Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/7d2944-1ed6-4fcd-8c5c-77b4bbe35a9e/1/nUy9e_y8beOgn_JWbnZGi4FPdbk.roa
File: nUy9e_y8beOgn_JWbnZGi4FPdbk.roa (raw, json)
Hash identifier: /9uirZvh/QXTQzDQd65atGVJEwq6dyHnIdTaml78xVA=
Subject key identifier: 9D:4C:BD:7B:FC:BC:6D:E3:A0:9F:F2:56:6E:76:46:8B:81:4F:75:B9
Certificate issuer: /CN=bc6d2ed7794d3217cfaafe1cad53f755b82ce3a9
Certificate serial: 01856D4AB8883D4523093FD1C109345FAC41
Authority key identifier: BC:6D:2E:D7:79:4D:32:17:CF:AA:FE:1C:AD:53:F7:55:B8:2C:E3:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vG0u13lNMhfPqv4crVP3Vbgs46k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/7d2944-1ed6-4fcd-8c5c-77b4bbe35a9e/1/nUy9e_y8beOgn_JWbnZGi4FPdbk.roa
Signing time: Sun 01 Jan 2023 12:24:51 +0000
ROA not before: Sun 01 Jan 2023 12:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39668
IP address blocks: 185.132.172.0/22 maxlen: 22
89.35.128.0/24 maxlen: 24
2a09:4080::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:b8:88:3d:45:23:09:3f:d1:c1:09:34:5f:ac:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc6d2ed7794d3217cfaafe1cad53f755b82ce3a9
Validity
Not Before: Jan 1 12:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d4cbd7bfcbc6de3a09ff2566e76468b814f75b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:82:09:c3:7c:73:ea:f3:b3:86:f5:75:b2:6c:
33:56:9d:42:a5:c8:fb:aa:5a:0c:db:a1:f7:d3:8e:
07:7b:6d:4d:86:ed:13:f7:5d:31:48:3b:ba:b3:ab:
71:56:a8:69:5a:79:79:da:e0:46:30:f6:6a:ba:e7:
2c:2f:40:da:21:47:23:2e:a8:60:98:b5:59:c7:09:
b3:95:b6:9d:3d:00:2b:9f:52:bd:ab:7f:cf:2e:87:
e0:d3:ae:3d:97:8e:9b:b6:4f:60:0f:ab:7f:be:df:
42:00:09:7c:31:27:90:45:a0:6e:c2:21:9b:41:2c:
3f:40:b5:38:6f:05:55:e0:5f:6d:68:42:dc:40:61:
9f:d8:6a:86:c3:98:a7:23:b0:30:30:8c:11:89:37:
be:03:44:b2:23:d8:39:99:f5:4a:6d:6a:d5:32:f9:
ea:df:42:f2:f2:7a:b8:98:3f:85:4c:3e:7b:0b:a1:
46:4f:25:85:0a:47:39:4a:83:df:a6:60:62:66:5e:
1c:94:dd:d9:e7:9f:87:f3:a1:2a:10:30:f5:51:4e:
33:3d:89:b2:ef:37:57:15:ee:6f:e8:f5:13:8c:69:
3c:b0:71:59:1b:80:a6:aa:77:64:a6:af:fa:d0:ac:
c4:ac:b6:df:31:d0:0f:d8:2f:59:aa:16:fe:75:9e:
aa:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:4C:BD:7B:FC:BC:6D:E3:A0:9F:F2:56:6E:76:46:8B:81:4F:75:B9
X509v3 Authority Key Identifier:
keyid:BC:6D:2E:D7:79:4D:32:17:CF:AA:FE:1C:AD:53:F7:55:B8:2C:E3:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vG0u13lNMhfPqv4crVP3Vbgs46k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/7d2944-1ed6-4fcd-8c5c-77b4bbe35a9e/1/nUy9e_y8beOgn_JWbnZGi4FPdbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/7d2944-1ed6-4fcd-8c5c-77b4bbe35a9e/1/vG0u13lNMhfPqv4crVP3Vbgs46k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.128.0/24
