Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/m9tqFOx1GcJPPdAHxUyxCNO5RnM.roa
File: m9tqFOx1GcJPPdAHxUyxCNO5RnM.roa (raw, json)
Hash identifier: 3x/XC8CS02THyGSFTOWiAsH3+C1XiRcpSUXvg3qAXPc=
Subject key identifier: 9B:DB:6A:14:EC:75:19:C2:4F:3D:D0:07:C5:4C:B1:08:D3:B9:46:73
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187E03ACFA3FD1BC50B01AFD0E549081FFF
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/m9tqFOx1GcJPPdAHxUyxCNO5RnM.roa
Signing time: Wed 03 May 2023 06:09:23 +0000
ROA not before: Wed 03 May 2023 06:09:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206092
IP address blocks: 203.26.81.0/24 maxlen: 24
185.192.71.0/24 maxlen: 24
188.212.135.0/24 maxlen: 24
89.38.70.0/24 maxlen: 24
45.67.96.0/24 maxlen: 24
193.19.109.0/24 maxlen: 24
45.135.186.0/24 maxlen: 24
203.159.81.0/24 maxlen: 24
45.135.187.0/24 maxlen: 24
45.130.83.0/24 maxlen: 24
45.130.81.0/24 maxlen: 24
45.130.80.0/24 maxlen: 24
45.140.135.0/24 maxlen: 24
89.47.15.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e0:3a:cf:a3:fd:1b:c5:0b:01:af:d0:e5:49:08:1f:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 3 06:09:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9bdb6a14ec7519c24f3dd007c54cb108d3b94673
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a8:6e:1d:f7:4c:64:e5:a6:86:e0:23:d9:70:
fa:cb:86:bc:2b:c3:c0:d1:f9:63:b0:3d:ac:11:79:
1a:e1:4e:75:ae:45:ed:24:8b:cc:cb:f5:ba:4a:93:
aa:30:6d:f3:76:74:7e:4b:8c:3f:f5:77:de:e5:3a:
13:33:e1:3a:48:5f:dd:0f:bd:a2:38:13:9d:2f:22:
d3:44:77:87:b3:51:b1:f3:e0:7c:c5:9d:de:42:da:
82:d1:3b:99:79:a6:07:1f:8a:35:3c:5c:1d:af:c4:
65:69:29:5e:e2:9d:24:61:d3:3d:bc:e5:7d:40:70:
81:d1:b1:43:79:52:0d:5e:55:8a:5d:e1:d1:96:b2:
8c:c6:99:5d:de:5a:0b:4b:d2:9d:e5:3a:e4:86:0a:
3c:3c:a1:fd:a9:b4:15:65:c2:e0:3b:d8:e8:50:be:
17:4b:cf:ef:dd:6f:e5:27:6e:6b:29:f9:d1:15:9f:
ac:21:75:0e:d0:31:d9:f7:c7:72:8d:6c:88:54:d0:
10:2c:2c:cb:b1:2e:aa:42:38:5a:50:d3:ff:22:d4:
63:85:0b:a4:de:75:fe:03:18:f4:57:a8:41:24:a4:
05:b7:6a:fc:04:65:a2:6c:d9:04:52:1c:1d:f0:75:
2c:bd:d0:64:75:a9:dd:72:7a:60:9a:1f:b6:f5:66:
7f:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:DB:6A:14:EC:75:19:C2:4F:3D:D0:07:C5:4C:B1:08:D3:B9:46:73
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/m9tqFOx1GcJPPdAHxUyxCNO5RnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.96.0/24
45.130.80.0/23
45.130.83.0/24
45.135.186.0/23
45.140.135.0/24
