Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/_grDczPZUUHYIQRvk9KX2xm8LKk.roa
File: _grDczPZUUHYIQRvk9KX2xm8LKk.roa (raw, json)
Hash identifier: NqTKNiJfPyEIOxkW3PmoSf0VIs/peGSaiWjRVqXsUwo=
Subject key identifier: FE:0A:C3:73:33:D9:51:41:D8:21:04:6F:93:D2:97:DB:19:BC:2C:A9
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 018F77A7A36F5D00D54F2C38B21194B8543A
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/_grDczPZUUHYIQRvk9KX2xm8LKk.roa
Signing time: Tue 14 May 2024 15:10:25 +0000
ROA not before: Tue 14 May 2024 15:10:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198160
IP address blocks: 89.36.32.0/24 maxlen: 24
185.121.135.0/24 maxlen: 24
2a14:6780::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 15 May 2024 09:12:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:77:a7:a3:6f:5d:00:d5:4f:2c:38:b2:11:94:b8:54:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: May 14 15:10:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe0ac37333d95141d821046f93d297db19bc2ca9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1f:e3:56:f2:8c:9a:60:97:e2:72:89:60:ae:
f3:0d:4b:12:73:1b:93:9b:23:f8:ab:52:94:d3:56:
fc:0f:66:8a:2a:5e:3a:c7:70:d5:72:03:75:54:b7:
8d:89:8f:e6:14:de:bc:08:6a:bc:34:50:d0:c4:6b:
57:3f:2e:1d:16:a2:10:43:ce:62:f6:44:f3:a4:44:
1f:bf:31:38:48:d5:d7:4a:f9:b0:8c:9e:de:b7:a0:
bb:e1:3d:50:e4:d4:7a:c4:5a:32:a0:37:9f:dc:41:
15:25:41:c1:36:68:6f:4a:18:44:fa:02:48:27:16:
4c:83:6a:b4:78:5c:08:90:12:25:37:c6:05:48:7c:
23:3d:20:03:ca:7f:0a:16:b2:b3:9a:f8:d9:08:fe:
7f:f5:a4:59:82:0b:59:7a:a6:7b:8c:47:dd:c1:50:
67:0c:56:29:d1:26:46:58:6e:13:58:c4:b9:c3:0a:
86:49:b7:46:4b:5f:31:d5:af:87:ea:20:2b:1a:04:
dd:c2:8c:86:4a:8b:d9:ec:39:c9:45:50:96:e8:91:
b8:9e:8a:ec:8e:48:a5:00:b6:ff:41:1d:ab:cd:fe:
d5:cd:44:6e:3d:6c:16:6b:c3:c2:d5:2c:a6:34:a6:
ef:db:7b:be:4d:73:b1:b9:9a:9e:aa:43:47:ac:ac:
43:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:0A:C3:73:33:D9:51:41:D8:21:04:6F:93:D2:97:DB:19:BC:2C:A9
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/_grDczPZUUHYIQRvk9KX2xm8LKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.32.0/24
185.121.135.0/24
IPv6:
2a14:6780::/29
Signature Algorithm: sha256WithRSAEncryption
2f:a9:42:fa:11:bc:66:60:65:48:86:cb:9c:db:09:0f:11:cc:
e1:ce:1a:cc:65:4b:7f:d1:6c:42:c9:6e:70:b4:39:3b:70:51:
51:5d:e7:37:c9:84:e9:fa:c7:d9:c5:5c:40:e0:fb:01:51:4d:
2a:08:b5:80:59:53:08:ae:05:8a:cd:c7:4a:ac:34:02:2a:de:
18:6a:dc:74:b0:b5:f4:b5:32:b4:cf:73:9e:e8:12:08:cb:c0:
d3:4c:a9:ab:13:8a:76:83:78:27:ea:71:49:02:ed:79:1d:87:
ab:ea:85:a3:92:64:63:70:80:ee:73:f3:51:ec:4a:6a:04:23:
04:70:50:c7:5e:f0:73:1f:57:c6:7c:73:b6:cc:a4:46:f5:69:
ef:a3:fb:41:d6:d1:fc:b4:ee:b7:ba:0a:48:69:3d:6a:3b:f5:
1f:ab:f3:d1:fc:39:45:30:54:c9:a4:b6:42:51:0f:7f:16:35:
fe:37:ae:cf:d3:8f:ac:e3:2e:d9:c0:4f:87:39:d5:32:c4:b6:
33:7e:75:ab:b1:a8:bd:fc:0a:ea:c9:85:ba:f1:b1:60:66:a0:
35:9e:51:4c:67:40:9d:c3:d5:5e:bb:c3:bd:c2:30:a5:c4:95:
e5:a7:67:2c:90:44:9b:88:78:21:0c:aa:85:d1:f3:d1:1b:a4:
d4:d8:ba:a4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY93p6NvXQDVTyw4shGUuFQ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjQwNTE0MTUxMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTBhYzM3MzMzZDk1MTQxZDgyMTA0NmY5M2QyOTdkYjE5YmMyY2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsx/jVvKMmmCX4nKJYK7zDUsScxuT
myP4q1KU01b8D2aKKl46x3DVcgN1VLeNiY/mFN68CGq8NFDQxGtXPy4dFqIQQ85i
9kTzpEQfvzE4SNXXSvmwjJ7et6C74T1Q5NR6xFoyoDef3EEVJUHBNmhvShhE+gJI
JxZMg2q0eFwIkBIlN8YFSHwjPSADyn8KFrKzmvjZCP5/9aRZggtZeqZ7jEfdwVBn
DFYp0SZGWG4TWMS5wwqGSbdGS18x1a+H6iArGgTdwoyGSovZ7DnJRVCW6JG4nors
jkilALb/QR2rzf7VzURuPWwWa8PC1SymNKbv23u+TXOxuZqeqkNHrKxDGQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFP4Kw3Mz2VFB2CEEb5PSl9sZvCypMB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvX2dyRGN6UFpVVUhZSVFSdms5S1gyeG04TEtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAWSQgAwQA
uXmHMA0EAgACMAcDBQMqFGeAMA0GCSqGSIb3DQEBCwUAA4IBAQAvqUL6EbxmYGVI
hsuc2wkPEczhzhrMZUt/0WxCyW5wtDk7cFFRXec3yYTp+sfZxVxA4PsBUU0qCLWA
WVMIrgWKzcdKrDQCKt4Yatx0sLX0tTK0z3Oe6BIIy8DTTKmrE4p2g3gn6nFJAu15
HYer6oWjkmRjcIDuc/NR7EpqBCMEcFDHXvBzH1fGfHO2zKRG9Wnvo/tB1tH8tO63
ugpIaT1qO/Ufq/PR/DlFMFTJpLZCUQ9/FjX+N67P04+s4y7ZwE+HOdUyxLYzfnWr
sai9/ArqyYW68bFgZqA1nlFMZ0Cdw9Veu8O9wjClxJXlp2cskESbiHghDKqF0fPR
G6TU2Lqk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:44 2024 by rpki-client on console-fra.rpki-client.org