Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tpJKVfrIjRa60V5PYTT4S_XFtv4.roa
File: tpJKVfrIjRa60V5PYTT4S_XFtv4.roa (raw, json)
Hash identifier: xrhzREevEWgSWah875oV1MhO55sZ1oLz4VWztgyIGnY=
Subject key identifier: B6:92:4A:55:FA:C8:8D:16:BA:D1:5E:4F:61:34:F8:4B:F5:C5:B6:FE
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B8B3DF87C84AF8548258E837CAE0FD114
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tpJKVfrIjRa60V5PYTT4S_XFtv4.roa
Signing time: Wed 01 Nov 2023 14:16:16 +0000
ROA not before: Wed 01 Nov 2023 14:16:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7393
IP address blocks: 37.140.222.0/24 maxlen: 24
188.241.248.0/24 maxlen: 24
193.221.210.0/24 maxlen: 24
94.154.126.0/24 maxlen: 24
212.24.123.0/24 maxlen: 24
46.253.135.0/24 maxlen: 24
62.122.191.0/24 maxlen: 24
185.161.123.0/24 maxlen: 24
89.38.136.0/24 maxlen: 24
78.142.243.0/24 maxlen: 24
193.38.154.0/24 maxlen: 24
185.234.15.0/24 maxlen: 24
185.151.145.0/24 maxlen: 24
185.184.216.0/24 maxlen: 24
213.173.37.0/24 maxlen: 24
79.110.228.0/24 maxlen: 24
79.110.230.0/24 maxlen: 24
91.209.12.0/24 maxlen: 24
176.118.35.0/24 maxlen: 24
45.86.37.0/24 maxlen: 24
91.246.37.0/24 maxlen: 24
193.163.192.0/24 maxlen: 24
193.3.187.0/24 maxlen: 24
193.163.195.0/24 maxlen: 24
194.150.76.0/24 maxlen: 24
193.163.193.0/24 maxlen: 24
91.247.172.0/24 maxlen: 24
185.235.225.0/24 maxlen: 24
185.235.228.0/24 maxlen: 24
37.72.136.0/24 maxlen: 24
213.109.156.0/24 maxlen: 24
213.109.159.0/24 maxlen: 24
176.126.119.0/24 maxlen: 24
185.252.213.0/24 maxlen: 24
193.201.14.0/24 maxlen: 24
193.201.12.0/24 maxlen: 24
62.233.38.0/24 maxlen: 24
188.241.159.0/24 maxlen: 24
62.204.60.0/24 maxlen: 24
62.197.128.0/24 maxlen: 24
5.180.178.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8b:3d:f8:7c:84:af:85:48:25:8e:83:7c:ae:0f:d1:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 1 14:16:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b6924a55fac88d16bad15e4f6134f84bf5c5b6fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:41:1d:2b:ca:a2:5d:d7:ba:1e:70:c9:c0:0b:
33:e3:f7:8b:89:64:55:f2:07:a5:bc:80:0e:94:77:
c1:c7:28:f7:48:b2:f7:33:74:f0:b6:94:63:46:4b:
11:52:c5:b2:a1:6f:4a:0b:33:1f:82:cb:67:06:bd:
2f:7d:50:c6:f8:af:42:12:cc:3d:b7:c0:cc:fe:86:
f8:6c:97:ab:ce:30:71:fd:09:58:b1:30:c5:4d:96:
52:47:c0:a3:c4:57:0c:e5:1e:25:57:8f:64:b4:a1:
26:35:45:da:02:79:f3:a3:b3:b0:7f:19:84:9b:f9:
8f:1b:69:b0:33:10:aa:68:96:9a:69:4d:d0:d2:16:
be:76:5a:72:06:86:58:59:74:9c:f7:f7:42:c9:96:
06:1b:69:7d:77:c7:1d:7d:53:fe:20:d4:96:d3:50:
3c:79:54:2c:a5:59:98:7f:e4:f2:a9:ce:7d:07:2c:
0c:92:12:ef:88:06:71:fc:4a:98:26:e8:50:d5:b0:
52:8e:ae:0c:65:b2:58:c5:d8:79:ad:50:4a:20:37:
a0:78:c8:ed:1a:16:b7:86:39:47:7f:96:37:c1:2b:
1a:f9:b5:d9:ad:b4:2e:fe:ee:51:a0:9f:fe:ab:1d:
8b:91:6b:b8:59:46:a2:14:4e:ce:bd:0a:b9:0f:a0:
b1:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:92:4A:55:FA:C8:8D:16:BA:D1:5E:4F:61:34:F8:4B:F5:C5:B6:FE
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tpJKVfrIjRa60V5PYTT4S_XFtv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.178.0/24
37.72.136.0/24
37.140.222.0/24
45.86.37.0/24
