Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/v45L1jtH0c4jrYNqr09sY6kVswE.roa
File: v45L1jtH0c4jrYNqr09sY6kVswE.roa (raw, json)
Hash identifier: aSnHXI+QQdSdyR/OLoCL/mZqL8/iEmmRkt0yYguvN5M=
Subject key identifier: BF:8E:4B:D6:3B:47:D1:CE:23:AD:83:6A:AF:4F:6C:63:A9:15:B3:01
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B3D5C62B9508F3FD311E8C67699158849
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/v45L1jtH0c4jrYNqr09sY6kVswE.roa
Signing time: Tue 17 Oct 2023 11:19:06 +0000
ROA not before: Tue 17 Oct 2023 11:19:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.240.68.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3d:5c:62:b9:50:8f:3f:d3:11:e8:c6:76:99:15:88:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 17 11:19:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf8e4bd63b47d1ce23ad836aaf4f6c63a915b301
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b8:dd:08:d4:f6:a2:e5:ec:54:d8:4f:98:4d:
b7:f8:4b:26:05:c3:9e:90:c5:dc:56:37:99:50:99:
a2:77:8c:4d:8a:68:cb:c3:f7:2a:bc:b2:65:80:2d:
0e:83:15:2e:59:65:3f:45:41:d3:c7:e6:81:ec:59:
13:86:0d:19:11:59:b0:e7:04:98:4b:46:03:db:5f:
d1:1b:98:79:8b:04:58:51:b8:62:3f:25:e7:f3:47:
78:7a:5d:3b:c6:b6:08:97:78:59:81:0b:ea:eb:d6:
1a:25:c4:1c:1f:13:5e:69:77:6b:ac:86:e7:46:65:
9c:c2:ab:e9:ad:19:4a:9e:36:17:0a:d2:a3:6c:f5:
a4:b9:e2:43:2d:71:f5:d2:7d:79:a4:57:16:35:f8:
d7:49:69:b4:7d:af:27:03:f0:a2:75:85:74:ef:b4:
3c:f7:b5:97:b9:d6:00:bd:ec:9a:9d:0e:76:5e:81:
4d:e6:e5:74:56:89:42:4d:d3:43:a9:c6:1b:63:f1:
7a:03:15:d0:23:11:b8:60:b6:a3:cd:10:8c:9c:8c:
08:c5:6d:44:f7:d9:45:1a:ee:6a:3f:02:15:05:24:
4a:df:68:5f:7d:54:99:14:99:4f:e4:92:5e:43:69:
9a:4b:30:8c:3d:fa:e7:64:f9:5c:ef:93:72:f9:57:
ea:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:8E:4B:D6:3B:47:D1:CE:23:AD:83:6A:AF:4F:6C:63:A9:15:B3:01
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/v45L1jtH0c4jrYNqr09sY6kVswE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
87.247.148.0/22
89.33.85.0/24
89.35.154.0/24
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.168.0/22
188.212.133.0/24
188.212.155.0/24
188.212.159.0/24
188.213.202.0/23
188.214.209.0/24
188.240.68.0/24
188.240.224.0/23
188.240.227.0/24
188.240.233.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
62:e6:f9:dc:f0:14:70:7e:05:e9:a6:4e:ef:8c:19:b0:2d:60:
47:09:46:07:96:50:8d:62:ed:a5:83:62:5e:3e:20:f8:ee:45:
2b:85:b5:1f:b4:48:c4:60:39:7e:bf:ec:3b:c6:18:d9:4a:93:
48:ea:13:02:71:8f:c3:55:c6:e2:cc:88:9b:8c:33:4c:66:3f:
29:89:23:7d:01:1e:b2:8b:63:bb:bd:6e:57:3c:7b:65:13:2b:
63:16:96:ba:29:ce:a1:af:31:20:a9:1e:c7:3e:aa:3b:f1:6c:
19:16:bf:ae:5d:36:9c:4f:05:ff:2b:1c:86:1a:36:b2:52:42:
c1:34:1f:da:1e:47:98:29:c5:f4:fa:81:27:75:b7:c4:6a:3e:
20:c5:4a:ea:49:55:67:a2:79:77:3a:6f:3c:c9:6a:03:14:62:
46:1a:43:a2:8e:e1:a1:b0:b2:64:ba:b2:22:96:29:1b:92:cb:
16:53:b5:3c:6d:e3:1c:ce:55:17:8e:35:2b:ca:b2:a2:76:30:
ec:b0:1b:8f:49:49:1b:a7:3f:7d:f3:43:40:fd:9a:5a:fa:08:
a0:66:db:09:47:42:0f:0a:ec:40:2d:72:02:3a:06:d0:04:f9:
bb:63:83:f8:cf:80:12:d4:37:de:ae:bd:26:51:9e:d4:b2:65:
b7:df:fa:d7
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYs9XGK5UI8/0xHoxnaZFYhJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDE3MTExOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjhlNGJkNjNiNDdkMWNlMjNhZDgzNmFhZjRmNmM2M2E5MTViMzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLjdCNT2ouXsVNhPmE23+EsmBcOe
kMXcVjeZUJmid4xNimjLw/cqvLJlgC0OgxUuWWU/RUHTx+aB7FkThg0ZEVmw5wSY
S0YD21/RG5h5iwRYUbhiPyXn80d4el07xrYIl3hZgQvq69YaJcQcHxNeaXdrrIbn
RmWcwqvprRlKnjYXCtKjbPWkueJDLXH10n15pFcWNfjXSWm0fa8nA/CidYV077Q8
97WXudYAveyanQ52XoFN5uV0VolCTdNDqcYbY/F6AxXQIxG4YLajzRCMnIwIxW1E
99lFGu5qPwIVBSRK32hffVSZFJlP5JJeQ2maSzCMPfrnZPlc75Ny+VfqFQIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFL+OS9Y7R9HOI62Daq9PbGOpFbMBMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdjQ1TDFqdEgwYzRqcllOcXIwOXNZNmtWc3dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwDBAIt
krgDBAAtnJ0DBAJX95QDBABZIVUDBABZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAG5
h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAK5/6gDBAC81IUDBAC81JsDBAC8
1J8DBAG81coDBAC81tEDBAC88EQDBAG88OADBAC88OMDBAC88OkDBAC88fMDBAHB
F4ADBALV6FwwDQYJKoZIhvcNAQELBQADggEBAGLm+dzwFHB+BemmTu+MGbAtYEcJ
RgeWUI1i7aWDYl4+IPjuRSuFtR+0SMRgOX6/7DvGGNlKk0jqEwJxj8NVxuLMiJuM
M0xmPymJI30BHrKLY7u9blc8e2UTK2MWlropzqGvMSCpHsc+qjvxbBkWv65dNpxP
Bf8rHIYaNrJSQsE0H9oeR5gpxfT6gSd1t8RqPiDFSupJVWeieXc6bzzJagMUYkYa
Q6KO4aGwsmS6siKWKRuSyxZTtTxt4xzOVReONSvKsqJ2MOywG49JSRunP33zQ0D9
mlr6CKBm2wlHQg8K7EAtcgI6BtAE+btjg/jPgBLUN96uvSZRntSyZbff+tc=
-----END CERTIFICATE-----
Generated at Wed Oct 18 12:47:31 2023 by rpki-client on console-ams.rpki-client.org