Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/nTxEpKrEiCcxWws2lk-wQu6Vp0Q.roa
File: nTxEpKrEiCcxWws2lk-wQu6Vp0Q.roa (raw, json)
Hash identifier: RF8ZjguojnWNH2v5KJEQHq8xg+XOWnWbmEiBHwN8fyA=
Subject key identifier: 9D:3C:44:A4:AA:C4:88:27:31:5B:0B:36:96:4F:B0:42:EE:95:A7:44
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018C1ED6C86B19A7DA5B55C33A2B960C1A9C
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/nTxEpKrEiCcxWws2lk-wQu6Vp0Q.roa
Signing time: Thu 30 Nov 2023 06:07:21 +0000
ROA not before: Thu 30 Nov 2023 06:07:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.208.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.254.0/23 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1e:d6:c8:6b:19:a7:da:5b:55:c3:3a:2b:96:0c:1a:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 30 06:07:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d3c44a4aac48827315b0b36964fb042ee95a744
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:87:a6:c0:05:1f:e5:38:f9:bd:5b:8c:c3:7e:
0e:7e:c7:6b:c2:3c:c8:f6:73:ab:34:3f:9b:35:0e:
c4:94:af:c5:ea:36:41:09:ff:7e:83:43:fa:a5:e4:
1b:ec:04:bf:a6:cb:92:00:2c:bd:e8:95:66:69:48:
eb:3e:20:3b:b7:d9:d3:e3:47:d6:a2:56:50:77:f2:
a3:3c:1f:78:37:d8:ef:a8:71:56:b5:ff:49:a0:01:
88:07:e9:51:ff:fe:d2:48:e3:f4:1f:5c:00:c2:4e:
f9:0c:ee:22:c3:6b:97:ef:e0:0d:2a:4a:94:ec:71:
06:02:c1:43:e2:27:8f:4c:92:39:85:39:71:a3:e2:
eb:7e:5c:80:ab:50:08:52:b9:c2:c7:c1:1e:2d:6f:
21:37:ed:38:71:26:be:c1:da:e6:58:ab:49:76:fa:
28:00:ba:0e:5e:0b:50:35:ed:d6:6b:97:f8:72:97:
8d:59:a6:5c:58:b2:6e:11:e5:fa:60:a0:e0:e5:2e:
a8:b2:2f:ec:d6:b8:62:20:1c:76:f3:a2:0d:c3:b8:
b4:02:c2:20:7d:b2:47:35:4d:6f:f4:b1:e5:7c:6a:
18:5a:75:8d:2a:40:99:90:a2:f2:57:f8:cf:31:b2:
9f:4a:7a:d7:34:c5:4e:29:fe:27:f9:d8:33:3b:3d:
83:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:3C:44:A4:AA:C4:88:27:31:5B:0B:36:96:4F:B0:42:EE:95:A7:44
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/nTxEpKrEiCcxWws2lk-wQu6Vp0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
87.247.148.0/22
89.33.84.0/23
89.35.154.0/24
89.37.62.0/23
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.168.0/22
188.212.132.0/23
188.212.158.0/23
188.214.208.0/23
188.240.224.0/23
188.240.227.0/24
188.241.110.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:5e:2e:e4:de:c2:70:eb:69:8d:8d:1c:50:64:2a:01:d6:fd:
6b:04:d0:6a:49:43:7b:b7:85:14:c9:80:e3:c3:21:9a:ed:03:
4c:5c:be:8a:89:73:dc:80:3d:48:91:ff:88:3f:92:76:42:0f:
c9:ad:50:b2:e1:41:e4:63:04:f2:fb:dc:14:d8:48:2d:d6:13:
dd:76:f7:7f:55:e8:ef:79:94:45:8d:24:76:33:d8:2f:29:50:
0a:a4:dc:d7:1b:72:5a:d6:98:15:35:e3:39:d3:10:cb:30:6a:
dc:de:5a:8f:25:64:6b:b8:e0:5a:c4:a8:dd:b0:51:54:5b:62:
be:6b:99:a6:06:7f:88:4e:80:7d:c8:a1:32:ac:e3:56:53:6f:
97:5e:bf:12:5b:65:54:14:07:28:11:ca:ac:f2:41:38:5a:5f:
04:1c:66:c9:d4:e1:88:c2:54:ea:19:ec:9b:86:43:ed:3b:db:
77:76:eb:0d:d4:f2:ce:f3:d0:78:2f:7e:9f:fb:11:c9:05:14:
bf:f6:b0:7c:b2:7f:43:c9:55:d8:a6:b1:04:1c:f3:52:20:f0:
0d:35:9a:2c:3e:78:ba:27:e3:e7:47:61:dd:49:18:d3:e1:fd:
59:93:7a:93:69:ae:5c:77:4b:76:7f:fa:0e:ec:3c:8a:1e:8c:
38:49:99:e0
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYwe1shrGafaW1XDOiuWDBqcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTMwMDYwNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDNjNDRhNGFhYzQ4ODI3MzE1YjBiMzY5NjRmYjA0MmVlOTVhNzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYemwAUf5Tj5vVuMw34OfsdrwjzI
9nOrND+bNQ7ElK/F6jZBCf9+g0P6peQb7AS/psuSACy96JVmaUjrPiA7t9nT40fW
olZQd/KjPB94N9jvqHFWtf9JoAGIB+lR//7SSOP0H1wAwk75DO4iw2uX7+ANKkqU
7HEGAsFD4iePTJI5hTlxo+LrflyAq1AIUrnCx8EeLW8hN+04cSa+wdrmWKtJdvoo
ALoOXgtQNe3Wa5f4cpeNWaZcWLJuEeX6YKDg5S6osi/s1rhiIBx286INw7i0AsIg
fbJHNU1v9LHlfGoYWnWNKkCZkKLyV/jPMbKfSnrXNMVOKf4n+dgzOz2DdwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFJ08RKSqxIgnMVsLNpZPsELuladEMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvblR4RXBLckVpQ2N4V3dzMmxrLXdRdTZWcDBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAIt
krgDBAAtnJ0DBAJX95QDBAFZIVQDBABZI5oDBAFZJT4DBAJbvMwDBAFdc/4DBAG5
h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAK5/6gDBAG81IQDBAG81J4DBAG8
1tADBAG88OADBAC88OMDBAC88W4DBAC88fMDBAHBF4ADBALV6FwwDQYJKoZIhvcN
AQELBQADggEBAH1eLuTewnDraY2NHFBkKgHW/WsE0GpJQ3u3hRTJgOPDIZrtA0xc
voqJc9yAPUiR/4g/knZCD8mtULLhQeRjBPL73BTYSC3WE912939V6O95lEWNJHYz
2C8pUAqk3NcbclrWmBU14znTEMswatzeWo8lZGu44FrEqN2wUVRbYr5rmaYGf4hO
gH3IoTKs41ZTb5devxJbZVQUBygRyqzyQThaXwQcZsnU4YjCVOoZ7JuGQ+0723d2
6w3U8s7z0Hgvfp/7EckFFL/2sHyyf0PJVdimsQQc81Ig8A01miw+eLon4+dHYd1J
GNPh/VmTepNprlx3S3Z/+g7sPIoejDhJmeA=
-----END CERTIFICATE-----
Generated at Tue Dec 12 15:05:03 2023 by rpki-client on console-fra.rpki-client.org