Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/pPjWl1Lc5rwjcyCnfJwPpsvBlxc.roa
File: pPjWl1Lc5rwjcyCnfJwPpsvBlxc.roa (raw, json)
Hash identifier: jU5GrqZMr7y9SzPmeKwfMIjWeALd2y4vuW87mDtxo+E=
Subject key identifier: A4:F8:D6:97:52:DC:E6:BC:23:73:20:A7:7C:9C:0F:A6:CB:C1:97:17
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018A4260AEB5682575E1288D5635C41A8739
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/pPjWl1Lc5rwjcyCnfJwPpsvBlxc.roa
Signing time: Tue 29 Aug 2023 17:39:07 +0000
ROA not before: Tue 29 Aug 2023 17:39:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
188.241.214.0/24 maxlen: 24
93.115.255.0/24 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
217.74.16.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
89.35.155.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:42:60:ae:b5:68:25:75:e1:28:8d:56:35:c4:1a:87:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 29 17:39:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4f8d69752dce6bc237320a77c9c0fa6cbc19717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d7:f5:b9:fd:e7:36:ee:88:cb:03:43:6c:b6:
9e:4d:b5:a6:ae:c0:9e:43:ba:5a:7d:7c:c6:cd:4a:
25:68:fe:14:81:45:3e:a5:9e:44:9f:b4:da:68:88:
da:6b:17:c7:24:95:33:93:69:81:ef:b8:54:79:c5:
9e:b7:74:fc:d1:4e:09:8e:58:38:9a:64:de:29:a5:
5c:93:a6:8f:5d:08:6a:01:2f:f2:81:74:0e:6d:ca:
df:e0:1f:87:7a:98:c0:f6:98:24:22:e8:ac:cf:ae:
7b:51:32:bc:51:9b:79:71:33:6a:2c:af:51:d6:1c:
4a:0e:81:dd:c2:73:7b:55:73:3f:3f:cf:fd:10:de:
22:a7:d1:26:85:a8:2b:72:6d:7a:22:20:5f:35:e0:
29:77:75:cb:8d:e5:73:62:c3:f5:4e:51:4b:4d:1c:
54:6c:c1:c0:be:6e:55:47:09:4e:41:d8:31:eb:28:
01:49:58:1a:a5:75:b8:22:81:c8:07:e8:30:56:6b:
df:9b:0a:85:4e:85:9e:33:0b:f0:fe:05:f5:ea:09:
4e:39:c3:ed:f0:aa:5a:c2:e3:e2:c5:91:5b:50:3b:
6c:32:b5:a3:bc:a8:10:43:c4:22:43:e8:a1:74:df:
97:7e:4d:e4:bd:9a:b5:63:c2:4d:02:30:5a:cd:f7:
e8:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:F8:D6:97:52:DC:E6:BC:23:73:20:A7:7C:9C:0F:A6:CB:C1:97:17
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/pPjWl1Lc5rwjcyCnfJwPpsvBlxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.157.0/24
87.247.148.0/22
89.33.84.0/23
89.35.154.0/23
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.169.0-185.255.171.255
188.212.132.0/23
188.212.155.0/24
188.212.158.0/24
188.213.202.0/23
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.240.233.0/24
188.241.110.0/24
188.241.214.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
217.74.16.0/24
