Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qiTe4w64iJBaacAdnQynYY54OIw.roa
File: qiTe4w64iJBaacAdnQynYY54OIw.roa (raw, json)
Hash identifier: yPDNol9GQ66dFpEGpYvOn2C2tLVjtAIz1ivP9eWpDV0=
Subject key identifier: AA:24:DE:E3:0E:B8:88:90:5A:69:C0:1D:9D:0C:A7:61:8E:78:38:8C
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B539109FBC3582D642089A6F01DB190C4
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qiTe4w64iJBaacAdnQynYY54OIw.roa
Signing time: Sat 21 Oct 2023 18:48:16 +0000
ROA not before: Sat 21 Oct 2023 18:48:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:53:91:09:fb:c3:58:2d:64:20:89:a6:f0:1d:b1:90:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 21 18:48:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa24dee30eb888905a69c01d9d0ca7618e78388c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e6:5b:19:87:f3:30:76:62:4d:ce:0c:fa:dd:
53:3c:cb:f6:a3:f9:4c:08:0e:23:1b:15:d2:8c:b2:
5c:04:3e:ff:f0:99:0d:b6:73:fd:84:a7:13:b9:11:
0c:f8:2c:75:eb:39:84:ce:9d:f9:9a:a8:f9:7f:66:
1e:40:8e:32:bc:ca:e3:85:d6:b1:33:2f:7c:0d:e7:
f2:5f:25:58:66:05:be:d2:a7:25:68:93:ee:3a:9c:
e0:ad:67:aa:87:7e:d4:34:6a:41:df:dd:16:69:c8:
f2:1f:d8:14:7d:d1:16:17:1a:4f:69:06:38:a6:e3:
b3:9c:a6:12:ac:f8:cf:7a:ed:86:24:dd:01:a2:a2:
b8:6b:c3:f4:f7:3f:22:db:67:5a:29:4b:ed:f7:b3:
77:88:ad:a8:6e:c2:29:fc:5c:3f:47:44:0b:cd:f5:
75:b5:fa:dc:42:a1:3e:40:e6:72:7f:b4:a8:d5:dd:
97:28:c2:17:70:28:1c:ea:22:80:b1:36:29:0f:9f:
f9:93:19:c4:2b:25:ff:18:2f:2b:86:f8:e4:1c:d0:
7f:c6:68:6e:ea:98:30:d5:d4:f7:5e:38:38:79:60:
8f:ad:6d:83:a9:4e:49:15:0f:8f:48:d9:93:20:bd:
17:6e:d2:1e:4b:91:18:e8:2d:e5:25:be:e1:cd:eb:
5d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:24:DE:E3:0E:B8:88:90:5A:69:C0:1D:9D:0C:A7:61:8E:78:38:8C
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qiTe4w64iJBaacAdnQynYY54OIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
87.247.148.0/22
89.33.85.0/24
89.35.154.0/24
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.168.0/22
188.212.133.0/24
188.212.155.0/24
188.212.159.0/24
188.213.202.0/23
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
47:2e:9d:45:20:51:06:ab:47:e8:13:83:c0:db:d2:34:32:6a:
63:2c:fc:7f:26:a7:a5:f5:b7:f8:9b:65:0e:90:f0:ce:92:70:
34:f1:55:14:3b:01:3c:e8:dd:64:2f:8c:17:a3:14:6a:c4:d5:
db:e4:5e:07:53:21:76:69:67:18:1c:6c:9c:f9:75:27:66:8a:
38:84:89:8f:24:99:54:29:ae:b2:00:6b:26:8e:94:9a:73:2b:
99:d0:46:42:92:a0:1a:1a:dd:7a:b7:07:57:fa:8a:af:99:ba:
ab:b2:b7:59:27:07:1b:b1:f6:14:a4:d0:91:0f:73:79:24:53:
d3:de:b2:af:08:e7:38:1c:6f:05:9e:28:5a:e8:bf:ed:7c:7a:
34:9a:59:1b:69:5c:61:ef:5a:a3:47:2f:0a:21:57:6e:59:74:
e4:ac:24:de:9a:dc:c5:e1:73:d7:00:cd:11:ae:8a:dd:af:5c:
49:90:30:18:93:4d:af:6b:89:76:a8:3e:ea:4a:fd:f1:c4:e7:
14:33:10:b8:c9:fd:25:5c:c3:f1:a5:25:22:74:d6:8e:8f:bb:
37:ac:66:3a:41:76:e1:92:70:81:7e:0f:6c:e8:74:4e:d3:e1:
a4:cd:17:99:96:60:08:1e:bf:2b:10:c8:32:92:d7:f8:54:be:
ed:a3:2c:93
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAYtTkQn7w1gtZCCJpvAdsZDEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDIxMTg0ODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTI0ZGVlMzBlYjg4ODkwNWE2OWMwMWQ5ZDBjYTc2MThlNzgzODhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOZbGYfzMHZiTc4M+t1TPMv2o/lM
CA4jGxXSjLJcBD7/8JkNtnP9hKcTuREM+Cx16zmEzp35mqj5f2YeQI4yvMrjhdax
My98DefyXyVYZgW+0qclaJPuOpzgrWeqh37UNGpB390WacjyH9gUfdEWFxpPaQY4
puOznKYSrPjPeu2GJN0BoqK4a8P09z8i22daKUvt97N3iK2obsIp/Fw/R0QLzfV1
tfrcQqE+QOZyf7So1d2XKMIXcCgc6iKAsTYpD5/5kxnEKyX/GC8rhvjkHNB/xmhu
6pgw1dT3Xjg4eWCPrW2DqU5JFQ+PSNmTIL0XbtIeS5EY6C3lJb7hzetddwIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFKok3uMOuIiQWmnAHZ0Mp2GOeDiMMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvcWlUZTR3NjRpSkJhYWNBZG5ReW5ZWTU0T0l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBAIt
krgDBAAtnJ0DBAJX95QDBABZIVUDBABZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAG5
h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAK5/6gDBAC81IUDBAC81JsDBAC8
1J8DBAG81coDBAC81tEDBAG88OADBAC88OMDBAC88fMDBAHBF4ADBALV6FwwDQYJ
KoZIhvcNAQELBQADggEBAEcunUUgUQarR+gTg8Db0jQyamMs/H8mp6X1t/ibZQ6Q
8M6ScDTxVRQ7ATzo3WQvjBejFGrE1dvkXgdTIXZpZxgcbJz5dSdmijiEiY8kmVQp
rrIAayaOlJpzK5nQRkKSoBoa3Xq3B1f6iq+Zuquyt1knBxux9hSk0JEPc3kkU9Pe
sq8I5zgcbwWeKFrov+18ejSaWRtpXGHvWqNHLwohV25ZdOSsJN6a3MXhc9cAzRGu
it2vXEmQMBiTTa9riXaoPupK/fHE5xQzELjJ/SVcw/GlJSJ01o6PuzesZjpBduGS
cIF+D2zodE7T4aTNF5mWYAgevysQyDKS1/hUvu2jLJM=
-----END CERTIFICATE-----
Generated at Mon Oct 23 18:30:14 2023 by rpki-client on console-fra.rpki-client.org