Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/s_-Wt2p8jFoRglc2DwVWjQx0O2A.roa
File: s_-Wt2p8jFoRglc2DwVWjQx0O2A.roa (raw, json)
Hash identifier: Nq5NYRpEQrA5KBBVUtzNGtHxVFijMxTlstXCd3esbV4=
Subject key identifier: B3:FF:96:B7:6A:7C:8C:5A:11:82:57:36:0F:05:56:8D:0C:74:3B:60
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B93FB992785E34E6882D3670EAB3699D8
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/s_-Wt2p8jFoRglc2DwVWjQx0O2A.roa
Signing time: Fri 03 Nov 2023 07:00:21 +0000
ROA not before: Fri 03 Nov 2023 07:00:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213035
IP address blocks: 185.121.122.0/23 maxlen: 24
185.121.121.0/24 maxlen: 24
185.239.243.0/24 maxlen: 24
220.158.198.0/24 maxlen: 24
45.144.226.0/24 maxlen: 24
220.158.196.0/23 maxlen: 24
193.239.164.0/23 maxlen: 24
62.197.140.0/22 maxlen: 24
45.146.186.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:93:fb:99:27:85:e3:4e:68:82:d3:67:0e:ab:36:99:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 3 07:00:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3ff96b76a7c8c5a118257360f05568d0c743b60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:db:55:cc:d0:dc:a5:b4:23:87:c4:19:ac:00:
b1:af:0f:d3:17:01:e1:5a:a5:48:3b:b0:ec:41:10:
5b:0c:ce:39:fa:db:25:2a:64:90:9e:bc:fe:8e:cc:
b9:d5:67:f1:dc:7c:fb:21:dd:a8:1e:97:f0:58:bf:
bc:c7:f2:37:cc:8a:38:a4:aa:db:e0:6d:66:98:e5:
1d:95:d6:f5:d0:a9:66:32:b7:9e:df:e7:71:b1:00:
40:9d:44:47:55:42:2e:75:ed:83:3f:3f:cd:b3:2f:
c1:2a:60:4b:f1:40:91:14:35:80:b0:06:c3:71:65:
5c:4a:29:e1:ff:99:5c:f9:61:07:bb:07:bf:f7:11:
d9:69:19:58:16:41:f2:bb:2e:6a:c9:52:14:d5:20:
2c:5e:ff:47:89:38:8d:7c:af:12:56:c6:8c:5d:2c:
86:94:b9:90:44:a0:7d:22:4a:de:6a:6a:14:dc:cd:
05:41:af:21:b9:e2:c3:61:b8:b4:73:cf:0c:09:48:
c1:5a:2b:3a:ff:6d:05:3d:42:47:e7:c9:16:ae:e2:
40:3f:ea:63:ec:1d:9d:2e:6a:1c:5e:6a:a6:03:ff:
c7:ef:86:c8:bc:f3:59:6c:4c:8b:72:17:b4:a2:8e:
a0:f9:4a:25:24:be:ce:d5:eb:94:a2:8f:b0:48:d7:
20:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:FF:96:B7:6A:7C:8C:5A:11:82:57:36:0F:05:56:8D:0C:74:3B:60
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/s_-Wt2p8jFoRglc2DwVWjQx0O2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.226.0/24
45.146.186.0/24
62.197.140.0/22
185.121.121.0-185.121.123.255
185.239.243.0/24
193.239.164.0/23
220.158.196.0-220.158.198.255
Signature Algorithm: sha256WithRSAEncryption
8c:16:1a:6f:d0:95:54:90:86:ca:d0:6b:9e:de:5c:04:14:5b:
eb:3a:72:a0:3f:96:1d:42:52:35:b2:20:e7:c3:b5:52:79:75:
75:b9:6a:9b:b5:26:51:bf:e4:35:30:ea:c9:f7:a5:57:cf:06:
d3:c2:0b:14:b7:70:a8:a4:1d:b7:b6:75:6d:f5:ae:38:ab:aa:
f2:32:ef:0b:bc:77:e1:b0:b7:26:94:92:99:9f:a4:f1:e9:d8:
b3:dd:64:aa:94:1b:a8:c9:5f:5b:0d:a4:6a:62:16:9a:09:84:
ab:1c:40:b1:1c:34:a8:c2:cf:bb:81:11:ab:02:b9:49:2c:23:
8d:16:3e:ef:02:38:7a:f4:3e:e4:88:3f:58:09:59:f9:2e:cd:
75:76:fa:83:14:13:07:10:a6:b9:69:0c:d2:57:92:b4:e9:30:
c9:ef:66:08:24:8c:b2:87:87:a7:1e:2e:44:c3:93:39:57:d7:
48:7b:4f:08:f7:55:fd:7e:27:68:79:93:09:1a:bf:00:52:ae:
b4:c4:8e:30:1d:e2:13:d7:f0:0f:04:be:5d:3b:bd:1c:76:0a:
ab:01:d3:2f:9f:68:73:72:ee:59:61:e3:72:e9:c1:3a:a3:32:
e3:e7:02:60:28:63:1e:a5:a9:72:9f:cf:ec:78:0b:a0:d0:e3:
e4:9c:26:1c
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYuT+5knheNOaILTZw6rNpnYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTAzMDcwMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2ZmOTZiNzZhN2M4YzVhMTE4MjU3MzYwZjA1NTY4ZDBjNzQzYjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ttVzNDcpbQjh8QZrACxrw/TFwHh
WqVIO7DsQRBbDM45+tslKmSQnrz+jsy51Wfx3Hz7Id2oHpfwWL+8x/I3zIo4pKrb
4G1mmOUdldb10KlmMree3+dxsQBAnURHVUIude2DPz/Nsy/BKmBL8UCRFDWAsAbD
cWVcSinh/5lc+WEHuwe/9xHZaRlYFkHyuy5qyVIU1SAsXv9HiTiNfK8SVsaMXSyG
lLmQRKB9IkreamoU3M0FQa8hueLDYbi0c88MCUjBWis6/20FPUJH58kWruJAP+pj
7B2dLmocXmqmA//H74bIvPNZbEyLche0oo6g+UolJL7O1euUoo+wSNcgZwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFLP/lrdqfIxaEYJXNg8FVo0MdDtgMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvc18tV3QycDhqRm9SZ2xjMkR3VldqUXgwTzJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQALZDiAwQA
LZK6AwQCPsWMMAwDBAC5eXkDBAK5eXgDBAC57/MDBAHB76QwDAMEAtyexAMEANye
xjANBgkqhkiG9w0BAQsFAAOCAQEAjBYab9CVVJCGytBrnt5cBBRb6zpyoD+WHUJS
NbIg58O1Unl1dblqm7UmUb/kNTDqyfelV88G08ILFLdwqKQdt7Z1bfWuOKuq8jLv
C7x34bC3JpSSmZ+k8enYs91kqpQbqMlfWw2kamIWmgmEqxxAsRw0qMLPu4ERqwK5
SSwjjRY+7wI4evQ+5Ig/WAlZ+S7NdXb6gxQTBxCmuWkM0leStOkwye9mCCSMsoeH
px4uRMOTOVfXSHtPCPdV/X4naHmTCRq/AFKutMSOMB3iE9fwDwS+XTu9HHYKqwHT
L59oc3LuWWHjcunBOqMy4+cCYChjHqWpcp/P7HgLoNDj5JwmHA==
-----END CERTIFICATE-----
Generated at Thu Dec 7 17:53:03 2023 by rpki-client on console-ams.rpki-client.org