Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/wzP3o4txqTdB9BOEbYplLAhzFcs.roa
File: wzP3o4txqTdB9BOEbYplLAhzFcs.roa (raw, json)
Hash identifier: gxPjh4PHI6Hb8L5p6mH+GH7MdqJuE/8GhtgYqOBJ6eY=
Subject key identifier: C3:33:F7:A3:8B:71:A9:37:41:F4:13:84:6D:8A:65:2C:08:73:15:CB
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0189B0DB43AB36AE8CC30CF569A6B7ACBC02
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/wzP3o4txqTdB9BOEbYplLAhzFcs.roa
Signing time: Tue 01 Aug 2023 11:28:26 +0000
ROA not before: Tue 01 Aug 2023 11:28:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
188.241.214.0/24 maxlen: 24
93.115.255.0/24 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.159.0/24 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
89.35.155.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.230.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b0:db:43:ab:36:ae:8c:c3:0c:f5:69:a6:b7:ac:bc:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 1 11:28:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c333f7a38b71a93741f413846d8a652c087315cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:3b:71:1c:1d:db:d4:e6:c5:37:60:df:12:df:
2d:89:8a:07:3f:86:44:c6:ca:30:0c:08:f7:e6:18:
c3:58:3f:e7:3d:20:c8:56:41:63:83:54:92:a6:5e:
38:1c:61:f3:0f:9b:51:8e:f5:89:9d:0f:38:4b:7e:
4e:98:17:61:78:1d:61:55:f1:da:4f:d4:59:17:5f:
63:43:aa:07:e0:de:84:da:f5:45:31:70:a5:d5:59:
42:c8:fe:dd:d9:95:e7:9b:2b:4c:62:26:c6:f4:d3:
da:fe:8c:73:52:be:1d:97:d7:85:18:81:f7:16:4d:
26:42:19:06:f5:a9:7d:7d:82:48:ad:ba:c8:2d:f6:
f3:3c:5e:24:fd:b0:6d:f9:f3:c3:ad:3b:ba:31:51:
9f:f2:29:fe:7d:c1:ad:ae:83:8d:81:3c:c5:68:e4:
65:d6:d4:fe:99:c3:9b:cf:53:f4:95:89:16:ed:25:
ba:e9:17:b5:8f:c4:04:18:27:0d:16:65:c8:74:94:
70:f5:b5:6d:ca:b1:32:5a:70:98:69:1f:21:77:77:
88:51:3f:59:d7:27:f4:5d:d4:37:f0:ba:9f:85:99:
3c:2f:7e:6d:e4:04:78:9f:08:b9:8f:39:5b:2c:54:
58:de:16:8e:58:21:6c:45:c4:31:ae:c6:d4:f7:7f:
ca:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:33:F7:A3:8B:71:A9:37:41:F4:13:84:6D:8A:65:2C:08:73:15:CB
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/wzP3o4txqTdB9BOEbYplLAhzFcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.157.0/24
45.156.159.0/24
87.247.148.0/22
89.33.84.0/23
89.35.154.0/23
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.169.0-185.255.171.255
188.212.132.0/23
188.212.155.0/24
188.212.158.0/24
188.213.202.0/23
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.240.230.0/24
188.240.233.0/24
188.241.110.0/24
188.241.214.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:64:d3:fe:15:3c:2f:39:dc:2e:e9:af:44:14:a2:5e:df:35:
fb:9d:87:ec:be:b8:c4:8f:ef:5b:60:97:c8:a2:a2:06:d5:03:
e9:cf:d7:7a:63:16:51:fb:73:aa:f1:92:71:a2:3f:8f:e2:e0:
a5:4b:97:8b:9b:f0:41:f7:4a:f3:77:55:4d:04:f5:77:92:ba:
07:e8:15:12:d7:dd:25:f8:c7:53:4a:62:2b:0d:ac:12:5a:74:
40:79:78:de:79:05:eb:7d:e3:8a:68:a8:40:45:67:f6:6d:ac:
a3:6b:b2:cd:29:15:a6:b7:54:6e:e8:e3:42:40:8a:dc:a7:1d:
01:d3:7e:4d:73:1c:94:b3:11:2f:2b:9c:c8:c7:46:d8:4d:fb:
27:56:8c:9c:25:12:e2:c0:aa:01:3b:cc:1d:69:d3:94:9a:0d:
b2:81:f2:dd:ce:ca:dc:c7:fc:78:9c:2f:e2:b8:84:d0:e7:93:
11:ac:2d:22:70:d9:3a:ff:a2:f7:56:d4:58:72:31:0b:2e:16:
ff:5a:16:ba:9d:20:ed:d2:1d:55:0a:59:d0:bb:04:1d:77:48:
e7:14:c8:11:2c:fe:11:d0:4c:ab:fa:96:43:95:d8:29:7e:4b:
5c:25:64:f7:89:b4:db:35:4d:09:d1:24:1e:f7:24:52:28:aa:
2c:f1:e2:b5
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAYmw20OrNq6Mwwz1aaa3rLwCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwODAxMTEyODI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzMzZjdhMzhiNzFhOTM3NDFmNDEzODQ2ZDhhNjUyYzA4NzMxNWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDtxHB3b1ObFN2DfEt8tiYoHP4ZE
xsowDAj35hjDWD/nPSDIVkFjg1SSpl44HGHzD5tRjvWJnQ84S35OmBdheB1hVfHa
T9RZF19jQ6oH4N6E2vVFMXCl1VlCyP7d2ZXnmytMYibG9NPa/oxzUr4dl9eFGIH3
Fk0mQhkG9al9fYJIrbrILfbzPF4k/bBt+fPDrTu6MVGf8in+fcGtroONgTzFaORl
1tT+mcObz1P0lYkW7SW66Re1j8QEGCcNFmXIdJRw9bVtyrEyWnCYaR8hd3eIUT9Z
1yf0XdQ38LqfhZk8L35t5AR4nwi5jzlbLFRY3haOWCFsRcQxrsbU93/KkwIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFMMz96OLcak3QfQThG2KZSwIcxXLMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvd3pQM280dHhxVGRCOUJPRWJZcGxMQWh6RmNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAAt
nJ0DBAAtnJ8DBAJX95QDBAFZIVQDBAFZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAG5
h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycwDAMEALn/qQMEArn/qAMEAbzUhAME
ALzUmwMEALzUngMEAbzVygMEALzW0QMEAbzw4AMEALzw4wMEALzw5gMEALzw6QME
ALzxbgMEALzx1gMEALzx8wMEAcEXgAMEAtXoXDANBgkqhkiG9w0BAQsFAAOCAQEA
OmTT/hU8LzncLumvRBSiXt81+52H7L64xI/vW2CXyKKiBtUD6c/XemMWUftzqvGS
caI/j+LgpUuXi5vwQfdK83dVTQT1d5K6B+gVEtfdJfjHU0piKw2sElp0QHl43nkF
633jimioQEVn9m2so2uyzSkVprdUbujjQkCK3KcdAdN+TXMclLMRLyucyMdG2E37
J1aMnCUS4sCqATvMHWnTlJoNsoHy3c7K3Mf8eJwv4riE0OeTEawtInDZOv+i91bU
WHIxCy4W/1oWup0g7dIdVQpZ0LsEHXdI5xTIESz+EdBMq/qWQ5XYKX5LXCVk94m0
2zVNCdEkHvckUiiqLPHitQ==
Generated at Sat Aug 5 18:56:13 2023 by rpki-client on console-fra.rpki-client.org