Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/x4gY8cKLlEw2M17IHt4TD-w5oZA.roa
File: x4gY8cKLlEw2M17IHt4TD-w5oZA.roa (raw, json)
Hash identifier: fOk+Be8diyL0Xj7irkUQFDAgmsdATGvb1Eu2JnfEIx4=
Subject key identifier: C7:88:18:F1:C2:8B:94:4C:36:33:5E:C8:1E:DE:13:0F:EC:39:A1:90
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0186DB1F1C319DED26A7B3DD5BBDD4EE2CAA
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/x4gY8cKLlEw2M17IHt4TD-w5oZA.roa
Signing time: Mon 13 Mar 2023 13:18:14 +0000
ROA not before: Mon 13 Mar 2023 13:18:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.212.132.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
91.188.204.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
93.115.254.0/23 maxlen: 24
94.176.110.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.103.72.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:db:1f:1c:31:9d:ed:26:a7:b3:dd:5b:bd:d4:ee:2c:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 13 13:18:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c78818f1c28b944c36335ec81ede130fec39a190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:91:77:a0:ea:95:15:41:77:30:e2:02:d7:fa:
ed:0e:4a:83:7c:5f:a9:b8:46:ee:80:ee:0d:d5:6d:
a6:af:a0:19:bb:7c:3d:5f:3b:dd:de:83:48:e5:69:
16:44:c2:12:46:97:5f:de:f8:f0:96:10:17:1a:9e:
a0:cb:3a:9f:99:83:c7:f1:45:46:1e:7d:f7:cf:21:
f8:0f:01:e7:64:2e:34:03:51:a1:9a:e6:c5:ed:5d:
47:8c:dd:8c:7c:29:a6:63:10:ad:74:70:a3:af:e7:
3f:74:86:09:10:74:84:2c:07:05:5c:b4:df:41:62:
99:29:4b:22:65:83:89:db:59:36:df:de:4b:c2:a6:
4d:49:dc:8e:14:1f:05:5e:08:73:3d:3d:a0:30:e7:
60:76:af:87:4f:46:b7:69:b4:e7:db:15:0d:84:5b:
b4:5a:cd:70:0d:06:a9:cd:09:cd:32:d8:ff:91:b9:
62:e1:da:6f:d0:ef:08:82:9f:82:60:4a:d6:1b:11:
28:45:2d:ce:56:1f:83:92:f0:bc:85:37:d8:ea:10:
98:b0:e3:08:39:38:2a:36:f7:be:c3:c2:e5:3a:e7:
e1:ce:19:e4:93:5b:95:b5:af:d2:5a:14:a7:0c:08:
a3:35:c4:85:17:78:59:c4:95:92:30:1c:ce:d9:08:
74:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:88:18:F1:C2:8B:94:4C:36:33:5E:C8:1E:DE:13:0F:EC:39:A1:90
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/x4gY8cKLlEw2M17IHt4TD-w5oZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.247.148.0/24
89.37.63.0/24
91.188.204.0/24
93.115.254.0/23
94.176.110.0/24
185.103.72.0/24
185.238.10.0/24
185.241.210.0/23
185.255.169.0-185.255.171.255
188.212.132.0/23
188.240.232.0/24
Signature Algorithm: sha256WithRSAEncryption
85:17:c4:9d:f6:24:1f:bf:36:ad:a1:a6:63:43:dc:11:17:7c:
4f:f4:9a:53:d7:1a:9c:b0:d6:b8:85:91:96:25:64:2f:68:ee:
e7:8e:f1:7b:5f:da:a6:17:06:79:3d:17:39:24:0e:ec:6f:da:
ef:b0:84:dc:fb:29:83:09:8f:19:33:d6:cd:82:01:ba:17:3c:
a6:01:e7:a2:71:54:f4:ef:ce:4a:e7:f9:32:47:7d:ab:ae:67:
cf:8a:97:a5:66:2c:5e:d1:cf:65:69:6a:11:3f:2e:d2:a7:27:
97:5e:40:31:a6:34:6b:ab:88:72:c1:76:04:8f:e5:c5:54:40:
a7:4a:0e:19:c7:b9:35:60:eb:92:87:de:5a:c5:84:fd:8a:eb:
39:98:6d:a2:69:90:fa:54:2c:34:e1:43:53:c8:cd:3e:d8:2b:
4c:ed:ce:df:5b:cb:d7:ec:0c:13:b0:5c:a0:f8:22:30:f8:d9:
33:a7:e3:73:c9:08:31:38:39:1a:ef:ba:cc:af:a7:46:da:90:
1c:88:4f:6b:f5:9c:22:d6:ef:d6:83:b5:9d:63:20:40:43:cb:
fe:1d:44:8f:8f:9c:1e:45:8b:26:78:dc:e6:95:98:73:4b:68:
f4:e3:a5:8c:80:b8:6a:a4:80:f9:83:a4:74:52:fb:16:14:10:
ec:0f:1e:46
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYbbHxwxne0mp7PdW73U7iyqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzEzMTMxODE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzg4MThmMWMyOGI5NDRjMzYzMzVlYzgxZWRlMTMwZmVjMzlhMTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJF3oOqVFUF3MOIC1/rtDkqDfF+p
uEbugO4N1W2mr6AZu3w9Xzvd3oNI5WkWRMISRpdf3vjwlhAXGp6gyzqfmYPH8UVG
Hn33zyH4DwHnZC40A1GhmubF7V1HjN2MfCmmYxCtdHCjr+c/dIYJEHSELAcFXLTf
QWKZKUsiZYOJ21k2395LwqZNSdyOFB8FXghzPT2gMOdgdq+HT0a3abTn2xUNhFu0
Ws1wDQapzQnNMtj/kbli4dpv0O8Igp+CYErWGxEoRS3OVh+DkvC8hTfY6hCYsOMI
OTgqNve+w8LlOufhzhnkk1uVta/SWhSnDAijNcSFF3hZxJWSMBzO2Qh0xwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFMeIGPHCi5RMNjNeyB7eEw/sOaGQMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEveDRnWThjS0xsRXcyTTE3SUh0NFRELXc1b1pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAV/eUAwQA
WSU/AwQAW7zMAwQBXXP+AwQAXrBuAwQAuWdIAwQAue4KAwQBufHSMAwDBAC5/6kD
BAK5/6gDBAG81IQDBAC88OgwDQYJKoZIhvcNAQELBQADggEBAIUXxJ32JB+/Nq2h
pmND3BEXfE/0mlPXGpyw1riFkZYlZC9o7ueO8Xtf2qYXBnk9FzkkDuxv2u+whNz7
KYMJjxkz1s2CAboXPKYB56JxVPTvzkrn+TJHfauuZ8+Kl6VmLF7Rz2VpahE/LtKn
J5deQDGmNGuriHLBdgSP5cVUQKdKDhnHuTVg65KH3lrFhP2K6zmYbaJpkPpULDTh
Q1PIzT7YK0ztzt9by9fsDBOwXKD4IjD42TOn43PJCDE4ORrvusyvp0bakByIT2v1
nCLW79aDtZ1jIEBDy/4dRI+PnB5FiyZ43OaVmHNLaPTjpYyAuGqkgPmDpHRS+xYU
EOwPHkY=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:04 2023 by rpki-client on console-fra.rpki-client.org