Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/n8ow6fbQvMowL96Hl7Bg6e6wCLQ.roa
File: n8ow6fbQvMowL96Hl7Bg6e6wCLQ.roa (raw, json)
Hash identifier: GquS+fDvsL9FZaBTwGSVuy+TVScMAEeCd9sru1DXykQ=
Subject key identifier: 9F:CA:30:E9:F6:D0:BC:CA:30:2F:DE:87:97:B0:60:E9:EE:B0:08:B4
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018746AE36C13C69B90276CC1A316532E780
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/n8ow6fbQvMowL96Hl7Bg6e6wCLQ.roa
Signing time: Mon 03 Apr 2023 10:33:54 +0000
ROA not before: Mon 03 Apr 2023 10:33:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3507
IP address blocks: 93.114.192.0/24 maxlen: 24
193.23.130.0/24 maxlen: 24
45.156.158.0/24 maxlen: 24
89.34.127.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
93.115.109.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
188.241.214.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:46:ae:36:c1:3c:69:b9:02:76:cc:1a:31:65:32:e7:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 3 10:33:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9fca30e9f6d0bcca302fde8797b060e9eeb008b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4f:15:fb:3a:f6:e2:90:c7:f1:0e:b6:8f:b1:
e5:1b:e4:9f:44:ae:a5:5e:2c:06:03:7f:1f:41:a2:
bd:ed:4d:9b:df:a2:9c:df:3d:48:a2:47:8b:6f:b6:
9a:ea:67:70:69:9d:a1:39:06:63:e9:e5:6a:3d:8c:
cf:25:28:b7:d6:29:e8:c3:df:54:8e:95:21:32:0e:
20:9e:0a:dc:35:e2:c7:f8:98:30:9d:f7:b8:3c:0d:
9a:4d:db:0c:29:d4:2a:c1:19:f1:60:9c:b7:46:a8:
31:a4:bc:19:c3:ab:d4:bb:ed:59:99:8e:f8:64:ca:
ca:c8:fb:c2:39:5b:e2:bf:dc:2b:ef:b7:52:51:cd:
48:b8:ec:00:fe:e8:c7:1c:38:37:33:05:26:9e:20:
9e:15:55:3b:22:9b:f1:d3:d5:76:8e:24:a9:3d:6d:
74:7c:d7:b5:50:3d:64:15:7d:9a:c8:56:b5:11:56:
3c:52:65:63:8e:ad:00:a5:9f:ad:3e:13:d4:15:0d:
c4:2d:72:12:13:32:49:d6:0f:ef:f1:87:a4:26:cc:
8b:2c:e3:07:de:90:d1:f1:b5:9d:39:1c:03:ec:74:
52:10:b0:fc:d9:6c:06:ac:cc:d3:85:ea:0c:6f:d3:
46:e6:79:90:8e:b6:52:56:8d:70:03:ec:67:6f:ca:
01:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:CA:30:E9:F6:D0:BC:CA:30:2F:DE:87:97:B0:60:E9:EE:B0:08:B4
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/n8ow6fbQvMowL96Hl7Bg6e6wCLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.158.0/24
89.33.84.0/24
89.34.127.0/24
89.37.62.0/24
93.114.192.0/24
93.115.109.0/24
188.240.232.0/24
188.241.110.0/24
188.241.214.0/24
193.23.130.0/24
Signature Algorithm: sha256WithRSAEncryption
13:c8:1d:26:89:ed:68:b9:9f:57:f6:f7:8d:d4:80:7c:d7:0f:
e7:be:31:48:62:fe:32:e0:ab:ce:03:53:eb:47:87:9a:dc:bf:
e1:ce:25:a0:58:3d:85:1e:06:f2:6d:e9:0e:0d:4f:fe:14:f4:
73:1f:31:38:d8:86:41:b9:11:80:1d:65:49:4d:1b:d3:91:b1:
4c:17:66:20:19:15:2a:ee:96:8e:3c:a6:44:95:27:07:9a:f9:
29:30:e8:c0:b7:9b:c8:f8:8e:ff:3d:02:29:e9:31:40:bc:1b:
3f:e7:63:33:fa:bc:df:08:48:f5:e2:8f:a8:4c:b2:03:d2:1e:
8a:23:36:74:27:86:d9:d4:69:35:2a:36:13:2d:14:42:6a:6d:
82:e5:16:00:74:05:d4:83:12:fe:24:a7:6c:e4:3e:5d:2a:e8:
3e:3b:f0:38:af:e5:f9:15:f0:f5:58:ae:80:21:64:f2:37:d6:
bf:cf:4f:a2:aa:3a:bd:27:e6:55:b6:7d:90:04:f9:7a:09:18:
cf:9f:2a:c6:70:b5:6d:61:db:48:c6:62:99:15:a4:cd:28:cb:
d0:f4:70:be:f6:2d:48:7a:65:45:9d:ae:da:82:2e:83:00:96:
a8:00:45:45:28:51:66:2e:06:33:ba:df:21:a6:8d:cf:cc:78:
9b:cb:98:2a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYdGrjbBPGm5AnbMGjFlMueAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDAzMTAzMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmNhMzBlOWY2ZDBiY2NhMzAyZmRlODc5N2IwNjBlOWVlYjAwOGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqE8V+zr24pDH8Q62j7HlG+SfRK6l
XiwGA38fQaK97U2b36Kc3z1IokeLb7aa6mdwaZ2hOQZj6eVqPYzPJSi31inow99U
jpUhMg4gngrcNeLH+Jgwnfe4PA2aTdsMKdQqwRnxYJy3RqgxpLwZw6vUu+1ZmY74
ZMrKyPvCOVviv9wr77dSUc1IuOwA/ujHHDg3MwUmniCeFVU7Ipvx09V2jiSpPW10
fNe1UD1kFX2ayFa1EVY8UmVjjq0ApZ+tPhPUFQ3ELXISEzJJ1g/v8YekJsyLLOMH
3pDR8bWdORwD7HRSELD82WwGrMzTheoMb9NG5nmQjrZSVo1wA+xnb8oB0QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFJ/KMOn20LzKMC/eh5ewYOnusAi0MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbjhvdzZmYlF2TW93TDk2SGw3Qmc2ZTZ3Q0xRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALZyeAwQA
WSFUAwQAWSJ/AwQAWSU+AwQAXXLAAwQAXXNtAwQAvPDoAwQAvPFuAwQAvPHWAwQA
wReCMA0GCSqGSIb3DQEBCwUAA4IBAQATyB0mie1ouZ9X9veN1IB81w/nvjFIYv4y
4KvOA1PrR4ea3L/hziWgWD2FHgbybekODU/+FPRzHzE42IZBuRGAHWVJTRvTkbFM
F2YgGRUq7paOPKZElScHmvkpMOjAt5vI+I7/PQIp6TFAvBs/52Mz+rzfCEj14o+o
TLID0h6KIzZ0J4bZ1Gk1KjYTLRRCam2C5RYAdAXUgxL+JKds5D5dKug+O/A4r+X5
FfD1WK6AIWTyN9a/z0+iqjq9J+ZVtn2QBPl6CRjPnyrGcLVtYdtIxmKZFaTNKMvQ
9HC+9i1IemVFna7agi6DAJaoAEVFKFFmLgYzut8hpo3PzHiby5gq
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:03 2023 by rpki-client on console-fra.rpki-client.org