Signature Algorithm: sha256WithRSAEncryption
40:3b:b8:3b:51:91:52:c9:99:d0:a2:86:2a:b9:f2:89:e2:0e:
e0:a3:b8:7b:2e:ad:cd:a8:b8:ba:fe:93:f3:f1:70:4f:79:7f:
86:37:77:57:74:1b:de:ab:53:c3:b8:96:80:bc:cb:b2:e8:e7:
76:3b:9b:fb:92:3f:a1:92:45:5f:3f:59:19:4c:4c:5f:2c:fd:
82:91:58:2f:13:88:c5:6b:6b:51:7d:10:66:58:30:73:19:12:
30:f1:c3:01:01:89:72:80:c2:1c:66:71:15:8a:36:43:00:90:
f3:b8:87:3f:00:b4:e7:ef:d5:f8:ed:a7:1a:bc:95:12:8c:58:
9f:a9:4e:2a:e0:cb:ae:c3:98:e9:6b:fe:b0:f8:b3:74:aa:a0:
e7:d9:27:2a:1f:a8:45:73:86:bd:aa:95:5a:01:5a:b9:3a:0e:
ec:e3:1e:e8:d0:5d:78:22:ea:97:df:92:52:46:98:6b:24:30:
a8:2f:50:ed:e6:12:07:d6:bf:a5:f7:b2:b6:9b:40:6d:35:c6:
bb:3a:b7:c8:13:59:f1:56:0d:ba:3d:7c:82:24:1c:d5:e5:21:
ed:cb:35:40:af:34:98:d8:7a:aa:f6:3f:ea:4c:84:11:da:85:
9d:ec:c5:ab:30:87:69:88:d4:46:10:67:a7:7e:30:79:2a:42:
83:6f:3c:10
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAYpCYK61aCV14SiNVjXEGoc5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwODI5MTczOTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGY4ZDY5NzUyZGNlNmJjMjM3MzIwYTc3YzljMGZhNmNiYzE5NzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdf1uf3nNu6IywNDbLaeTbWmrsCe
Q7pafXzGzUolaP4UgUU+pZ5En7TaaIjaaxfHJJUzk2mB77hUecWet3T80U4Jjlg4
mmTeKaVck6aPXQhqAS/ygXQObcrf4B+HepjA9pgkIuisz657UTK8UZt5cTNqLK9R
1hxKDoHdwnN7VXM/P8/9EN4ip9Emhagrcm16IiBfNeApd3XLjeVzYsP1TlFLTRxU
bMHAvm5VRwlOQdgx6ygBSVgapXW4IoHIB+gwVmvfmwqFToWeMwvw/gX16glOOcPt
8KpawuPixZFbUDtsMrWjvKgQQ8QiQ+ihdN+Xfk3kvZq1Y8JNAjBazffoQwIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFKT41pdS3Oa8I3Mgp3ycD6bLwZcXMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvcFBqV2wxTGM1cndqY3lDbmZKd1Bwc3ZCbHhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBsQQCAAEwgaoDBAAt
nJ0DBAJX95QDBAFZIVQDBAFZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAG5h4wDBAC5
h48DBAC57goDBAG58dIDBAC5/ycwDAMEALn/qQMEArn/qAMEAbzUhAMEALzUmwME
ALzUngMEAbzVygMEALzW0QMEAbzw4AMEALzw4wMEALzw6QMEALzxbgMEALzx1gME
ALzx8wMEAcEXgAMEAtXoXAMEANlKEDANBgkqhkiG9w0BAQsFAAOCAQEAQDu4O1GR
UsmZ0KKGKrnyieIO4KO4ey6tzai4uv6T8/FwT3l/hjd3V3Qb3qtTw7iWgLzLsujn
djub+5I/oZJFXz9ZGUxMXyz9gpFYLxOIxWtrUX0QZlgwcxkSMPHDAQGJcoDCHGZx
FYo2QwCQ87iHPwC05+/V+O2nGryVEoxYn6lOKuDLrsOY6Wv+sPizdKqg59knKh+o
RXOGvaqVWgFauToO7OMe6NBdeCLql9+SUkaYayQwqC9Q7eYSB9a/pfeytptAbTXG
uzq3yBNZ8VYNuj18giQc1eUh7cs1QK80mNh6qvY/6kyEEdqFnezFqzCHaYjURhBn
p34weSpCg288EA==
-----END CERTIFICATE-----
Generated at Wed Aug 30 18:59:24 2023 by rpki-client on console-ams.rpki-client.org