89.38.70.0/24
89.47.15.0/24
185.192.71.0/24
188.212.135.0/24
193.19.109.0/24
203.26.81.0/24
203.159.81.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:ff:19:41:bb:99:e1:6d:79:af:7e:1e:32:58:4d:fc:ef:f0:
0c:01:d4:04:84:65:aa:3f:19:31:af:ad:c3:d8:8a:9d:fd:fa:
3d:81:8f:c7:79:39:70:f5:fb:da:b1:4a:8a:5d:b6:c9:0a:1a:
aa:81:87:31:4c:3c:6b:88:f6:9e:ce:00:83:d1:9d:d7:ad:b3:
30:8a:01:00:59:66:87:87:22:77:e9:f1:8e:27:e1:9e:6b:56:
01:da:a2:f7:4e:fa:bf:32:ab:65:e0:34:a5:bc:28:ee:f5:c3:
99:ec:ed:ac:91:8e:14:b9:9a:8e:d3:ed:31:3d:65:9c:b7:dc:
1f:1b:3c:dc:26:5d:c6:e1:a0:8f:1b:4f:8c:3b:1f:c1:53:bf:
9c:38:dd:1d:d3:58:42:f4:3e:7c:6c:3e:3f:3a:77:cd:d0:ed:
e8:80:32:98:65:71:5d:5d:9c:e6:36:82:04:7b:6a:65:0c:38:
8c:d7:a5:82:98:36:8a:79:e1:5d:6f:a1:3e:be:41:6e:19:66:
54:1e:0a:33:01:18:85:51:bf:00:60:b9:fd:80:17:ce:2d:46:
f0:f9:4c:eb:2d:37:90:b6:fc:d3:f3:0d:8f:cd:ce:9d:c3:01:
5a:3f:a7:b8:16:db:9e:3d:08:59:93:91:42:d4:f7:fa:ed:10:
7b:14:16:9d
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYfgOs+j/RvFCwGv0OVJCB//MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTAzMDYwOTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmRiNmExNGVjNzUxOWMyNGYzZGQwMDdjNTRjYjEwOGQzYjk0NjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKhuHfdMZOWmhuAj2XD6y4a8K8PA
0fljsD2sEXka4U51rkXtJIvMy/W6SpOqMG3zdnR+S4w/9Xfe5ToTM+E6SF/dD72i
OBOdLyLTRHeHs1Gx8+B8xZ3eQtqC0TuZeaYHH4o1PFwdr8RlaSle4p0kYdM9vOV9
QHCB0bFDeVINXlWKXeHRlrKMxpld3loLS9Kd5Trkhgo8PKH9qbQVZcLgO9joUL4X
S8/v3W/lJ25rKfnRFZ+sIXUO0DHZ98dyjWyIVNAQLCzLsS6qQjhaUNP/ItRjhQuk
3nX+Axj0V6hBJKQFt2r8BGWibNkEUhwd8HUsvdBkdandcnpgmh+29WZ/mwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFJvbahTsdRnCTz3QB8VMsQjTuUZzMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbTl0cUZPeDFHY0pQUGRBSHhVeXhDTk81Um5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALUNgAwQB
LYJQAwQALYJTAwQBLYe6AwQALYyHAwQAWSZGAwQAWS8PAwQAucBHAwQAvNSHAwQA
wRNtAwQAyxpRAwQAy59RMA0GCSqGSIb3DQEBCwUAA4IBAQBc/xlBu5nhbXmvfh4y
WE387/AMAdQEhGWqPxkxr63D2Iqd/fo9gY/HeTlw9fvasUqKXbbJChqqgYcxTDxr
iPaezgCD0Z3XrbMwigEAWWaHhyJ36fGOJ+Gea1YB2qL3Tvq/Mqtl4DSlvCju9cOZ
7O2skY4UuZqO0+0xPWWct9wfGzzcJl3G4aCPG0+MOx/BU7+cON0d01hC9D58bD4/
OnfN0O3ogDKYZXFdXZzmNoIEe2plDDiM16WCmDaKeeFdb6E+vkFuGWZUHgozARiF
Ub8AYLn9gBfOLUbw+UzrLTeQtvzT8w2Pzc6dwwFaP6e4FtuePQhZk5FC1Pf67RB7
FBad
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:28 2024 by rpki-client on console-fra.rpki-client.org