Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ywFm8uR3jZYfek47mgEHlmdNYwU.roa
File: ywFm8uR3jZYfek47mgEHlmdNYwU.roa (raw, json)
Hash identifier: AYyRLlVfQH9LlhlpUg2J5dSK+LTzyK1SF7zMw+HeWI0=
Subject key identifier: CB:01:66:F2:E4:77:8D:96:1F:7A:4E:3B:9A:01:07:96:67:4D:63:05
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B190936389ACBE4FC8CC7520466D40C20
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ywFm8uR3jZYfek47mgEHlmdNYwU.roa
Signing time: Tue 10 Oct 2023 10:01:55 +0000
ROA not before: Tue 10 Oct 2023 10:01:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.112.64.0/22 maxlen: 24
188.241.242.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.254.0/23 maxlen: 24
188.213.203.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:19:09:36:38:9a:cb:e4:fc:8c:c7:52:04:66:d4:0c:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 10 10:01:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb0166f2e4778d961f7a4e3b9a010796674d6305
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:b9:f4:77:ca:b2:02:7a:2e:95:05:7f:dc:f1:
2f:a4:41:56:f1:c9:ea:4b:03:4e:f2:76:57:2c:52:
8a:68:d6:79:d9:ac:b9:76:7d:9f:ea:c0:55:ad:b9:
a7:2e:2c:80:19:a3:90:a9:52:f9:7e:6f:ae:b9:2c:
37:7e:07:b2:92:df:18:0e:a5:b4:a6:ee:36:98:1f:
49:3b:ec:23:2c:f4:bc:52:84:6e:f8:33:45:b8:b4:
84:56:c3:dd:23:b6:37:45:37:18:09:cf:e1:9a:c6:
8a:2d:9b:41:d9:41:43:3d:1d:f2:a2:bf:70:8b:e3:
d6:2c:ec:24:b1:c9:24:f0:06:a7:25:c2:c3:31:2d:
14:fc:e9:aa:3b:3f:aa:b0:9c:42:c1:85:0b:ca:f8:
fe:70:1a:f9:fd:ca:d3:50:88:aa:5b:83:a8:4a:cf:
81:bb:4e:21:96:8e:27:50:4c:5d:05:f0:d7:01:20:
ea:97:11:6f:76:69:ed:5e:9a:f9:fb:07:c3:48:f0:
da:b1:5a:48:d5:9f:e2:0b:27:4f:76:c0:a5:35:a7:
ca:98:d7:87:de:f1:3e:aa:3c:18:5c:f9:1a:2b:59:
a6:e9:52:45:f9:97:51:9f:3b:48:57:47:ab:16:71:
77:21:f7:16:d4:79:ce:78:25:bb:55:66:ca:17:91:
b2:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:01:66:F2:E4:77:8D:96:1F:7A:4E:3B:9A:01:07:96:67:4D:63:05
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ywFm8uR3jZYfek47mgEHlmdNYwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
87.247.148.0/22
89.33.85.0/24
89.35.154.0/24
89.37.63.0/24
91.188.204.0/22
93.115.254.0/23
185.112.64.0/22
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.168.0/22
188.212.133.0/24
188.212.155.0/24
188.212.158.0/23
188.213.202.0/23
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.240.233.0/24
188.241.242.0/23
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
88:79:a7:1e:f3:e7:1e:58:12:d7:40:bc:98:64:22:f5:e8:d0:
d3:72:30:fd:1b:b9:f1:ef:01:d0:bc:4d:c5:4a:68:7e:15:aa:
36:7c:5a:05:6b:05:c5:6b:5b:a2:27:f9:4f:44:58:51:16:d1:
f6:58:ad:a7:27:60:a6:c3:8b:46:bc:cb:14:66:aa:3d:99:72:
0d:c5:91:76:0c:77:4a:7b:0d:09:e2:fe:2a:f4:9e:7d:5b:e5:
6a:44:a6:6d:9a:64:4a:59:eb:99:e7:49:51:36:0d:1a:7b:d0:
03:82:9f:0c:5f:8e:74:83:e6:79:46:ef:f2:a5:b4:0a:42:c0:
a1:4b:65:26:ce:32:bb:d5:ba:bf:df:42:ef:17:d6:c1:25:f4:
b0:d6:b1:62:24:74:7d:29:7c:19:18:26:fb:20:39:44:b0:ce:
bc:9d:4b:d5:63:46:1d:e7:d6:e9:7e:99:9a:7a:36:7a:cd:ea:
fe:e2:a6:be:43:75:75:7f:25:71:6e:c2:bf:f6:b2:d2:b2:23:
6a:5b:75:03:98:d7:de:bc:e8:f7:95:a2:76:52:bd:2e:c4:f0:
24:a8:db:60:6b:29:6b:53:54:1e:ed:85:b8:21:48:99:50:02:
0c:17:25:19:83:dd:87:20:ca:27:aa:f4:46:ef:4a:b5:4b:3b:
10:d6:53:05
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYsZCTY4msvk/IzHUgRm1AwgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDEwMTAwMTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjAxNjZmMmU0Nzc4ZDk2MWY3YTRlM2I5YTAxMDc5NjY3NGQ2MzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbn0d8qyAnoulQV/3PEvpEFW8cnq
SwNO8nZXLFKKaNZ52ay5dn2f6sBVrbmnLiyAGaOQqVL5fm+uuSw3fgeykt8YDqW0
pu42mB9JO+wjLPS8UoRu+DNFuLSEVsPdI7Y3RTcYCc/hmsaKLZtB2UFDPR3yor9w
i+PWLOwksckk8AanJcLDMS0U/OmqOz+qsJxCwYULyvj+cBr5/crTUIiqW4OoSs+B
u04hlo4nUExdBfDXASDqlxFvdmntXpr5+wfDSPDasVpI1Z/iCydPdsClNafKmNeH
3vE+qjwYXPkaK1mm6VJF+ZdRnztIV0erFnF3IfcW1HnOeCW7VWbKF5Gy/QIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFMsBZvLkd42WH3pOO5oBB5ZnTWMFMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEveXdGbTh1UjNqWllmZWs0N21nRUhsbWROWXdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwDBAIt
krgDBAAtnJ0DBAJX95QDBABZIVUDBABZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAK5
cEADBAG5h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAK5/6gDBAC81IUDBAC8
1JsDBAG81J4DBAG81coDBAC81tEDBAG88OADBAC88OMDBAC88OkDBAG88fIDBAHB
F4ADBALV6FwwDQYJKoZIhvcNAQELBQADggEBAIh5px7z5x5YEtdAvJhkIvXo0NNy
MP0bufHvAdC8TcVKaH4VqjZ8WgVrBcVrW6In+U9EWFEW0fZYracnYKbDi0a8yxRm
qj2Zcg3FkXYMd0p7DQni/ir0nn1b5WpEpm2aZEpZ65nnSVE2DRp70AOCnwxfjnSD
5nlG7/KltApCwKFLZSbOMrvVur/fQu8X1sEl9LDWsWIkdH0pfBkYJvsgOUSwzryd
S9VjRh3n1ul+mZp6NnrN6v7ipr5DdXV/JXFuwr/2stKyI2pbdQOY19686PeVonZS
vS7E8CSo22BrKWtTVB7thbghSJlQAgwXJRmD3Ycgyieq9EbvSrVLOxDWUwU=
Generated at Tue Oct 10 23:14:07 2023 by rpki-client on console-ams.rpki-client.org