Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/rFIWvCAMEc0Mku9MWKBlpT1o6A4.roa
File: rFIWvCAMEc0Mku9MWKBlpT1o6A4.roa (raw, json)
Hash identifier: Sxnl9L8pBtOiUf7h8N/M2pwI25eK1oDYWIP50m/Uh6w=
Subject key identifier: AC:52:16:BC:20:0C:11:CD:0C:92:EF:4C:58:A0:65:A5:3D:68:E8:0E
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01862F72FA5B2143D4702C27F0AB62828A0D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/rFIWvCAMEc0Mku9MWKBlpT1o6A4.roa
Signing time: Wed 08 Feb 2023 05:15:09 +0000
ROA not before: Wed 08 Feb 2023 05:15:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3507
IP address blocks: 93.114.192.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
45.156.158.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
93.115.109.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
188.241.214.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2f:72:fa:5b:21:43:d4:70:2c:27:f0:ab:62:82:8a:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 8 05:15:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac5216bc200c11cd0c92ef4c58a065a53d68e80e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:9b:19:02:6b:15:0a:2e:ac:4c:63:af:64:db:
a7:fb:2b:5a:f3:89:f1:53:8a:99:c4:25:3c:a7:4d:
3d:ca:86:50:4e:fb:56:8d:f5:93:95:8e:42:0b:06:
18:3b:43:d8:4e:4d:7c:13:1d:e0:00:b0:6f:6e:06:
bd:40:49:48:22:c6:71:80:d3:bf:58:84:d9:ff:e6:
3a:81:39:4f:44:2a:87:a2:0e:a7:be:c3:e8:86:69:
41:d8:27:8f:fd:ed:4b:d1:18:96:6a:36:8c:32:76:
5e:d2:9f:64:4e:d2:6f:22:8a:38:b2:e5:6b:7e:cf:
81:40:93:72:56:29:b0:39:0b:88:4f:fd:9a:2a:40:
80:8f:c9:ad:f4:11:9f:da:76:ab:07:8c:b6:52:31:
50:b7:94:b6:83:21:05:41:0a:7d:47:3b:ba:ff:c9:
24:de:00:7a:3e:ef:ba:21:fa:3b:d0:52:72:3c:75:
ec:e0:84:82:e5:ba:6a:08:55:aa:57:d2:63:1c:e4:
ba:da:fa:89:b3:17:e5:dd:40:52:ba:ec:4b:be:bf:
63:dc:f4:06:2e:cd:57:4a:82:20:ff:79:84:70:23:
5b:ef:f0:bf:35:4e:d4:35:e1:df:e4:e4:81:b7:4e:
19:a0:cb:6d:40:50:33:8b:e5:c0:1b:f9:7e:11:5a:
15:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:52:16:BC:20:0C:11:CD:0C:92:EF:4C:58:A0:65:A5:3D:68:E8:0E
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/rFIWvCAMEc0Mku9MWKBlpT1o6A4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.157.0-45.156.158.255
89.33.84.0/24
89.35.154.0/24
89.37.62.0/24
93.114.192.0/24
93.115.109.0/24
188.212.155.0/24
188.240.232.0/24
188.241.214.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:b1:67:d8:90:7e:58:76:d2:13:c6:31:ae:c2:af:00:ba:ac:
07:4a:0d:44:43:0f:99:85:83:49:e3:5e:f5:76:3d:26:f3:f0:
34:9f:a6:c1:e3:98:77:45:35:18:c7:32:24:79:60:06:35:08:
18:2b:a0:ba:0d:d3:ea:8b:a3:74:11:1a:03:43:2b:12:57:3c:
5c:93:e3:22:01:10:9e:5c:7a:7a:ff:4a:eb:79:16:a6:7d:08:
9e:27:31:c2:7a:d2:82:7d:e4:97:38:ed:00:46:3f:9e:09:a3:
d8:d7:00:b5:81:95:03:b6:18:9a:a2:36:93:78:83:27:f6:d3:
a2:60:d2:8d:30:2b:23:2c:83:88:0c:6c:01:c2:b9:7e:f8:5f:
5c:1a:68:21:78:54:c7:d7:e2:0b:fa:89:fb:4f:ee:89:d6:44:
fd:88:c2:0f:fd:52:10:59:f3:8d:44:83:17:5e:0e:51:7d:e6:
11:30:d3:49:cd:d7:60:32:d2:59:91:60:63:fe:fc:bd:77:22:
3b:eb:a3:19:c1:89:7e:4e:a3:7b:52:a0:97:0a:bf:b5:52:cb:
b0:ca:0c:51:a1:e3:5e:a0:7f:2a:37:95:c4:dd:79:e3:3c:bc:
5e:33:77:8b:ff:e4:4d:b9:ba:c2:e5:8f:43:8d:e4:fb:18:be:
a1:17:66:6a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYYvcvpbIUPUcCwn8KtigooNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjA4MDUxNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzUyMTZiYzIwMGMxMWNkMGM5MmVmNGM1OGEwNjVhNTNkNjhlODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5sZAmsVCi6sTGOvZNun+yta84nx
U4qZxCU8p009yoZQTvtWjfWTlY5CCwYYO0PYTk18Ex3gALBvbga9QElIIsZxgNO/
WITZ/+Y6gTlPRCqHog6nvsPohmlB2CeP/e1L0RiWajaMMnZe0p9kTtJvIoo4suVr
fs+BQJNyVimwOQuIT/2aKkCAj8mt9BGf2narB4y2UjFQt5S2gyEFQQp9Rzu6/8kk
3gB6Pu+6Ifo70FJyPHXs4ISC5bpqCFWqV9JjHOS62vqJsxfl3UBSuuxLvr9j3PQG
Ls1XSoIg/3mEcCNb7/C/NU7UNeHf5OSBt04ZoMttQFAzi+XAG/l+EVoVUQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFKxSFrwgDBHNDJLvTFigZaU9aOgOMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvckZJV3ZDQU1FYzBNa3U5TVdLQmxwVDFvNkE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+MAwDBAAtnJ0D
BAAtnJ4DBABZIVQDBABZI5oDBABZJT4DBABdcsADBABdc20DBAC81JsDBAC88OgD
BAC88dYwDQYJKoZIhvcNAQELBQADggEBAE+xZ9iQflh20hPGMa7CrwC6rAdKDURD
D5mFg0njXvV2PSbz8DSfpsHjmHdFNRjHMiR5YAY1CBgroLoN0+qLo3QRGgNDKxJX
PFyT4yIBEJ5cenr/Sut5FqZ9CJ4nMcJ60oJ95Jc47QBGP54Jo9jXALWBlQO2GJqi
NpN4gyf206Jg0o0wKyMsg4gMbAHCuX74X1waaCF4VMfX4gv6iftP7onWRP2Iwg/9
UhBZ841EgxdeDlF95hEw00nN12Ay0lmRYGP+/L13IjvroxnBiX5Oo3tSoJcKv7VS
y7DKDFGh416gfyo3lcTdeeM8vF4zd4v/5E25usLlj0ON5PsYvqEXZmo=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:03 2023 by rpki-client on console-fra.rpki-client.org