Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/lO2SCl9LjfmkQqdteM-a0vnnGW4.roa
File: lO2SCl9LjfmkQqdteM-a0vnnGW4.roa (raw, json)
Hash identifier: RTTSl8mnZaE3XsoNoi+SBqRy8zbI5Xrth5ef17N/R9g=
Subject key identifier: 94:ED:92:0A:5F:4B:8D:F9:A4:42:A7:6D:78:CF:9A:D2:F9:E7:19:6E
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CB44FCF238D1522E140088F92B8CF38C2
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/lO2SCl9LjfmkQqdteM-a0vnnGW4.roa
Signing time: Fri 29 Dec 2023 06:42:58 +0000
ROA not before: Fri 29 Dec 2023 06:42:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.241.182.0/24 maxlen: 24
188.214.208.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.254.0/23 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b4:4f:cf:23:8d:15:22:e1:40:08:8f:92:b8:cf:38:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Dec 29 06:42:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94ed920a5f4b8df9a442a76d78cf9ad2f9e7196e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:5b:b2:ce:44:f0:d3:6c:4a:c8:39:89:29:5a:
ce:1b:2b:85:19:48:b0:40:14:3f:5e:41:63:11:7f:
85:42:af:52:51:b7:6e:30:6e:5d:dc:32:c5:97:8b:
cf:bf:b7:75:8a:6c:28:f9:6d:72:67:c2:3c:17:67:
61:17:b8:50:e0:76:ec:43:43:15:01:a2:35:4b:de:
6b:53:d3:17:69:e5:c6:69:b7:d8:e3:51:7c:c5:da:
75:f1:2d:c9:f9:0b:a6:23:45:5c:8b:6c:09:6c:e5:
1e:78:fb:bd:0b:bc:04:97:62:c4:b9:f7:bb:ed:aa:
35:41:31:dd:ab:3a:2c:1f:60:f6:a7:e5:a2:20:37:
2f:f3:11:e9:36:29:be:bb:0e:64:f6:a0:a7:44:29:
d0:9f:a0:8e:f3:81:67:1f:dd:a2:59:b0:d7:9f:7c:
4f:57:11:da:0a:a4:b3:c1:1a:78:11:43:90:fb:b1:
b3:97:29:a7:9e:47:c8:01:78:1f:5d:98:cc:37:76:
a4:0a:b4:c9:f1:89:30:1e:05:a4:a8:a8:2d:6d:2a:
c0:58:c7:8d:45:36:c9:4d:33:a9:d8:9e:f8:33:18:
b5:c9:f2:83:d3:fc:d6:57:41:0e:30:26:1c:71:00:
37:76:77:0d:f2:e6:a7:ec:fe:38:2c:bc:ee:50:37:
70:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:ED:92:0A:5F:4B:8D:F9:A4:42:A7:6D:78:CF:9A:D2:F9:E7:19:6E
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/lO2SCl9LjfmkQqdteM-a0vnnGW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
87.247.148.0/22
89.33.84.0/23
89.35.154.0/24
89.37.62.0/23
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.168.0/22
188.212.133.0/24
188.212.158.0/23
188.214.208.0/23
188.240.224.0/23
188.240.227.0/24
188.241.110.0/24
188.241.182.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:8b:72:be:de:d6:df:2a:0e:5d:c4:5e:72:20:55:05:31:45:
6a:b8:87:0b:58:3f:31:20:77:bb:6d:bc:28:a7:f1:39:2e:f8:
dc:05:b9:ca:26:76:12:1a:4c:02:10:a1:f1:61:5d:03:c6:7c:
90:a2:f3:b8:0a:bf:c2:ee:5f:8a:8a:00:1f:48:4f:67:8e:5f:
ef:a7:93:48:b1:05:b7:b3:e6:77:2b:36:ad:99:2d:b3:69:7b:
90:0f:4e:18:fa:37:2e:c2:ad:c4:2e:08:4d:d3:84:21:0b:84:
06:05:c8:d8:ca:26:59:88:37:50:ec:5a:6b:7a:fe:6b:b4:ce:
65:6c:52:64:f3:81:a7:03:a2:de:b7:71:83:ba:77:51:57:16:
db:37:70:42:9b:29:88:f2:27:ad:8f:e5:bb:08:e4:b0:7a:db:
bc:9c:4a:27:ea:9c:28:22:68:cc:3e:b3:06:2e:fc:19:7a:1f:
bc:18:16:da:a6:3d:b8:21:aa:4c:3d:bb:2e:ae:4a:ba:69:40:
9c:c9:c2:80:31:41:43:69:ac:7a:28:f6:a7:fd:2b:93:77:8e:
76:99:11:ec:dd:3a:6c:5e:0f:b5:dd:f3:b2:c8:b2:0f:f1:99:
4f:43:f2:3e:f9:36:3e:be:00:9e:8e:f3:34:82:4b:2b:1e:c7:
a6:e9:31:17
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAYy0T88jjRUi4UAIj5K4zzjCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMjI5MDY0MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGVkOTIwYTVmNGI4ZGY5YTQ0MmE3NmQ3OGNmOWFkMmY5ZTcxOTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjluyzkTw02xKyDmJKVrOGyuFGUiw
QBQ/XkFjEX+FQq9SUbduMG5d3DLFl4vPv7d1imwo+W1yZ8I8F2dhF7hQ4HbsQ0MV
AaI1S95rU9MXaeXGabfY41F8xdp18S3J+QumI0Vci2wJbOUeePu9C7wEl2LEufe7
7ao1QTHdqzosH2D2p+WiIDcv8xHpNim+uw5k9qCnRCnQn6CO84FnH92iWbDXn3xP
VxHaCqSzwRp4EUOQ+7GzlymnnkfIAXgfXZjMN3akCrTJ8YkwHgWkqKgtbSrAWMeN
RTbJTTOp2J74Mxi1yfKD0/zWV0EOMCYccQA3dncN8uan7P44LLzuUDdwmwIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFJTtkgpfS435pEKnbXjPmtL55xluMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbE8yU0NsOUxqZm1rUXFkdGVNLWEwdm5uR1c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBAIt
krgDBAAtnJ0DBAJX95QDBAFZIVQDBABZI5oDBAFZJT4DBAJbvMwDBAFdc/4DBAG5
h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAK5/6gDBAC81IUDBAG81J4DBAG8
1tADBAG88OADBAC88OMDBAC88W4DBAC88bYDBAC88fMDBAHBF4ADBALV6FwwDQYJ
KoZIhvcNAQELBQADggEBAAyLcr7e1t8qDl3EXnIgVQUxRWq4hwtYPzEgd7ttvCin
8Tku+NwFucomdhIaTAIQofFhXQPGfJCi87gKv8LuX4qKAB9IT2eOX++nk0ixBbez
5ncrNq2ZLbNpe5APThj6Ny7CrcQuCE3ThCELhAYFyNjKJlmIN1DsWmt6/mu0zmVs
UmTzgacDot63cYO6d1FXFts3cEKbKYjyJ62P5bsI5LB627ycSifqnCgiaMw+swYu
/Bl6H7wYFtqmPbghqkw9uy6uSrppQJzJwoAxQUNprHoo9qf9K5N3jnaZEezdOmxe
D7Xd87LIsg/xmU9D8j75Nj6+AJ6O8zSCSysex6bpMRc=
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:28 2024 by rpki-client on console-fra.rpki-client.org