235.228.0/24 maxlen: 24
37.72.136.0/24 maxlen: 24
213.109.156.0/24 maxlen: 24
213.109.159.0/24 maxlen: 24
176.126.119.0/24 maxlen: 24
185.252.213.0/24 maxlen: 24
193.201.14.0/24 maxlen: 24
193.201.12.0/24 maxlen: 24
62.233.38.0/24 maxlen: 24
188.241.159.0/24 maxlen: 24
62.204.60.0/24 maxlen: 24
62.197.128.0/24 maxlen: 24
5.180.178.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8b:68:ff:9c:27:f1:78:d3:b3:ef:f5:5b:74:d6:79:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 1 15:03:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=884a61ed2d35303466e32cd5c4c9f3aff0777a36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b2:d4:d2:cb:40:b2:1f:a6:ce:6b:b3:18:d6:
95:52:b7:8c:d0:0b:de:6f:3e:5c:1e:43:0c:15:f9:
0d:f6:c5:10:51:28:2c:9e:8b:61:5f:d7:b4:b8:ea:
c4:fd:4c:da:7a:59:da:27:8d:39:3b:0f:a4:28:db:
f3:64:57:67:fe:06:b0:a8:17:0c:8a:fa:e1:e8:30:
90:ff:58:e5:47:d3:da:37:7b:45:cd:4c:a8:8d:66:
0c:e9:df:65:88:e8:28:ee:a9:a5:d7:57:4e:ed:8b:
99:16:f5:d9:0e:12:31:b9:b4:13:0e:7f:14:79:fd:
b9:1c:4c:2a:36:19:7d:35:7d:77:9f:48:d0:94:b4:
d9:5f:3d:a1:11:1c:1c:d7:ec:55:fa:dd:06:29:8f:
7b:27:5f:bd:16:c8:be:6f:f3:c0:d4:1c:ff:cf:c9:
66:0e:43:b5:c4:1b:20:5f:9a:8e:a0:b3:51:52:2e:
54:4c:82:52:ac:66:16:4f:99:75:13:ea:39:42:5d:
2a:f7:f1:b8:24:a0:48:79:7a:77:f3:75:6f:3d:1e:
fe:65:e9:5c:f4:cb:ee:66:b5:90:de:2c:ae:c2:43:
39:b9:4b:5f:9e:b7:af:09:ac:3b:63:ff:8a:d0:8a:
73:9f:8b:f3:0e:99:e6:68:52:9c:af:7f:a4:fc:b6:
32:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:4A:61:ED:2D:35:30:34:66:E3:2C:D5:C4:C9:F3:AF:F0:77:7A:36
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/iEph7S01MDRm4yzVxMnzr_B3ejY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.178.0/24
37.72.136.0/24
37.140.222.0/24
45.86.37.0/24
46.253.135.0/24
62.122.191.0/24
62.197.128.0/24
62.204.60.0/24
62.233.38.0/24
78.142.243.0/24
79.110.228.0/24
79.110.230.0/24
89.38.136.0/24
91.209.12.0/24
91.246.32.0/24
91.246.37.0/24
91.247.172.0/24
94.154.126.0/24
176.97.200.0/24
176.118.35.0/24
176.126.119.0/24
185.151.145.0/24
185.161.123.0/24
185.184.216.0/24
185.234.15.0/24
185.235.225.0/24
185.235.228.0/24
185.252.213.0/24
188.241.159.0/24
188.241.248.0/24
188.244.126.0/24
193.3.187.0/24
193.38.154.0/24
193.163.192.0/23
193.163.195.0/24
193.201.12.0/24
193.201.14.0/24
193.221.210.0/24
194.26.200.0/24
194.150.76.0/24
212.24.123.0/24
213.109.156.0/24
213.109.159.0/24
213.173.37.0/24
217.119.135.0/24
Signature Algorithm: sha256WithRSAEncryption
29:8d:3b:4a:ae:1b:b6:98:92:1c:89:60:f2:eb:e0:4d:8c:a4:
