Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mTDENZbaGWtUimG1l-dzlT-5HMI.roa
File: mTDENZbaGWtUimG1l-dzlT-5HMI.roa (raw, json)
Hash identifier: nqCJMu2Qyts29iuROZKfpgn4lNhfRGVJDxFTVEZ+0kk=
Subject key identifier: 99:30:C4:35:96:DA:19:6B:54:8A:61:B5:97:E7:73:95:3F:B9:1C:C2
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CF398B6B11A33492BBD3D6C90D242CB43
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mTDENZbaGWtUimG1l-dzlT-5HMI.roa
Signing time: Wed 10 Jan 2024 13:38:40 +0000
ROA not before: Wed 10 Jan 2024 13:38:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.208.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.254.0/23 maxlen: 24
89.40.76.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 14 Jan 2024 06:55:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f3:98:b6:b1:1a:33:49:2b:bd:3d:6c:90:d2:42:cb:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 10 13:38:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9930c43596da196b548a61b597e773953fb91cc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:be:ca:b1:fb:d7:4a:08:21:14:30:0b:af:3d:
d3:3e:03:f4:30:72:7a:fe:10:53:e6:91:43:09:d6:
b3:aa:ff:5a:f4:9d:c4:c3:66:b5:16:5f:6f:f3:f6:
07:b6:9c:d1:2f:41:d0:df:88:80:f9:cd:d1:97:f6:
52:9b:37:de:51:4d:34:35:b4:78:27:ea:6e:b8:83:
fc:91:05:fc:8b:0b:83:0c:68:8d:51:5d:49:b0:c2:
4a:33:e2:5e:41:4e:b9:6d:1e:c1:70:54:a0:cb:bd:
24:9b:37:99:ac:e1:ee:12:72:c4:79:9c:ac:65:33:
4f:70:43:fd:c3:c0:f7:a0:46:ba:f0:35:e9:2b:69:
06:2d:f7:d2:89:44:0a:17:9a:3a:03:be:d1:41:a9:
9b:5f:4b:0f:c5:9a:ea:b2:1c:c5:91:90:1d:3e:43:
68:67:ea:f3:f4:53:96:a0:87:7c:0f:cd:1a:34:be:
dd:ac:3c:c6:b6:15:a8:f0:53:0e:ea:56:b5:e1:86:
4a:40:c9:d0:14:83:0c:53:84:bf:86:d0:1c:95:e0:
c0:37:85:9b:4d:ca:a5:99:b0:b3:cd:61:dc:27:06:
69:b1:5b:40:90:55:ee:e9:82:cb:68:85:95:f8:f7:
25:62:60:2b:bd:44:6d:e6:e5:3d:ed:ac:fd:b3:62:
22:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:30:C4:35:96:DA:19:6B:54:8A:61:B5:97:E7:73:95:3F:B9:1C:C2
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mTDENZbaGWtUimG1l-dzlT-5HMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
87.247.148.0/22
89.33.84.0/23
89.35.154.0/24
89.37.62.0/23
89.40.76.0/24
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.168.0/22
188.212.133.0/24
188.212.158.0/23
188.214.208.0/23
188.240.224.0/23
188.240.227.0/24
188.241.110.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
14:68:d1:3b:6a:fe:d5:54:54:e2:f4:cf:a9:1b:b6:c0:e5:ac:
3d:56:a2:cd:32:ea:d5:63:c8:9d:5f:92:a8:93:48:f6:9d:ce:
0e:b5:56:7c:81:95:de:57:57:f4:e0:0d:36:ff:87:35:4f:94:
08:43:03:02:c0:15:b3:13:43:ef:77:8a:61:78:88:f0:c8:6e:
54:d8:1b:e3:8a:32:bd:57:e6:25:c7:34:90:54:fc:2f:a2:0f:
78:7b:8a:46:dc:85:fb:0b:52:ff:5f:ec:90:46:2e:ae:d4:96:
c0:fc:4c:99:29:28:c8:1d:e0:b0:a8:cd:54:d9:a8:32:af:22:
7a:84:6a:1d:a9:69:74:90:b0:19:4b:5e:f5:c3:03:b3:ec:d1:
b3:c6:66:a9:2b:94:a0:be:29:5d:cd:c6:18:ce:d5:a9:ce:f1:
de:8c:f4:f5:5f:63:ea:18:64:34:25:fd:4f:e4:ff:9e:6a:94:
5a:e3:39:11:44:fe:ef:16:82:1a:4e:d1:ca:af:9c:8e:8f:80:
53:fc:be:0d:88:c3:56:17:d7:87:12:9f:2e:ae:41:d0:5c:c8:
08:67:18:e9:13:9b:22:3d:ed:ea:31:34:c3:d7:fc:85:e3:43:
ba:7c:29:70:20:de:16:10:a3:cc:cc:fb:5b:e6:f8:c2:47:64:
64:73:56:1b
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAYzzmLaxGjNJK709bJDSQstDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTEwMTMzODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTMwYzQzNTk2ZGExOTZiNTQ4YTYxYjU5N2U3NzM5NTNmYjkxY2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgL7KsfvXSgghFDALrz3TPgP0MHJ6
/hBT5pFDCdazqv9a9J3Ew2a1Fl9v8/YHtpzRL0HQ34iA+c3Rl/ZSmzfeUU00NbR4
J+puuIP8kQX8iwuDDGiNUV1JsMJKM+JeQU65bR7BcFSgy70kmzeZrOHuEnLEeZys
ZTNPcEP9w8D3oEa68DXpK2kGLffSiUQKF5o6A77RQambX0sPxZrqshzFkZAdPkNo
Z+rz9FOWoId8D80aNL7drDzGthWo8FMO6la14YZKQMnQFIMMU4S/htAcleDAN4Wb
TcqlmbCzzWHcJwZpsVtAkFXu6YLLaIWV+PclYmArvURt5uU97az9s2IiyQIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFJkwxDWW2hlrVIphtZfnc5U/uRzCMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbVRERU5aYmFHV3RVaW1HMWwtZHpsVC01SE1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBAIt
krgDBAAtnJ0DBAJX95QDBAFZIVQDBABZI5oDBAFZJT4DBABZKEwDBAJbvMwDBAFd
c/4DBAG5h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAK5/6gDBAC81IUDBAG8
1J4DBAG81tADBAG88OADBAC88OMDBAC88W4DBAC88fMDBAHBF4ADBALV6FwwDQYJ
KoZIhvcNAQELBQADggEBABRo0Ttq/tVUVOL0z6kbtsDlrD1Wos0y6tVjyJ1fkqiT
SPadzg61VnyBld5XV/TgDTb/hzVPlAhDAwLAFbMTQ+93imF4iPDIblTYG+OKMr1X
5iXHNJBU/C+iD3h7ikbchfsLUv9f7JBGLq7UlsD8TJkpKMgd4LCozVTZqDKvInqE
ah2paXSQsBlLXvXDA7Ps0bPGZqkrlKC+KV3NxhjO1anO8d6M9PVfY+oYZDQl/U/k
/55qlFrjORFE/u8WghpO0cqvnI6PgFP8vg2Iw1YX14cSny6uQdBcyAhnGOkTmyI9
7eoxNMPX/IXjQ7p8KXAg3hYQo8zM+1vm+MJHZGRzVhs=
Generated at Sun Jan 14 07:48:29 2024 by rpki-client on console-ams.rpki-client.org