185.132.172.0/22
IPv6:
2a09:4080::/29
Signature Algorithm: sha256WithRSAEncryption
15:41:8c:e3:bc:af:8b:60:5c:ec:79:64:30:f0:ea:62:f0:79:
50:f0:b2:37:61:93:d8:12:46:17:63:db:fb:75:f8:5f:76:fb:
6a:f6:72:4e:b1:23:13:4d:9d:be:db:b4:a9:97:ab:e4:e1:e6:
b6:96:6e:07:6a:27:95:e6:1b:22:bf:4b:b2:13:d0:3c:2f:a4:
0c:bf:aa:42:f2:a3:c5:45:9a:bf:78:41:dc:81:21:d5:17:2e:
0a:41:a7:55:5f:4e:33:ad:b1:45:80:dc:e7:bc:4f:c0:38:a6:
18:ef:b2:c0:8d:46:0f:de:8b:3b:ad:ec:08:f3:af:d9:14:ee:
b1:f5:63:74:72:bb:55:f4:8e:72:9c:1d:14:85:aa:dd:78:e2:
09:5f:0a:65:96:a4:e7:40:45:e2:9d:e2:0c:e6:f7:d0:05:4c:
c1:c5:f5:ec:af:8f:38:ad:b5:7a:ef:7b:49:5e:d9:aa:ff:c6:
ee:d7:76:80:33:b4:dd:c7:8d:97:50:b7:d3:f5:3d:fa:8d:60:
b3:a6:12:c2:13:32:df:b7:0e:b6:72:0f:55:e1:47:b0:c1:91:
a4:5c:75:64:39:a8:19:b6:52:8c:6f:aa:4d:15:24:35:fe:d8:
3b:0c:fb:d9:f9:95:cb:4a:29:5f:02:bc:52:bd:7a:a3:85:c9:
28:93:1f:dc
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtSriIPUUjCT/RwQk0X6xBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNmQyZWQ3Nzk0ZDMyMTdjZmFhZmUxY2FkNTNmNzU1Yjgy
Y2UzYTkwHhcNMjMwMTAxMTIyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDRjYmQ3YmZjYmM2ZGUzYTA5ZmYyNTY2ZTc2NDY4YjgxNGY3NWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYIJw3xz6vOzhvV1smwzVp1Cpcj7
qloM26H3044He21Nhu0T910xSDu6s6txVqhpWnl52uBGMPZquucsL0DaIUcjLqhg
mLVZxwmzlbadPQArn1K9q3/PLofg0649l46btk9gD6t/vt9CAAl8MSeQRaBuwiGb
QSw/QLU4bwVV4F9taELcQGGf2GqGw5inI7AwMIwRiTe+A0SyI9g5mfVKbWrVMvnq
30Ly8nq4mD+FTD57C6FGTyWFCkc5SoPfpmBiZl4clN3Z55+H86EqEDD1UU4zPYmy
7zdXFe5v6PUTjGk8sHFZG4Cmqndkpq/60KzErLbfMdAP2C9Zqhb+dZ6qlwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJ1MvXv8vG3joJ/yVm52RouBT3W5MB8GA1UdIwQY
MBaAFLxtLtd5TTIXz6r+HK1T91W4LOOpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkcwdTEzbE5NaGZQcXY0Y3JWUDNWYmdzNDZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC83ZDI5NDQtMWVkNi00ZmNkLThjNWMt
NzdiNGJiZTM1YTllLzEvblV5OWVfeThiZU9nbl9KV2JuWkdpNEZQZGJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC83ZDI5NDQtMWVkNi00ZmNkLThjNWMtNzdiNGJiZTM1YTll
LzEvdkcwdTEzbE5NaGZQcXY0Y3JWUDNWYmdzNDZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAWSOAAwQC
uYSsMA0EAgACMAcDBQMqCUCAMA0GCSqGSIb3DQEBCwUAA4IBAQAVQYzjvK+LYFzs
eWQw8Opi8HlQ8LI3YZPYEkYXY9v7dfhfdvtq9nJOsSMTTZ2+27Spl6vk4ea2lm4H
aieV5hsiv0uyE9A8L6QMv6pC8qPFRZq/eEHcgSHVFy4KQadVX04zrbFFgNznvE/A
OKYY77LAjUYP3os7rewI86/ZFO6x9WN0crtV9I5ynB0UhardeOIJXwpllqTnQEXi
neIM5vfQBUzBxfXsr484rbV673tJXtmq/8bu13aAM7Tdx42XULfT9T36jWCzphLC
EzLftw62cg9V4UewwZGkXHVkOagZtlKMb6pNFSQ1/tg7DPvZ+ZXLSilfArxSvXqj
hckokx/c
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:38 2024 by rpki-client on console-ams.rpki-client.org