Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/w5A2DrJomIBx5eFNmARBi3uAQ-g.roa
File: w5A2DrJomIBx5eFNmARBi3uAQ-g.roa (raw, json)
Hash identifier: 2yP0kZk7onwwlTdVcsWmNyKbxu15uKeGKSv2/cfIVEU=
Subject key identifier: C3:90:36:0E:B2:68:98:80:71:E5:E1:4D:98:04:41:8B:7B:80:43:E8
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0188AF1D317F75039725AAFE57D13B52D3A5
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/w5A2DrJomIBx5eFNmARBi3uAQ-g.roa
Signing time: Mon 12 Jun 2023 10:18:25 +0000
ROA not before: Mon 12 Jun 2023 10:18:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 89.35.154.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
185.135.141.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.241.182.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:af:1d:31:7f:75:03:97:25:aa:fe:57:d1:3b:52:d3:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jun 12 10:18:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c390360eb268988071e5e14d9804418b7b8043e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ca:9d:6f:ed:86:ac:6c:b5:25:d7:5d:ca:aa:
22:44:c0:c4:c3:d0:36:11:d0:ff:ae:24:19:45:05:
55:1d:52:53:4e:59:91:ae:55:22:59:d1:fb:bd:89:
bc:e3:47:c0:6c:50:b4:4c:09:a4:0f:be:65:67:71:
a6:df:c5:ab:b6:b1:0e:8c:c8:f5:b1:b5:72:91:3f:
d8:85:b5:8c:0d:0b:87:95:d0:8c:39:ff:05:38:f3:
ff:97:9a:c6:2b:c0:83:a7:55:d6:bd:99:17:44:c9:
76:8a:53:f5:6d:d0:c5:20:d8:53:18:77:3f:81:68:
7e:44:17:34:87:3d:b3:ec:61:51:5e:54:bf:96:f8:
de:a9:3f:77:43:7b:8b:66:02:9b:de:26:75:e9:ab:
66:6d:a3:fe:e8:df:c7:e6:d6:ed:fd:c6:27:5d:7c:
79:da:23:b3:55:1c:b5:ef:a3:ff:e3:b1:aa:0d:32:
21:7c:47:15:d7:5a:24:a8:f0:39:f4:1c:23:7f:a1:
78:35:a0:51:0e:5b:ca:49:07:03:bc:96:72:d7:e8:
e1:42:12:36:45:84:3c:07:5a:39:f9:78:8c:29:e4:
45:72:5f:78:c2:3c:b2:c9:79:ff:5c:e3:96:0f:26:
d4:9a:bb:04:48:16:15:34:6e:08:f7:5d:78:db:b4:
ad:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:90:36:0E:B2:68:98:80:71:E5:E1:4D:98:04:41:8B:7B:80:43:E8
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/w5A2DrJomIBx5eFNmARBi3uAQ-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.154.0/24
89.37.62.0/23
91.188.204.0/24
185.135.141.0/24
188.212.155.0/24
188.240.233.0/24
188.241.110.0/24
188.241.182.0/24
188.241.243.0/24
213.232.94.0/23
Signature Algorithm: sha256WithRSAEncryption
01:35:9d:41:2c:c3:b6:13:4d:a0:7a:b1:29:3b:80:95:68:e5:
71:a7:37:cd:db:b5:e8:77:0f:da:d7:c1:c0:f9:f5:35:74:53:
cb:af:37:1f:b0:e2:08:8d:85:86:e1:19:de:85:f1:00:16:22:
e5:b0:88:fd:22:fe:8d:bc:80:c7:b5:b9:d4:d4:6e:da:a1:c8:
80:cc:30:a5:4e:49:a1:28:e4:63:b9:ae:58:bf:19:e7:f9:49:
52:8e:51:ca:f5:66:1b:10:71:01:24:67:a3:8d:ed:d1:88:9a:
15:a6:e4:8e:d1:4c:8a:73:f1:8e:12:a3:26:b0:ef:c5:f4:57:
c1:0c:16:95:f5:b9:17:d3:70:93:c0:a0:58:43:fe:4f:33:d8:
61:b0:4f:07:ff:85:24:13:41:97:f5:65:6d:32:3f:e0:f0:f6:
61:e3:ef:a5:93:24:0f:a4:56:a2:e3:13:4c:5e:df:e6:f1:15:
a4:6c:e2:cc:82:c6:f5:7e:93:bc:c6:f0:bd:59:5a:e5:b1:50:
92:e3:ed:ec:77:cf:eb:2b:68:19:30:35:3c:17:cc:8f:18:4f:
93:c6:d2:c8:c7:ce:b7:6d:58:e4:fd:bb:fd:62:3a:db:1c:d4:
32:bc:f4:48:8b:eb:b3:ab:be:50:07:1d:d3:80:25:bf:e6:4c:
4f:71:be:e2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYivHTF/dQOXJar+V9E7UtOlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNjEyMTAxODI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzkwMzYwZWIyNjg5ODgwNzFlNWUxNGQ5ODA0NDE4YjdiODA0M2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8qdb+2GrGy1JdddyqoiRMDEw9A2
EdD/riQZRQVVHVJTTlmRrlUiWdH7vYm840fAbFC0TAmkD75lZ3Gm38WrtrEOjMj1
sbVykT/YhbWMDQuHldCMOf8FOPP/l5rGK8CDp1XWvZkXRMl2ilP1bdDFINhTGHc/
gWh+RBc0hz2z7GFRXlS/lvjeqT93Q3uLZgKb3iZ16atmbaP+6N/H5tbt/cYnXXx5
2iOzVRy176P/47GqDTIhfEcV11okqPA59Bwjf6F4NaBRDlvKSQcDvJZy1+jhQhI2
RYQ8B1o5+XiMKeRFcl94wjyyyXn/XOOWDybUmrsESBYVNG4I911427St5QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFMOQNg6yaJiAceXhTZgEQYt7gEPoMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdzVBMkRySm9tSUJ4NWVGTm1BUkJpM3VBUS1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAWSOaAwQB
WSU+AwQAW7zMAwQAuYeNAwQAvNSbAwQAvPDpAwQAvPFuAwQAvPG2AwQAvPHzAwQB
1eheMA0GCSqGSIb3DQEBCwUAA4IBAQABNZ1BLMO2E02gerEpO4CVaOVxpzfN27Xo
dw/a18HA+fU1dFPLrzcfsOIIjYWG4RnehfEAFiLlsIj9Iv6NvIDHtbnU1G7aociA
zDClTkmhKORjua5Yvxnn+UlSjlHK9WYbEHEBJGejje3RiJoVpuSO0UyKc/GOEqMm
sO/F9FfBDBaV9bkX03CTwKBYQ/5PM9hhsE8H/4UkE0GX9WVtMj/g8PZh4++lkyQP
pFai4xNMXt/m8RWkbOLMgsb1fpO8xvC9WVrlsVCS4+3sd8/rK2gZMDU8F8yPGE+T
xtLIx863bVjk/bv9YjrbHNQyvPRIi+uzq75QBx3TgCW/5kxPcb7i
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:57 2023 by rpki-client on console-ams.rpki-client.org