Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qOA1c03kXYDifmbuFcmKWj72EWo.roa
File: qOA1c03kXYDifmbuFcmKWj72EWo.roa (raw, json)
Hash identifier: pCYRke0qrod9SgHW9phYOZgmj7/H/2dCrr4osEB80PQ=
Subject key identifier: A8:E0:35:73:4D:E4:5D:80:E2:7E:66:EE:15:C9:8A:5A:3E:F6:11:6A
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01882EF8731F926D0ABCA912A4C05B2E1B60
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qOA1c03kXYDifmbuFcmKWj72EWo.roa
Signing time: Thu 18 May 2023 13:06:54 +0000
ROA not before: Thu 18 May 2023 13:06:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.212.132.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
188.240.230.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
185.241.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
91.188.204.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
45.156.157.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/24 maxlen: 24
185.103.72.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:2e:f8:73:1f:92:6d:0a:bc:a9:12:a4:c0:5b:2e:1b:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 18 13:06:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8e035734de45d80e27e66ee15c98a5a3ef6116a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:73:0d:96:d2:f9:bf:6d:a0:b0:32:63:cf:2b:
bb:55:04:e5:37:6b:a9:1b:f7:1a:43:b6:b0:85:ac:
5e:1f:86:8d:1a:80:02:4b:7e:2d:7c:33:d6:9b:e9:
ba:ec:f1:39:44:70:33:35:ad:d8:eb:31:44:f1:85:
61:d7:c0:e1:c8:6e:d6:b8:01:44:ed:53:c4:9e:b8:
47:81:f6:e5:5f:38:12:6d:d2:91:af:3f:7f:0b:b5:
68:18:a2:bf:07:8e:c9:6b:e1:3b:72:d5:0d:ac:e7:
a7:27:7d:68:e9:e6:d1:08:e4:d5:fc:3f:35:bc:f6:
49:07:9f:9c:7b:53:2f:41:6a:d6:1a:90:54:11:e5:
b4:17:85:53:9d:ab:8e:60:a1:50:82:0c:a2:9b:2b:
7c:bb:e9:26:0a:38:24:e7:7c:59:69:1f:f4:ab:d4:
71:d5:bc:f3:c9:56:47:b3:b4:45:74:35:52:2d:1d:
78:32:e9:71:9f:1e:ef:a7:af:34:cd:f9:ed:37:44:
80:80:37:17:0b:25:19:cd:bb:32:1b:43:0d:0e:44:
5d:d8:39:05:c0:59:6a:c4:0e:01:56:11:8d:5f:f7:
58:31:bb:94:ec:6e:56:c3:11:19:1d:72:02:ca:f6:
e4:34:5e:46:62:7a:af:4d:b3:0d:bb:06:4e:68:ef:
e0:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:E0:35:73:4D:E4:5D:80:E2:7E:66:EE:15:C9:8A:5A:3E:F6:11:6A
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qOA1c03kXYDifmbuFcmKWj72EWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.157.0/24
87.247.148.0/24
89.37.63.0/24
91.188.204.0/24
93.115.254.0/23
185.103.72.0/24
185.135.143.0/24
185.238.10.0/24
185.241.209.0-185.241.211.255
185.255.169.0-185.255.170.255
188.212.132.0/23
188.212.158.0/24
188.213.203.0/24
188.240.230.0/24
188.240.232.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:d8:d7:e3:30:bd:04:61:2d:e8:40:1e:69:40:c8:01:2f:a9:
1f:b9:f2:f7:df:5e:53:c6:2b:84:79:d9:20:e1:98:6b:cb:1c:
a6:8d:cc:11:1e:01:cf:c6:47:55:46:de:4b:a1:d0:b6:e5:14:
14:21:ff:01:d7:31:96:7c:17:0d:a3:99:07:cd:38:c3:25:89:
da:e0:0c:d2:46:34:f8:76:1f:1e:bf:cd:b0:90:c6:05:83:c4:
82:74:e6:22:ea:2b:db:71:68:bb:09:61:4d:06:51:79:f1:4f:
7c:64:d0:91:cd:c7:f6:ff:53:b0:4f:fb:fe:8c:ed:b8:96:06:
e7:6b:25:e8:f0:d2:32:00:88:54:cc:55:a5:ae:e3:ff:15:a7:
cb:94:2e:ce:dc:20:0d:be:8f:bb:f6:91:87:7c:f8:3e:a1:4c:
68:48:5f:c3:12:19:64:9a:4d:cb:6f:7f:9f:39:c4:9f:34:8a:
6b:de:b1:20:df:5c:f2:37:cd:8f:56:d7:a0:4a:d2:ed:6e:06:
52:38:d9:d3:8e:f9:bb:55:94:b3:bb:3c:bf:dd:a4:85:4d:36:
d5:b5:d1:be:30:e2:1c:93:96:6e:b3:57:68:58:79:09:1b:0f:
a4:85:91:dd:80:2c:06:31:4e:b5:b1:11:db:83:7b:8d:5e:e4:
06:84:90:70
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYgu+HMfkm0KvKkSpMBbLhtgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTE4MTMwNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGUwMzU3MzRkZTQ1ZDgwZTI3ZTY2ZWUxNWM5OGE1YTNlZjYxMTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnMNltL5v22gsDJjzyu7VQTlN2up
G/caQ7awhaxeH4aNGoACS34tfDPWm+m67PE5RHAzNa3Y6zFE8YVh18DhyG7WuAFE
7VPEnrhHgfblXzgSbdKRrz9/C7VoGKK/B47Ja+E7ctUNrOenJ31o6ebRCOTV/D81
vPZJB5+ce1MvQWrWGpBUEeW0F4VTnauOYKFQggyimyt8u+kmCjgk53xZaR/0q9Rx
1bzzyVZHs7RFdDVSLR14Mulxnx7vp680zfntN0SAgDcXCyUZzbsyG0MNDkRd2DkF
wFlqxA4BVhGNX/dYMbuU7G5WwxEZHXICyvbkNF5GYnqvTbMNuwZOaO/gXwIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFKjgNXNN5F2A4n5m7hXJilo+9hFqMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvcU9BMWMwM2tYWURpZm1idUZjbUtXajcyRVdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAC2cnQME
AFf3lAMEAFklPwMEAFu8zAMEAV1z/gMEALlnSAMEALmHjwMEALnuCjAMAwQAufHR
AwQCufHQMAwDBAC5/6kDBAC5/6oDBAG81IQDBAC81J4DBAC81csDBAC88OYDBAC8
8OgwDQYJKoZIhvcNAQELBQADggEBAA3Y1+MwvQRhLehAHmlAyAEvqR+58vffXlPG
K4R52SDhmGvLHKaNzBEeAc/GR1VG3kuh0LblFBQh/wHXMZZ8Fw2jmQfNOMMlidrg
DNJGNPh2Hx6/zbCQxgWDxIJ05iLqK9txaLsJYU0GUXnxT3xk0JHNx/b/U7BP+/6M
7biWBudrJejw0jIAiFTMVaWu4/8Vp8uULs7cIA2+j7v2kYd8+D6hTGhIX8MSGWSa
Tctvf585xJ80imvesSDfXPI3zY9W16BK0u1uBlI42dOO+btVlLO7PL/dpIVNNtW1
0b4w4hyTlm6zV2hYeQkbD6SFkd2ALAYxTrWxEduDe41e5AaEkHA=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:03 2023 by rpki-client on console-fra.rpki-client.org