Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/r0OiaIVZIOdaJwsaJMEWUsmi8fI.roa
File: r0OiaIVZIOdaJwsaJMEWUsmi8fI.roa (raw, json)
Hash identifier: za5h53reLZi+1dbsyKkdyZ1E2PQkpGBTW/YojQjKOdQ=
Subject key identifier: AF:43:A2:68:85:59:20:E7:5A:27:0B:1A:24:C1:16:52:C9:A2:F1:F2
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018948AF63FA0C6FA1658EC5511C9F1101C5
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/r0OiaIVZIOdaJwsaJMEWUsmi8fI.roa
Signing time: Wed 12 Jul 2023 06:00:01 +0000
ROA not before: Wed 12 Jul 2023 06:00:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
188.241.214.0/24 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.159.0/24 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
89.35.155.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.230.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.103.72.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:48:af:63:fa:0c:6f:a1:65:8e:c5:51:1c:9f:11:01:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 12 06:00:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af43a268855920e75a270b1a24c11652c9a2f1f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:7d:c9:4a:e6:ec:20:89:17:01:3d:f6:dc:3a:
f5:25:40:08:7b:44:0e:ff:d5:81:28:e1:e1:4b:d4:
2c:7c:3d:f6:60:b7:50:ee:eb:47:58:8d:6b:06:2b:
37:06:41:a5:fe:68:76:8c:14:4c:b8:70:34:6a:82:
4c:28:d4:4c:4e:4b:ec:33:9d:be:80:88:dd:ad:76:
2d:7a:d8:6d:c5:df:70:12:38:2f:e7:01:d0:6d:bf:
bb:81:d0:57:fa:59:93:f3:bc:79:4d:7f:ed:26:f8:
ce:4c:a5:7f:5c:dd:1f:5d:ef:f4:79:74:48:b8:a7:
fa:6b:25:fa:31:11:ee:fb:fd:01:5a:d7:df:a9:cf:
c1:8e:27:e1:46:d3:d1:95:b6:fe:8e:e6:59:2d:62:
c9:87:d0:f6:ef:43:1b:a5:2b:f0:73:91:36:60:e8:
44:13:5e:8b:b9:12:db:54:8c:12:7e:ff:65:a2:fa:
91:29:25:a1:f5:80:b3:27:b1:4f:be:18:53:86:86:
5b:51:15:99:2b:49:f1:74:4b:64:ff:3c:50:d0:e2:
57:27:a8:8e:9c:86:38:98:ff:76:4b:a9:39:0e:59:
45:63:97:fe:b6:84:5e:83:59:e7:7f:e9:7d:20:8f:
48:94:70:7b:f4:fa:70:be:aa:8d:79:85:bb:4c:33:
e2:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:43:A2:68:85:59:20:E7:5A:27:0B:1A:24:C1:16:52:C9:A2:F1:F2
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/r0OiaIVZIOdaJwsaJMEWUsmi8fI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.157.0/24
45.156.159.0/24
87.247.148.0/22
89.33.84.0/23
89.35.154.0/23
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.103.72.0/24
185.135.140.0/24
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.169.0-185.255.171.255
188.212.132.0/23
188.212.155.0/24
188.212.158.0/24
188.213.202.0/23
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.240.230.0/24
188.240.232.0/23
188.241.110.0/24
188.241.214.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:e8:17:65:f7:88:1c:41:50:90:51:6e:54:87:c8:24:d0:bc:
03:b8:11:54:3f:40:80:e9:96:83:e7:f8:ad:7e:24:dd:b0:86:
ad:13:be:0c:f2:60:8c:39:b9:fe:98:1e:c4:0a:52:8d:aa:c8:
ab:97:01:c2:76:fb:64:7c:44:2b:b9:3b:6a:cd:fa:6a:4a:bd:
37:29:5b:2f:75:ec:f6:d9:84:7d:c6:53:d5:4c:80:1f:ee:28:
25:2f:c5:b2:e4:7d:d9:12:4e:a7:87:04:c4:c6:33:9b:b0:fe:
17:f1:3c:51:ab:c8:7a:39:33:7a:87:9d:81:7f:a1:b6:6c:d0:
7a:8c:4b:90:47:7f:2b:40:9c:7b:bd:c7:ad:b5:08:4f:cb:50:
9e:7c:3d:85:c1:30:ab:84:c5:ab:dd:ea:e1:de:79:3b:f8:73:
54:73:0a:f8:f0:04:3d:55:42:c3:71:bc:7f:ff:9f:ad:39:7b:
eb:29:0c:75:7a:e3:27:90:98:82:6c:2e:65:4f:73:e9:cf:dd:
46:2f:ab:09:d0:f2:19:eb:b5:c9:38:04:66:23:98:a1:b6:b0:
f2:59:5c:30:63:15:7f:79:dd:8c:18:c0:e7:aa:51:71:d0:cc:
52:cf:0d:cf:ed:a3:79:11:21:f5:b5:84:c0:16:aa:f3:f6:7a:
9a:2a:7c:28
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAYlIr2P6DG+hZY7FURyfEQHFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzEyMDYwMDAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjQzYTI2ODg1NTkyMGU3NWEyNzBiMWEyNGMxMTY1MmM5YTJmMWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzH3JSubsIIkXAT323Dr1JUAIe0QO
/9WBKOHhS9QsfD32YLdQ7utHWI1rBis3BkGl/mh2jBRMuHA0aoJMKNRMTkvsM52+
gIjdrXYtethtxd9wEjgv5wHQbb+7gdBX+lmT87x5TX/tJvjOTKV/XN0fXe/0eXRI
uKf6ayX6MRHu+/0BWtffqc/BjifhRtPRlbb+juZZLWLJh9D270MbpSvwc5E2YOhE
E16LuRLbVIwSfv9lovqRKSWh9YCzJ7FPvhhThoZbURWZK0nxdEtk/zxQ0OJXJ6iO
nIY4mP92S6k5DllFY5f+toReg1nnf+l9II9IlHB79PpwvqqNeYW7TDPiTwIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFK9DomiFWSDnWicLGiTBFlLJovHyMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvcjBPaWFJVlpJT2RhSndzYUpNRVdVc21pOGZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAAt
nJ0DBAAtnJ8DBAJX95QDBAFZIVQDBAFZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAC5
Z0gDBAC5h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycwDAMEALn/qQMEArn/qAME
AbzUhAMEALzUmwMEALzUngMEAbzVygMEALzW0QMEAbzw4AMEALzw4wMEALzw5gME
Abzw6AMEALzxbgMEALzx1gMEAcEXgAMEAtXoXDANBgkqhkiG9w0BAQsFAAOCAQEA
jegXZfeIHEFQkFFuVIfIJNC8A7gRVD9AgOmWg+f4rX4k3bCGrRO+DPJgjDm5/pge
xApSjarIq5cBwnb7ZHxEK7k7as36akq9NylbL3Xs9tmEfcZT1UyAH+4oJS/FsuR9
2RJOp4cExMYzm7D+F/E8UavIejkzeoedgX+htmzQeoxLkEd/K0Cce73HrbUIT8tQ
nnw9hcEwq4TFq93q4d55O/hzVHMK+PAEPVVCw3G8f/+frTl76ykMdXrjJ5CYgmwu
ZU9z6c/dRi+rCdDyGeu1yTgEZiOYobaw8llcMGMVf3ndjBjA56pRcdDMUs8Nz+2j
eREh9bWEwBaq8/Z6mip8KA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:56 2023 by rpki-client on console-ams.rpki-client.org