Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/sKhp-tGsSA3zCBnEsWtjN8JcyGc.roa
File: sKhp-tGsSA3zCBnEsWtjN8JcyGc.roa (raw, json)
Hash identifier: tPcW+0ab5RJnghHefRefq7NOvcSn1ugniTKc6PbV4GA=
Subject key identifier: B0:A8:69:FA:D1:AC:48:0D:F3:08:19:C4:B1:6B:63:37:C2:5C:C8:67
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 018EF6754B97198AB54C1848A76EC2024A52
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/sKhp-tGsSA3zCBnEsWtjN8JcyGc.roa
Signing time: Fri 19 Apr 2024 13:04:25 +0000
ROA not before: Fri 19 Apr 2024 13:04:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198160
IP address blocks: 89.36.32.0/24 maxlen: 24
2a14:6780::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 May 2024 10:14:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f6:75:4b:97:19:8a:b5:4c:18:48:a7:6e:c2:02:4a:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: Apr 19 13:04:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0a869fad1ac480df30819c4b16b6337c25cc867
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:4e:b2:74:36:15:da:98:f7:45:6c:11:d7:36:
44:be:18:8f:c9:75:70:d2:25:bc:bc:49:b1:da:f0:
06:ac:72:f6:18:41:95:02:48:bb:3b:ce:71:d1:2a:
b5:0b:b2:fa:0a:8c:a9:eb:78:5e:53:6a:71:fb:23:
33:2b:96:d0:3b:65:ee:bf:53:bf:c2:c2:46:49:97:
2e:19:8a:7c:7b:33:9c:4a:de:49:93:58:41:99:5a:
62:ee:70:8e:95:75:a4:b9:29:d5:27:9b:75:c7:b8:
ac:ba:b8:2f:83:46:dc:d4:2f:8e:b0:67:96:9f:2f:
13:79:31:13:00:ec:0a:db:fa:56:5d:76:f9:3f:09:
f4:ec:a4:1f:91:2a:a5:2b:dc:ae:e7:11:61:00:77:
c7:35:04:a9:90:be:86:5c:7d:e3:5e:6c:c7:1f:cf:
25:81:04:37:e5:15:91:65:0f:e6:1f:b8:48:5e:a1:
a1:99:6f:80:0e:5b:2f:ac:1e:0a:f6:b2:01:11:d7:
24:45:5c:06:9a:d3:30:c9:10:eb:ab:50:40:0a:bd:
60:22:b3:f8:cf:63:e3:20:f9:b9:62:a3:e4:c9:d8:
6a:f1:43:be:46:1e:1a:b2:fb:ae:df:b3:e3:b3:a8:
3b:30:bd:df:97:51:7f:6b:50:c5:f5:92:93:06:39:
df:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:A8:69:FA:D1:AC:48:0D:F3:08:19:C4:B1:6B:63:37:C2:5C:C8:67
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/sKhp-tGsSA3zCBnEsWtjN8JcyGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.32.0/24
IPv6:
2a14:6780::/29
Signature Algorithm: sha256WithRSAEncryption
46:6d:86:b2:3d:a6:68:d4:38:19:07:d3:ee:df:31:c6:66:ef:
6a:2e:b5:2d:6c:bf:90:7b:d4:0e:c7:c5:59:8b:0b:5a:95:7e:
17:a1:d8:de:62:3b:72:40:0d:3a:1a:78:52:0a:29:e9:6a:68:
0d:cd:55:b4:63:4d:4b:3d:1a:0c:fd:ef:8b:db:78:0e:98:73:
25:13:e6:cc:8e:be:d1:5c:4c:39:87:b1:76:7a:2d:ce:58:37:
d8:1e:56:dc:f0:f1:86:ee:c4:3f:9f:ef:a5:9d:09:90:b2:2a:
28:6a:b9:2c:f6:1a:9a:8b:b2:fa:23:62:7d:5e:70:05:c4:5f:
c6:71:98:0b:85:10:e9:1d:f9:23:ee:a2:05:e2:c8:1a:c9:73:
4f:73:49:84:f8:67:61:dd:04:f7:1f:c1:2f:f5:f3:fa:10:1e:
d4:91:f8:b0:b8:ef:cb:c3:09:d3:81:9b:dc:ad:cc:1b:df:fb:
90:da:4f:1f:80:6f:80:a8:a1:11:1a:29:f4:3f:93:0f:6b:fe:
c5:47:96:5f:1e:16:46:1f:e2:29:0f:32:95:84:0b:69:07:8b:
f2:42:c4:53:66:c0:9f:79:38:69:eb:9d:75:90:82:42:08:33:
d2:53:5f:b4:3d:9e:31:d0:4c:84:62:af:6c:e8:b3:9f:82:ff:
e9:8f:87:89
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY72dUuXGYq1TBhIp27CAkpSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjQwNDE5MTMwNDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGE4NjlmYWQxYWM0ODBkZjMwODE5YzRiMTZiNjMzN2MyNWNjODY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjU6ydDYV2pj3RWwR1zZEvhiPyXVw
0iW8vEmx2vAGrHL2GEGVAki7O85x0Sq1C7L6Coyp63heU2px+yMzK5bQO2Xuv1O/
wsJGSZcuGYp8ezOcSt5Jk1hBmVpi7nCOlXWkuSnVJ5t1x7isurgvg0bc1C+OsGeW
ny8TeTETAOwK2/pWXXb5Pwn07KQfkSqlK9yu5xFhAHfHNQSpkL6GXH3jXmzHH88l
gQQ35RWRZQ/mH7hIXqGhmW+ADlsvrB4K9rIBEdckRVwGmtMwyRDrq1BACr1gIrP4
z2PjIPm5YqPkydhq8UO+Rh4asvuu37Pjs6g7ML3fl1F/a1DF9ZKTBjnfPwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLCoafrRrEgN8wgZxLFrYzfCXMhnMB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvc0tocC10R3NTQTN6Q0JuRXNXdGpOOEpjeUdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAWSQgMA0E
AgACMAcDBQMqFGeAMA0GCSqGSIb3DQEBCwUAA4IBAQBGbYayPaZo1DgZB9Pu3zHG
Zu9qLrUtbL+Qe9QOx8VZiwtalX4XodjeYjtyQA06GnhSCinpamgNzVW0Y01LPRoM
/e+L23gOmHMlE+bMjr7RXEw5h7F2ei3OWDfYHlbc8PGG7sQ/n++lnQmQsiooarks
9hqai7L6I2J9XnAFxF/GcZgLhRDpHfkj7qIF4sgayXNPc0mE+Gdh3QT3H8Ev9fP6
EB7UkfiwuO/LwwnTgZvcrcwb3/uQ2k8fgG+AqKERGin0P5MPa/7FR5ZfHhZGH+Ip
DzKVhAtpB4vyQsRTZsCfeThp6511kIJCCDPSU1+0PZ4x0EyEYq9s6LOfgv/pj4eJ
-----END CERTIFICATE-----
Generated at Thu May 2 13:51:20 2024 by rpki-client on console-fra.rpki-client.org