Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/p6rqGsIlFcPMd1jarvq7ifUbHO4.roa
File: p6rqGsIlFcPMd1jarvq7ifUbHO4.roa (raw, json)
Hash identifier: BR5bOjDTSoBMd1aGT8EHN/ShNRTUfwxY7ykGTDxgINg=
Subject key identifier: A7:AA:EA:1A:C2:25:15:C3:CC:77:58:DA:AE:FA:BB:89:F5:1B:1C:EE
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B1BBC6F247846F106EC4094AF5B330A7D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/p6rqGsIlFcPMd1jarvq7ifUbHO4.roa
Signing time: Tue 10 Oct 2023 22:36:55 +0000
ROA not before: Tue 10 Oct 2023 22:36:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.112.64.0/22 maxlen: 24
188.241.242.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1b:bc:6f:24:78:46:f1:06:ec:40:94:af:5b:33:0a:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 10 22:36:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7aaea1ac22515c3cc7758daaefabb89f51b1cee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d6:86:3c:41:65:30:0e:ba:5a:03:56:43:9d:
26:8c:6b:b1:10:12:0f:6e:6b:b2:c0:80:d4:06:2b:
78:95:9a:df:0c:f2:60:79:0c:70:91:10:94:00:f5:
e8:cc:09:8a:82:04:83:f7:5d:7e:1e:39:55:f3:36:
76:b3:a5:de:fc:1c:ef:75:d3:3f:99:9b:cb:f0:e0:
71:3b:68:df:01:33:a2:ec:00:76:a7:28:3f:a7:5b:
b9:6c:9d:e5:2e:65:95:29:bf:97:d7:96:be:9e:c1:
85:7b:10:3a:b5:6e:6d:48:62:51:b4:fa:3e:54:63:
94:c3:cf:b6:a1:b0:d0:73:1d:54:88:d6:57:bb:6b:
80:7f:64:1e:89:5c:01:d0:93:a5:52:cd:6d:bd:71:
6e:03:7a:08:f9:9a:1b:98:2f:f3:25:06:95:46:38:
0f:a2:ae:1c:36:1e:12:c6:69:18:88:02:61:60:04:
8a:0f:01:46:db:6a:45:63:9d:f8:81:f0:2b:b1:6b:
04:56:a2:da:6e:4a:e9:99:d5:c5:73:34:e8:b5:79:
40:ca:53:54:25:3c:67:73:e3:ea:6d:7d:8a:1f:77:
8a:28:2c:d4:1a:30:76:d6:bc:cd:ec:ba:27:00:c1:
e8:c4:fb:8e:1b:64:5c:85:86:b1:e4:89:9d:1e:10:
ce:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:AA:EA:1A:C2:25:15:C3:CC:77:58:DA:AE:FA:BB:89:F5:1B:1C:EE
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/p6rqGsIlFcPMd1jarvq7ifUbHO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
87.247.148.0/22
89.33.85.0/24
89.35.154.0/24
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.112.64.0/22
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.168.0/22
188.212.133.0/24
188.212.155.0/24
188.212.159.0/24
188.213.202.0/23
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.240.233.0/24
188.241.242.0/23
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:af:1d:2f:57:89:1f:da:0a:62:bd:95:11:d9:9a:3e:7c:cb:
8d:c2:9a:ce:28:0a:c7:f8:49:3e:d1:26:1e:fd:7b:a6:2f:c6:
8a:ec:5a:22:72:62:7c:03:1c:59:23:51:7a:e5:61:4b:fc:da:
d8:63:21:97:db:9d:ef:97:1a:e3:ef:29:5f:f5:cd:9f:41:87:
ee:e8:d9:99:0f:5d:13:68:5d:52:2f:05:bc:ac:2d:5a:73:78:
af:0c:63:82:45:70:b5:1a:8f:24:17:43:cd:9c:9c:66:4a:c2:
53:20:61:60:51:ec:ab:79:97:fb:6f:43:e8:c1:76:ca:52:ee:
8a:fc:e1:a3:55:0b:41:d2:b2:5c:88:8e:3a:37:f3:98:cd:9c:
8d:7f:ac:8b:20:e0:87:ed:9d:7c:11:77:2e:83:fd:84:10:d0:
91:2e:2f:43:34:a4:82:44:61:db:16:25:1c:94:96:39:75:a2:
b7:39:23:aa:13:cc:b2:62:3b:d6:27:5f:d6:a6:70:a3:a6:86:
68:c0:cd:df:15:fc:aa:7c:34:75:35:c7:43:f5:1a:71:00:a2:
ac:92:32:0d:43:e3:02:d7:59:8a:34:a3:d3:e9:b7:2f:f9:93:
c9:45:42:17:ee:2e:d1:01:e6:5e:b6:9a:aa:06:3f:46:2f:91:
9b:6d:6d:c6
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYsbvG8keEbxBuxAlK9bMwp9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDEwMjIzNjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2FhZWExYWMyMjUxNWMzY2M3NzU4ZGFhZWZhYmI4OWY1MWIxY2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNaGPEFlMA66WgNWQ50mjGuxEBIP
bmuywIDUBit4lZrfDPJgeQxwkRCUAPXozAmKggSD911+HjlV8zZ2s6Xe/BzvddM/
mZvL8OBxO2jfATOi7AB2pyg/p1u5bJ3lLmWVKb+X15a+nsGFexA6tW5tSGJRtPo+
VGOUw8+2obDQcx1UiNZXu2uAf2QeiVwB0JOlUs1tvXFuA3oI+ZobmC/zJQaVRjgP
oq4cNh4SxmkYiAJhYASKDwFG22pFY534gfArsWsEVqLabkrpmdXFczTotXlAylNU
JTxnc+PqbX2KH3eKKCzUGjB21rzN7LonAMHoxPuOG2RchYax5ImdHhDOgwIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFKeq6hrCJRXDzHdY2q76u4n1GxzuMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvcDZycUdzSWxGY1BNZDFqYXJ2cTdpZlViSE80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwDBAIt
krgDBAAtnJ0DBAJX95QDBABZIVUDBABZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAK5
cEADBAG5h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAK5/6gDBAC81IUDBAC8
1JsDBAC81J8DBAG81coDBAC81tEDBAG88OADBAC88OMDBAC88OkDBAG88fIDBAHB
F4ADBALV6FwwDQYJKoZIhvcNAQELBQADggEBAB+vHS9XiR/aCmK9lRHZmj58y43C
ms4oCsf4ST7RJh79e6YvxorsWiJyYnwDHFkjUXrlYUv82thjIZfbne+XGuPvKV/1
zZ9Bh+7o2ZkPXRNoXVIvBbysLVpzeK8MY4JFcLUajyQXQ82cnGZKwlMgYWBR7Kt5
l/tvQ+jBdspS7or84aNVC0HSslyIjjo385jNnI1/rIsg4IftnXwRdy6D/YQQ0JEu
L0M0pIJEYdsWJRyUljl1orc5I6oTzLJiO9YnX9amcKOmhmjAzd8V/Kp8NHU1x0P1
GnEAoqySMg1D4wLXWYo0o9Ppty/5k8lFQhfuLtEB5l62mqoGP0YvkZttbcY=
-----END CERTIFICATE-----
Generated at Sat Oct 14 11:15:51 2023 by rpki-client on console-ams.rpki-client.org