Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/pSwviU-QD0_6xGhVfpXeKSkSpwk.roa
File: pSwviU-QD0_6xGhVfpXeKSkSpwk.roa (raw, json)
Hash identifier: ZdkAS2/Y0kF6gy2Q9uTkvo/hvo/Bvq11ttX+vZ08DeQ=
Subject key identifier: A5:2C:2F:89:4F:90:0F:4F:FA:C4:68:55:7E:95:DE:29:29:12:A7:09
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 018EF6411BB3BE10BD6780AA41157586E387
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/pSwviU-QD0_6xGhVfpXeKSkSpwk.roa
Signing time: Fri 19 Apr 2024 12:07:25 +0000
ROA not before: Fri 19 Apr 2024 12:07:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198160
IP address blocks: 89.36.32.0/24 maxlen: 24
89.36.35.0/24 maxlen: 24
2a14:6780::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 19 Apr 2024 13:04:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f6:41:1b:b3:be:10:bd:67:80:aa:41:15:75:86:e3:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: Apr 19 12:07:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a52c2f894f900f4ffac468557e95de292912a709
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:84:93:14:c7:9a:58:69:e2:bc:b7:ee:01:66:
7e:62:a1:f2:cd:a7:dc:72:cf:5b:4c:0b:29:f0:67:
d9:69:e0:3e:69:73:4f:2b:92:5c:1e:5f:2a:98:c3:
4e:46:d2:13:f9:b3:bc:85:fb:0c:1b:fa:eb:79:f0:
1a:c5:73:11:bf:fb:89:09:c9:c8:22:26:0c:ee:22:
ee:0b:52:93:b2:b2:e2:09:18:5c:6c:4b:c1:b9:cf:
02:40:e0:04:93:5a:02:94:bd:dd:d1:5a:18:a6:8e:
78:d6:10:2a:d1:14:35:00:7c:98:f9:d4:e9:ea:a5:
13:d7:26:5d:c2:0e:5c:7c:27:4a:12:9d:a1:ab:31:
e8:39:23:2e:27:96:88:3a:e3:ad:f1:bc:df:51:16:
f9:26:61:af:0a:09:18:1e:2e:8f:cd:0d:e2:34:29:
d8:99:93:38:0e:39:d2:93:80:2b:7d:8d:97:45:dc:
b3:d4:31:84:48:f7:e5:97:ff:a2:8a:7e:02:e8:c8:
53:bb:2d:80:75:10:dd:05:ad:2c:05:45:6b:aa:f4:
f7:25:06:2a:44:05:ba:9a:1a:f3:fa:47:ff:e2:4a:
bd:43:dd:3b:38:d7:8e:02:47:06:fb:e4:ad:bf:0a:
bf:fc:56:2c:c7:4e:89:a9:19:75:b0:e6:64:06:ce:
a3:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:2C:2F:89:4F:90:0F:4F:FA:C4:68:55:7E:95:DE:29:29:12:A7:09
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/pSwviU-QD0_6xGhVfpXeKSkSpwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.32.0/24
89.36.35.0/24
IPv6:
2a14:6780::/29
Signature Algorithm: sha256WithRSAEncryption
77:45:62:19:01:94:cf:ae:2f:d8:af:2e:31:d9:2c:79:89:f1:
60:11:33:2a:f4:69:d8:26:e7:a4:cc:fc:73:00:62:d5:5a:eb:
45:cb:ec:30:ac:b0:6a:67:8c:9d:f6:be:09:8d:d2:8a:11:d5:
4f:35:0d:83:ac:be:fc:3f:b7:b5:fa:63:17:71:56:dd:aa:b5:
53:c8:8d:ef:6e:dd:ee:99:8d:a6:76:6b:5f:73:a9:b5:43:0d:
d3:89:f0:f7:b2:a4:d9:01:a3:96:3b:d9:c8:cb:0c:b7:9b:4e:
4d:cd:9d:9b:14:8c:3c:19:0c:0e:c4:33:13:11:cd:f5:d5:c4:
3f:32:db:e5:2a:28:04:68:86:eb:c6:33:4a:18:15:89:72:7b:
da:af:17:b8:28:c8:4c:3a:d7:da:2c:57:c3:13:01:c6:64:3a:
79:6e:02:e4:c7:b0:7a:de:75:ef:1b:4e:09:6c:69:99:e7:20:
dc:9e:60:a0:36:28:b8:89:1d:bc:e8:cf:e9:c3:6a:9f:82:8a:
c5:47:62:27:1a:15:42:f6:cf:76:6d:53:9d:e1:9e:57:d8:8f:
1f:87:60:b7:44:78:88:6d:4f:75:2b:40:bf:e8:d7:eb:0a:80:
01:92:30:a8:44:76:c9:9d:ff:12:7c:45:fc:6d:9a:0f:0d:ff:
df:16:99:15
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY72QRuzvhC9Z4CqQRV1huOHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjQwNDE5MTIwNzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTJjMmY4OTRmOTAwZjRmZmFjNDY4NTU3ZTk1ZGUyOTI5MTJhNzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4STFMeaWGnivLfuAWZ+YqHyzafc
cs9bTAsp8GfZaeA+aXNPK5JcHl8qmMNORtIT+bO8hfsMG/rrefAaxXMRv/uJCcnI
IiYM7iLuC1KTsrLiCRhcbEvBuc8CQOAEk1oClL3d0VoYpo541hAq0RQ1AHyY+dTp
6qUT1yZdwg5cfCdKEp2hqzHoOSMuJ5aIOuOt8bzfURb5JmGvCgkYHi6PzQ3iNCnY
mZM4DjnSk4ArfY2XRdyz1DGESPfll/+iin4C6MhTuy2AdRDdBa0sBUVrqvT3JQYq
RAW6mhrz+kf/4kq9Q907ONeOAkcG++Stvwq//FYsx06JqRl1sOZkBs6joQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKUsL4lPkA9P+sRoVX6V3ikpEqcJMB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvcFN3dmlVLVFEMF82eEdoVmZwWGVLU2tTcHdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAWSQgAwQA
WSQjMA0EAgACMAcDBQMqFGeAMA0GCSqGSIb3DQEBCwUAA4IBAQB3RWIZAZTPri/Y
ry4x2Sx5ifFgETMq9GnYJuekzPxzAGLVWutFy+wwrLBqZ4yd9r4JjdKKEdVPNQ2D
rL78P7e1+mMXcVbdqrVTyI3vbt3umY2mdmtfc6m1Qw3TifD3sqTZAaOWO9nIywy3
m05NzZ2bFIw8GQwOxDMTEc311cQ/MtvlKigEaIbrxjNKGBWJcnvarxe4KMhMOtfa
LFfDEwHGZDp5bgLkx7B63nXvG04JbGmZ5yDcnmCgNii4iR286M/pw2qfgorFR2In
GhVC9s92bVOd4Z5X2I8fh2C3RHiIbU91K0C/6NfrCoABkjCoRHbJnf8SfEX8bZoP
Df/fFpkV
-----END CERTIFICATE-----
Generated at Fri Apr 19 18:28:16 2024 by rpki-client on console-ams.rpki-client.org