Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/SN6IEVUEiRd7ZnUYsHtv2pgEMfw.roa
File: SN6IEVUEiRd7ZnUYsHtv2pgEMfw.roa (raw, json)
Hash identifier: /JlqZA5c5E8LWfDb/kaOEho6xKwj6I4jvutxqfvFOGU=
Subject key identifier: 48:DE:88:11:55:04:89:17:7B:66:75:18:B0:7B:6F:DA:98:04:31:FC
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 018F5CA6F5C3D2537AC6CF5D29BE3C18E9E3
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/SN6IEVUEiRd7ZnUYsHtv2pgEMfw.roa
Signing time: Thu 09 May 2024 09:19:56 +0000
ROA not before: Thu 09 May 2024 09:19:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198160
IP address blocks: 89.36.32.0/24 maxlen: 24
185.121.134.0/24 maxlen: 24
185.121.135.0/24 maxlen: 24
2a14:6780::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 14 May 2024 15:10:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5c:a6:f5:c3:d2:53:7a:c6:cf:5d:29:be:3c:18:e9:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: May 9 09:19:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=48de8811550489177b667518b07b6fda980431fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5f:8b:47:97:df:c5:f8:2e:20:ac:14:08:e4:
f6:69:cb:20:a5:3b:39:6f:5e:e1:66:d2:1e:97:a0:
54:42:52:b5:62:24:82:13:e2:73:28:72:fc:c6:29:
c5:2f:91:fe:68:f7:6f:c4:40:16:7c:ab:d8:ba:66:
2d:0e:ae:06:f2:53:94:61:24:30:98:2e:92:f7:5b:
d6:51:84:3f:38:6f:e4:a7:5c:66:d5:6a:ee:d2:5e:
2a:3c:36:97:f9:24:85:04:86:c6:88:0d:d9:bd:e1:
68:c9:90:28:97:25:8c:80:df:46:68:92:1b:4f:4b:
a8:75:3d:d3:4c:c1:cf:cb:31:97:81:e6:ba:e0:b0:
10:07:24:0e:c3:fa:42:c9:3d:61:7e:23:e8:71:f2:
eb:fc:5a:69:65:12:02:05:e8:e9:cd:e8:d8:28:40:
bd:77:5d:09:84:21:7b:f8:7e:0b:3b:ef:77:3a:62:
3e:07:7d:85:d5:8d:e9:f2:fc:01:91:9e:d5:b4:ae:
7a:e4:f9:3d:9f:a4:2f:94:5b:dc:0d:a7:11:c1:e3:
76:a9:35:0e:3d:ae:2f:9d:5b:18:6e:b1:38:cf:ce:
7c:6c:5a:23:c5:6c:e8:32:c6:39:84:b9:a7:d1:59:
8e:fe:59:b6:07:22:ac:12:04:8d:03:ab:dd:ad:4c:
64:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:DE:88:11:55:04:89:17:7B:66:75:18:B0:7B:6F:DA:98:04:31:FC
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/SN6IEVUEiRd7ZnUYsHtv2pgEMfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.32.0/24
185.121.134.0/23
IPv6:
2a14:6780::/29
Signature Algorithm: sha256WithRSAEncryption
81:93:c0:1e:23:56:da:f3:6e:d4:41:36:62:c2:65:72:8e:6e:
7e:4b:d4:70:3c:16:af:45:04:a4:c7:70:e4:bf:09:21:08:fb:
09:e8:f0:82:cc:cc:22:eb:98:c0:c2:b1:2f:f3:64:a5:e9:4f:
40:12:9b:30:d8:2e:f3:25:88:dd:b5:c0:63:2c:ff:02:9e:bc:
64:4a:5e:d7:4e:96:d1:be:a5:8d:b5:a2:88:80:71:17:5d:86:
be:25:08:ca:5f:dd:8d:16:48:ce:f7:d9:e1:da:73:97:58:26:
6a:3c:cc:67:23:74:08:6b:7f:46:ac:c6:52:b0:4d:d8:45:0c:
ee:50:f9:cc:1a:55:83:14:c0:c0:ad:de:8f:29:a6:74:d4:47:
33:dd:40:55:3a:fc:5c:97:1b:d6:f5:8c:be:cd:f5:eb:9c:b7:
81:3f:69:f0:0c:10:ad:8b:bb:47:21:72:92:07:e0:e7:c4:ec:
8a:6c:29:62:95:fa:4b:2a:3f:f2:ef:d6:a4:4b:72:71:46:92:
31:84:61:f1:61:ef:f2:02:44:28:b0:d6:02:38:ea:5d:ed:c0:
e9:56:db:7d:1d:42:92:62:ef:48:85:15:98:33:78:1f:6f:a9:
12:fa:c6:7d:22:d6:b6:2d:0d:1f:f5:ad:28:dd:74:b4:3b:21:
e2:ef:82:bf
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY9cpvXD0lN6xs9dKb48GOnjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjQwNTA5MDkxOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGRlODgxMTU1MDQ4OTE3N2I2Njc1MThiMDdiNmZkYTk4MDQzMWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtF+LR5ffxfguIKwUCOT2acsgpTs5
b17hZtIel6BUQlK1YiSCE+JzKHL8xinFL5H+aPdvxEAWfKvYumYtDq4G8lOUYSQw
mC6S91vWUYQ/OG/kp1xm1Wru0l4qPDaX+SSFBIbGiA3ZveFoyZAolyWMgN9GaJIb
T0uodT3TTMHPyzGXgea64LAQByQOw/pCyT1hfiPocfLr/FppZRICBejpzejYKEC9
d10JhCF7+H4LO+93OmI+B32F1Y3p8vwBkZ7VtK565Pk9n6QvlFvcDacRweN2qTUO
Pa4vnVsYbrE4z858bFojxWzoMsY5hLmn0VmO/lm2ByKsEgSNA6vdrUxkqwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEjeiBFVBIkXe2Z1GLB7b9qYBDH8MB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvU042SUVWVUVpUmQ3Wm5VWXNIdHYycGdFTWZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAWSQgAwQB
uXmGMA0EAgACMAcDBQMqFGeAMA0GCSqGSIb3DQEBCwUAA4IBAQCBk8AeI1ba827U
QTZiwmVyjm5+S9RwPBavRQSkx3DkvwkhCPsJ6PCCzMwi65jAwrEv82Sl6U9AEpsw
2C7zJYjdtcBjLP8CnrxkSl7XTpbRvqWNtaKIgHEXXYa+JQjKX92NFkjO99nh2nOX
WCZqPMxnI3QIa39GrMZSsE3YRQzuUPnMGlWDFMDArd6PKaZ01Ecz3UBVOvxclxvW
9Yy+zfXrnLeBP2nwDBCti7tHIXKSB+DnxOyKbClilfpLKj/y79akS3JxRpIxhGHx
Ye/yAkQosNYCOOpd7cDpVtt9HUKSYu9IhRWYM3gfb6kS+sZ9Ita2LQ0f9a0o3XS0
OyHi74K/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:40 2024 by rpki-client on console-ams.rpki-client.org