f9:d2:c6:8c:34:26:40:ee:2c:b2:5e:9a:59:78:a2:d6:b7:48:
f7:15:cc:b4:ae:bf:8a:c5:ca:23:a2:98:2b:8a:cf:23:29:83:
a2:8d:21:a2:a8:48:87:e8:95:0c:ae:7e:04:a4:fa:a6:6e:29:
86:0f:f9:3b:58:4f:e5:d0:5a:4e:23:24:4e:21:2c:f9:51:ff:
22:af:ec:85:e4:be:f0:41:a0:50:12:2b:45:62:73:64:64:76:
64:96:78:ec:33:7b:ef:b5:b4:2d:2a:aa:a4:3a:67:d8:fa:86:
b0:4f:f8:9c:e1:10:5e:d8:2b:d5:c3:2a:ad:3e:e5:79:bc:11:
78:47:88:2d:b4:d2:d6:35:16:75:4a:89:a7:dc:3e:39:95:93:
19:a4:7c:a9:a2:df:36:22:ac:53:93:d9:3e:05:75:94:14:f4:
68:f0:c0:d3:59:af:09:8e:08:6f:4b:94:7a:4a:d8:4b:52:ba:
e7:70:04:b4:2d:52:a4:c6:45:bc:1c:cf:b1:19:07:15:d3:da:
8a:fd:6d:69:7a:9f:49:2c:a8:f8:e3:33:a0:e1:a4:6c:07:67:
8c:60:87:7d:cb:45:45:76:08:31:99:8d:2d:a6:4b:0b:8e:05:
19:f4:4b:96
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAYuLaP+cJ/F407Pv9Vt01nkqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTAxMTUwMzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODRhNjFlZDJkMzUzMDM0NjZlMzJjZDVjNGM5ZjNhZmYwNzc3YTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrLU0stAsh+mzmuzGNaVUreM0Ave
bz5cHkMMFfkN9sUQUSgsnothX9e0uOrE/UzaelnaJ405Ow+kKNvzZFdn/gawqBcM
ivrh6DCQ/1jlR9PaN3tFzUyojWYM6d9liOgo7qml11dO7YuZFvXZDhIxubQTDn8U
ef25HEwqNhl9NX13n0jQlLTZXz2hERwc1+xV+t0GKY97J1+9Fsi+b/PA1Bz/z8lm
DkO1xBsgX5qOoLNRUi5UTIJSrGYWT5l1E+o5Ql0q9/G4JKBIeXp383VvPR7+Zelc
9MvuZrWQ3iyuwkM5uUtfnrevCaw7Y/+K0Ipzn4vzDpnmaFKcr3+k/LYyDwIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFIhKYe0tNTA0ZuMs1cTJ86/wd3o2MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvaUVwaDdTMDFNRFJtNHl6VnhNbnpyX0IzZWpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCCARYEAgABMIIB
DgMEAAW0sgMEACVIiAMEACWM3gMEAC1WJQMEAC79hwMEAD56vwMEAD7FgAMEAD7M
PAMEAD7pJgMEAE6O8wMEAE9u5AMEAE9u5gMEAFkmiAMEAFvRDAMEAFv2IAMEAFv2
JQMEAFv3rAMEAF6afgMEALBhyAMEALB2IwMEALB+dwMEALmXkQMEALmhewMEALm4
2AMEALnqDwMEALnr4QMEALnr5AMEALn81QMEALzxnwMEALzx+AMEALz0fgMEAMED
uwMEAMEmmgMEAcGjwAMEAMGjwwMEAMHJDAMEAMHJDgMEAMHd0gMEAMIayAMEAMKW
TAMEANQYewMEANVtnAMEANVtnwMEANWtJQMEANl3hzANBgkqhkiG9w0BAQsFAAOC
AQEAKY07Sq4btpiSHIlg8uvgTYyk+dLGjDQmQO4ssl6aWXii1rdI9xXMtK6/isXK
I6KYK4rPIymDoo0hoqhIh+iVDK5+BKT6pm4phg/5O1hP5dBaTiMkTiEs+VH/Iq/s
heS+8EGgUBIrRWJzZGR2ZJZ47DN777W0LSqqpDpn2PqGsE/4nOEQXtgr1cMqrT7l
ebwReEeILbTS1jUWdUqJp9w+OZWTGaR8qaLfNiKsU5PZPgV1lBT0aPDA01mvCY4I
b0uUekrYS1K653AEtC1SpMZFvBzPsRkHFdPaiv1taXqfSSyo+OMzoOGkbAdnjGCH
fctFRXYIMZmNLaZLC44FGfRLlg==
Generated at Thu Nov 2 12:23:28 2023 by rpki-client on console-fra.rpki-client.org