46.253.135.0/24
62.122.191.0/24
62.197.128.0/24
62.204.60.0/24
62.233.38.0/24
78.142.243.0/24
79.110.228.0/24
79.110.230.0/24
89.38.136.0/24
91.209.12.0/24
91.246.37.0/24
91.247.172.0/24
94.154.126.0/24
176.118.35.0/24
176.126.119.0/24
185.151.145.0/24
185.161.123.0/24
185.184.216.0/24
185.234.15.0/24
185.235.225.0/24
185.235.228.0/24
185.252.213.0/24
188.241.159.0/24
188.241.248.0/24
193.3.187.0/24
193.38.154.0/24
193.163.192.0/23
193.163.195.0/24
193.201.12.0/24
193.201.14.0/24
193.221.210.0/24
194.150.76.0/24
212.24.123.0/24
213.109.156.0/24
213.109.159.0/24
213.173.37.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:55:82:e9:5e:1f:6c:9b:b5:a0:84:bf:50:3a:51:0c:06:31:
8b:c0:cc:4a:47:8f:99:4c:db:9e:ff:eb:b9:9b:ff:0e:dc:f1:
5b:5e:fa:82:f8:f4:56:ad:6a:e5:00:3f:33:f7:ac:1d:c3:5d:
c8:70:fd:6b:70:bc:95:96:12:d8:57:a6:82:a8:55:28:ad:b6:
09:b9:23:13:53:3f:a0:cd:dd:3f:15:c9:d0:9b:49:8c:6c:b5:
6a:e9:c2:16:7c:e2:1c:de:e5:d9:88:4e:37:9a:fb:49:12:8f:
70:4c:c7:70:ec:56:7f:8d:58:b1:d2:1d:89:27:a9:ba:41:15:
8d:cd:dc:9c:d8:fe:14:29:a3:ae:1b:3b:98:21:58:f1:c1:31:
fa:1b:85:77:91:69:49:27:01:ca:d9:a6:5a:27:86:bd:a1:6b:
ba:e9:89:cb:d7:f6:92:1f:2e:e8:70:e2:38:8a:90:2b:33:fc:
81:c1:ff:d9:46:54:b3:0d:c2:bb:61:41:ef:97:23:61:bd:be:
77:84:11:42:34:d1:39:df:4a:cc:8b:ef:04:da:c6:29:b5:b8:
11:1f:f1:bf:86:0f:27:c0:92:2b:5c:9b:5e:47:3c:e7:be:f1:
11:5b:59:6f:dc:3d:b4:fe:fe:9d:ca:d8:88:16:da:bc:de:e6:
b8:85:7d:90
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgISAYuLPfh8hK+FSCWOg3yuD9EUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTAxMTQxNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjkyNGE1NWZhYzg4ZDE2YmFkMTVlNGY2MTM0Zjg0YmY1YzViNmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUEdK8qiXde6HnDJwAsz4/eLiWRV
8gelvIAOlHfBxyj3SLL3M3TwtpRjRksRUsWyoW9KCzMfgstnBr0vfVDG+K9CEsw9
t8DM/ob4bJerzjBx/QlYsTDFTZZSR8CjxFcM5R4lV49ktKEmNUXaAnnzo7OwfxmE
m/mPG2mwMxCqaJaaaU3Q0ha+dlpyBoZYWXSc9/dCyZYGG2l9d8cdfVP+INSW01A8
eVQspVmYf+Tyqc59BywMkhLviAZx/EqYJuhQ1bBSjq4MZbJYxdh5rVBKIDegeMjt
Gha3hjlHf5Y3wSsa+bXZrbQu/u5RoJ/+qx2LkWu4WUaiFE7OvQq5D6CxHwIDAQAB
o4IC+TCCAvUwHQYDVR0OBBYEFLaSSlX6yI0WutFeT2E0+Ev1xbb+MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdHBKS1ZmcklqUmE2MFY1UFlUVDRTX1hGdHY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDQYIKwYBBQUHAQcBAf8Egf0wgfowgfcEAgABMIHwAwQA
BbSyAwQAJUiIAwQAJYzeAwQALVYlAwQALv2HAwQAPnq/AwQAPsWAAwQAPsw8AwQA
PukmAwQATo7zAwQAT27kAwQAT27mAwQAWSaIAwQAW9EMAwQAW/YlAwQAW/esAwQA
Xpp+AwQAsHYjAwQAsH53AwQAuZeRAwQAuaF7AwQAubjYAwQAueoPAwQAuevhAwQA
uevkAwQAufzVAwQAvPGfAwQAvPH4AwQAwQO7AwQAwSaaAwQBwaPAAwQAwaPDAwQA
wckMAwQAwckOAwQAwd3SAwQAwpZMAwQA1Bh7AwQA1W2cAwQA1W2fAwQA1a0lMA0G
CSqGSIb3DQEBCwUAA4IBAQBeVYLpXh9sm7WghL9QOlEMBjGLwMxKR4+ZTNue/+u5
m/8O3PFbXvqC+PRWrWrlAD8z96wdw13IcP1rcLyVlhLYV6aCqFUorbYJuSMTUz+g
zd0/FcnQm0mMbLVq6cIWfOIc3uXZiE43mvtJEo9wTMdw7FZ/jVix0h2JJ6m6QRWN
zdyc2P4UKaOuGzuYIVjxwTH6G4V3kWlJJwHK2aZaJ4a9oWu66YnL1/aSHy7ocOI4
ipArM/yBwf/ZRlSzDcK7YUHvlyNhvb53hBFCNNE530rMi+8E2sYptbgRH/G/hg8n
wJIrXJteRzznvvERW1lv3D20/v6dytiIFtq83ua4hX2Q
-----END CERTIFICATE-----
Generated at Wed Nov 1 15:47:19 2023 by rpki-client on console-ams.rpki-client.org