Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/x12VGT97kz7HPcN3p0vxwxcggpY.roa
File: x12VGT97kz7HPcN3p0vxwxcggpY.roa (raw, json)
Hash identifier: yloGjAkwUOW5jouvUu0wNZ2Pkz0mI8cvPhNEkJjzhQY=
Subject key identifier: C7:5D:95:19:3F:7B:93:3E:C7:3D:C3:77:A7:4B:F1:C3:17:20:82:96
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018608EF1841C30B7FCC82352655742A4FD9
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/x12VGT97kz7HPcN3p0vxwxcggpY.roa
Signing time: Tue 31 Jan 2023 17:45:32 +0000
ROA not before: Tue 31 Jan 2023 17:45:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38337
IP address blocks: 193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.94.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
45.156.159.0/24 maxlen: 24
185.255.37.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:08:ef:18:41:c3:0b:7f:cc:82:35:26:55:74:2a:4f:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 31 17:45:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c75d95193f7b933ec73dc377a74bf1c317208296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:aa:0d:47:b2:9f:63:e3:72:b5:48:d7:bb:85:
0b:e0:fe:56:b8:07:0c:4f:a3:81:be:07:ba:95:75:
c4:b0:59:8f:1f:d2:ee:1e:79:96:76:31:fb:25:62:
a1:9a:9b:56:be:33:c4:22:87:95:51:34:e2:68:5a:
a1:98:5b:95:58:ab:95:68:6a:54:68:6a:1b:9b:69:
cd:e5:2a:92:cb:99:70:f8:85:7d:8e:24:56:47:66:
5e:f7:03:ac:a1:54:5c:0f:05:b8:f3:8f:4c:2a:e5:
0e:fd:47:a3:5f:5e:01:4a:c5:02:85:ca:33:cb:e2:
a5:5a:4a:9e:f7:01:be:75:1e:13:64:a5:9c:5e:97:
45:63:a4:6a:5a:2a:02:8c:fc:56:fe:a9:3f:ac:49:
d0:fb:b6:97:60:40:b3:7a:d1:b4:b8:94:20:20:ff:
c8:a7:e4:06:5f:a8:12:30:d0:ab:7e:35:87:af:21:
31:cf:b2:ec:2f:d5:46:fc:82:e6:21:56:23:87:c0:
ec:f9:77:42:74:bc:23:0d:a8:f7:89:99:cc:6f:4c:
da:05:54:78:99:12:57:86:20:9f:f1:0f:f0:87:fb:
35:ee:ca:e5:7c:46:6a:06:73:a8:1f:5d:21:6e:e1:
6e:99:29:45:d4:11:1d:e4:41:6a:ce:2a:d0:13:0c:
50:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:5D:95:19:3F:7B:93:3E:C7:3D:C3:77:A7:4B:F1:C3:17:20:82:96
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/x12VGT97kz7HPcN3p0vxwxcggpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.159.0/24
185.135.143.0/24
185.255.37.0/24
188.240.225.0/24
193.23.128.0/23
213.232.94.0/24
Signature Algorithm: sha256WithRSAEncryption
44:66:1f:75:95:72:a4:bc:1e:31:f1:c3:ac:ce:bd:bd:23:23:
a7:54:d4:07:04:35:a2:36:91:4e:75:58:94:b5:ca:b1:aa:06:
8b:34:41:f7:50:6e:54:86:4d:f3:f1:59:06:d6:90:7e:50:a3:
0c:54:0a:6b:f9:66:ce:1b:30:63:2e:82:2a:95:0f:e6:1c:d5:
23:e8:56:02:58:60:bc:02:72:3b:84:51:c7:67:28:f6:4a:ff:
12:24:17:72:64:af:90:8c:a5:de:f1:bb:f4:77:0d:90:87:58:
d5:9b:77:41:c4:98:3e:4e:26:d7:25:22:99:5f:59:1f:e5:8b:
a3:c3:e2:99:f4:c6:95:fe:81:68:be:42:0e:86:1c:d5:68:dd:
72:b0:35:98:0c:3e:3e:d6:d8:90:c9:db:1d:07:43:f5:ba:f1:
31:70:2f:62:dc:ad:ea:60:03:17:d9:de:47:c6:1d:32:3e:23:
8c:f0:b7:c5:df:06:ea:29:91:89:34:4a:bb:6c:39:f2:d6:66:
ad:ee:70:c3:80:54:c2:91:1f:bd:69:8e:95:98:0b:59:ec:7b:
0a:9d:24:34:cf:52:8b:0a:70:46:7d:2e:a8:9d:0b:b0:6c:4a:
4f:c5:50:9c:68:dc:0d:90:de:13:29:eb:9e:e3:9f:b9:fb:c6:
4f:a3:2e:82
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYYI7xhBwwt/zII1JlV0Kk/ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTMxMTc0NTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzVkOTUxOTNmN2I5MzNlYzczZGMzNzdhNzRiZjFjMzE3MjA4Mjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKoNR7KfY+NytUjXu4UL4P5WuAcM
T6OBvge6lXXEsFmPH9LuHnmWdjH7JWKhmptWvjPEIoeVUTTiaFqhmFuVWKuVaGpU
aGobm2nN5SqSy5lw+IV9jiRWR2Ze9wOsoVRcDwW4849MKuUO/UejX14BSsUChcoz
y+KlWkqe9wG+dR4TZKWcXpdFY6RqWioCjPxW/qk/rEnQ+7aXYECzetG0uJQgIP/I
p+QGX6gSMNCrfjWHryExz7LsL9VG/ILmIVYjh8Ds+XdCdLwjDaj3iZnMb0zaBVR4
mRJXhiCf8Q/wh/s17srlfEZqBnOoH10hbuFumSlF1BEd5EFqzirQEwxQaQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMddlRk/e5M+xz3Dd6dL8cMXIIKWMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEveDEyVkdUOTdrejdIUGNOM3Awdnh3eGNnZ3BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALZyfAwQA
uYePAwQAuf8lAwQAvPDhAwQBwReAAwQA1eheMA0GCSqGSIb3DQEBCwUAA4IBAQBE
Zh91lXKkvB4x8cOszr29IyOnVNQHBDWiNpFOdViUtcqxqgaLNEH3UG5Uhk3z8VkG
1pB+UKMMVApr+WbOGzBjLoIqlQ/mHNUj6FYCWGC8AnI7hFHHZyj2Sv8SJBdyZK+Q
jKXe8bv0dw2Qh1jVm3dBxJg+TibXJSKZX1kf5Yujw+KZ9MaV/oFovkIOhhzVaN1y
sDWYDD4+1tiQydsdB0P1uvExcC9i3K3qYAMX2d5Hxh0yPiOM8LfF3wbqKZGJNEq7
bDny1mat7nDDgFTCkR+9aY6VmAtZ7HsKnSQ0z1KLCnBGfS6onQuwbEpPxVCcaNwN
kN4TKeue45+5+8ZPoy6C
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:57 2023 by rpki-client on console-ams.rpki-client.org