Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/xz96Gl9NapNcyTK517_U_yHlgkk.roa
File: xz96Gl9NapNcyTK517_U_yHlgkk.roa (raw, json)
Hash identifier: W9GKmZi+/alF+byVxNHC0x66p7xPb/CbcDDXPrKZKSI=
Subject key identifier: C7:3F:7A:1A:5F:4D:6A:93:5C:C9:32:B9:D7:BF:D4:FF:21:E5:82:49
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018AF195F8262B57ABED5E2BCD27950C2533
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/xz96Gl9NapNcyTK517_U_yHlgkk.roa
Signing time: Mon 02 Oct 2023 18:10:52 +0000
ROA not before: Mon 02 Oct 2023 18:10:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.112.64.0/22 maxlen: 24
188.241.242.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.159.0/24 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f1:95:f8:26:2b:57:ab:ed:5e:2b:cd:27:95:0c:25:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 2 18:10:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c73f7a1a5f4d6a935cc932b9d7bfd4ff21e58249
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:21:b5:56:8f:15:bb:fa:0a:df:ef:f5:3e:3c:
a0:f7:a5:9b:02:2f:79:2a:12:fc:52:ec:dc:bc:cd:
8c:e5:d9:dc:bb:be:e1:2a:16:d1:b0:db:7b:db:55:
3a:43:a0:76:b6:06:7e:7d:c2:82:9e:52:18:9c:e1:
6e:8c:5e:6f:9a:13:43:19:a6:bf:bc:bc:55:63:da:
81:ed:7f:b5:d0:90:51:e6:ba:46:40:ba:14:57:06:
f0:c4:e2:92:3a:c5:c4:a9:9f:8c:34:0e:e6:ac:d7:
34:86:6b:6c:71:d0:f4:d5:da:e2:45:0a:da:70:e9:
dd:16:09:ba:86:79:2b:13:86:2c:55:a9:dc:b2:08:
b0:1e:ee:cf:5a:0c:0c:2a:9d:ae:27:44:7d:a6:8c:
79:77:1b:6f:4a:d6:45:d0:22:52:ac:90:64:45:6d:
1f:60:5c:7c:b4:3b:f4:8b:ac:d2:79:d6:b7:8c:01:
54:30:3d:36:f2:9d:c5:9d:37:b9:9b:9d:5d:68:75:
d2:38:67:92:35:a6:a3:b0:a6:32:f4:39:75:f8:98:
a3:bf:83:46:c2:5c:09:6d:e3:cd:b1:64:b3:8c:6c:
48:8b:36:53:0a:0e:0a:fc:ff:90:98:38:70:20:9c:
15:a2:66:ff:b6:f6:18:5c:8d:23:d4:d6:17:99:0c:
ea:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:3F:7A:1A:5F:4D:6A:93:5C:C9:32:B9:D7:BF:D4:FF:21:E5:82:49
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/xz96Gl9NapNcyTK517_U_yHlgkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
45.156.159.0/24
87.247.148.0/22
89.33.84.0/23
89.35.154.0/24
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.112.64.0/22
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.168.0/22
188.212.133.0/24
188.212.155.0/24
188.212.158.0/24
188.213.202.0/23
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.240.233.0/24
188.241.242.0/23
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:10:eb:49:e9:e2:4a:cd:93:0e:cc:22:9c:64:47:28:ad:26:
e3:ea:54:a7:59:6f:d4:18:63:7c:5d:94:ac:ad:96:dc:81:4c:
8e:44:b1:64:d7:31:8a:95:51:b7:b5:36:bb:a8:5c:13:c8:cb:
fa:35:46:62:bc:a1:76:0e:e6:8b:64:7f:3d:d3:c0:68:ca:06:
eb:b1:48:97:bc:b9:87:65:3b:1c:5b:d8:5c:3e:19:db:48:5a:
1c:37:34:88:4f:3b:c7:b7:6d:c2:62:95:e2:8e:0b:52:ca:bb:
ad:e1:9f:92:75:62:85:34:62:23:05:5f:16:08:9d:b4:4e:c9:
f9:8e:74:6f:39:02:02:d2:cb:63:18:b8:6f:13:4f:98:b6:36:
0d:d1:8f:01:0c:96:9f:fa:c8:09:a1:1c:5c:05:e1:06:b3:93:
fa:53:83:82:45:c1:42:99:8e:58:92:a2:a7:15:54:bd:b3:fc:
e0:06:91:f6:9c:36:bc:05:53:6d:95:9b:64:01:96:fd:f5:37:
73:73:73:e9:5d:3c:c1:c0:41:01:85:93:25:ed:ab:98:af:8c:
3e:28:c5:01:ad:a4:63:63:64:72:82:68:ec:3e:0f:bb:f6:03:
f8:c2:58:7a:7b:11:b2:df:16:5c:d3:50:43:aa:9d:80:39:12:
40:95:7c:e5
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAYrxlfgmK1er7V4rzSeVDCUzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDAyMTgxMDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzNmN2ExYTVmNGQ2YTkzNWNjOTMyYjlkN2JmZDRmZjIxZTU4MjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSG1Vo8Vu/oK3+/1Pjyg96WbAi95
KhL8UuzcvM2M5dncu77hKhbRsNt721U6Q6B2tgZ+fcKCnlIYnOFujF5vmhNDGaa/
vLxVY9qB7X+10JBR5rpGQLoUVwbwxOKSOsXEqZ+MNA7mrNc0hmtscdD01driRQra
cOndFgm6hnkrE4YsVancsgiwHu7PWgwMKp2uJ0R9pox5dxtvStZF0CJSrJBkRW0f
YFx8tDv0i6zSeda3jAFUMD028p3FnTe5m51daHXSOGeSNaajsKYy9Dl1+Jijv4NG
wlwJbePNsWSzjGxIizZTCg4K/P+QmDhwIJwVomb/tvYYXI0j1NYXmQzqFQIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFMc/ehpfTWqTXMkyude/1P8h5YJJMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEveHo5NkdsOU5hcE5jeVRLNTE3X1VfeUhsZ2trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBqQQCAAEwgaIDBAIt
krgDBAAtnJ0DBAAtnJ8DBAJX95QDBAFZIVQDBABZI5oDBABZJT8DBAJbvMwDBAFd
c/4DBAK5cEADBAG5h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAK5/6gDBAC8
1IUDBAC81JsDBAC81J4DBAG81coDBAC81tEDBAG88OADBAC88OMDBAC88OkDBAG8
8fIDBAHBF4ADBALV6FwwDQYJKoZIhvcNAQELBQADggEBAHsQ60np4krNkw7MIpxk
RyitJuPqVKdZb9QYY3xdlKytltyBTI5EsWTXMYqVUbe1NruoXBPIy/o1RmK8oXYO
5otkfz3TwGjKBuuxSJe8uYdlOxxb2Fw+GdtIWhw3NIhPO8e3bcJileKOC1LKu63h
n5J1YoU0YiMFXxYInbROyfmOdG85AgLSy2MYuG8TT5i2Ng3RjwEMlp/6yAmhHFwF
4Qazk/pTg4JFwUKZjliSoqcVVL2z/OAGkfacNrwFU22Vm2QBlv31N3Nzc+ldPMHA
QQGFkyXtq5ivjD4oxQGtpGNjZHKCaOw+D7v2A/jCWHp7EbLfFlzTUEOqnYA5EkCV
fOU=
-----END CERTIFICATE-----
Generated at Wed Oct 4 14:10:21 2023 by rpki-client on console-ams.rpki-client.org