Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/t2WSvk1dwzt0u0ostuObKbKE0nY.roa
File: t2WSvk1dwzt0u0ostuObKbKE0nY.roa (raw, json)
Hash identifier: SzeX9e1srm13pD0OrU4xu3LksbGWAn+EY+DnaNICPto=
Subject key identifier: B7:65:92:BE:4D:5D:C3:3B:74:BB:4A:2C:B6:E3:9B:29:B2:84:D2:76
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018FF222A4B1ED9E5519E5FB3FB9E485D619
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/t2WSvk1dwzt0u0ostuObKbKE0nY.roa
Signing time: Fri 07 Jun 2024 09:58:27 +0000
ROA not before: Fri 07 Jun 2024 09:58:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200239
IP address blocks: 89.36.137.0/24 maxlen: 24
185.141.216.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Sep 2024 12:28:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f2:22:a4:b1:ed:9e:55:19:e5:fb:3f:b9:e4:85:d6:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jun 7 09:58:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b76592be4d5dc33b74bb4a2cb6e39b29b284d276
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b4:e0:95:5f:bf:50:34:72:ca:b8:ee:c0:a3:
f1:be:52:3e:20:a2:5e:6c:56:ee:bd:8b:5e:22:c9:
ac:ef:f9:48:55:f5:7d:56:6b:12:8b:91:42:d9:19:
19:e3:c9:40:5a:c0:a2:7f:46:6c:07:4a:b8:23:a0:
bb:b6:0c:62:37:0c:b1:67:61:3f:24:19:da:00:d8:
a1:1e:5e:17:96:bc:c3:7a:b1:de:24:de:d7:b1:3c:
7a:b8:57:d1:34:a8:b4:25:b1:ef:d1:3d:f3:0f:ae:
c7:f3:b7:4e:09:32:06:c7:01:2d:df:92:3e:71:37:
c8:ea:5a:bd:b1:e9:b2:05:83:1f:67:0b:5a:e1:75:
d6:a1:a9:27:bc:95:91:fc:3e:a6:9d:aa:4e:11:63:
67:dd:ff:b0:0f:04:4a:ce:c0:f7:fd:85:37:c3:74:
d5:68:ec:91:6d:02:ce:6f:7a:ac:f8:1d:de:37:b3:
2a:b2:56:29:45:52:56:71:a5:5c:61:06:2c:9c:f4:
7d:d3:c4:34:34:71:e7:39:cf:4f:7f:af:01:bd:d0:
09:43:00:46:4e:b9:9b:29:9e:a0:f8:e2:c8:c3:3c:
81:08:bb:c0:f8:e8:44:83:e1:18:2c:93:c9:75:53:
f2:25:7a:e8:db:18:b0:35:c8:9f:89:b3:a2:e2:19:
74:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:65:92:BE:4D:5D:C3:3B:74:BB:4A:2C:B6:E3:9B:29:B2:84:D2:76
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/t2WSvk1dwzt0u0ostuObKbKE0nY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.137.0/24
185.141.216.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:e3:2b:74:06:c6:71:fd:94:b0:46:db:f8:89:fb:db:c2:cb:
20:f1:10:78:58:fd:73:ea:3e:d0:b7:38:77:65:55:3e:34:3c:
8e:fc:51:c9:cf:e4:e5:52:44:7b:1a:fb:9d:5f:97:6b:41:c6:
a6:4b:3d:92:24:92:79:c8:3c:c5:7a:df:b2:2a:66:5c:e9:1e:
35:c0:d4:76:d5:b4:7c:26:2d:aa:cc:dc:70:c2:71:d0:99:69:
ff:37:2a:07:8e:5f:f1:d1:cd:6b:40:02:d2:e9:eb:81:b7:a8:
6b:30:7d:dc:75:7d:79:41:84:a5:cd:d6:83:9a:c9:db:e5:75:
06:4d:ad:76:86:ab:2c:7a:66:c9:6c:57:59:74:94:dd:da:02:
b3:54:c0:86:9d:fe:28:4e:57:61:36:8c:85:0b:e3:e2:75:10:
2f:49:d4:ce:64:83:91:f9:a9:da:dd:a9:17:21:9e:ff:d1:b7:
cd:31:ca:d8:df:c6:0a:21:14:43:80:23:20:ac:a2:d5:c1:fb:
4f:5b:3b:88:87:38:f7:39:11:2c:4f:d5:6e:f1:6d:d8:0c:0d:
48:dd:3b:0d:26:ec:fc:d1:81:94:b9:25:6a:6b:79:6e:d2:d5:
8b:2c:6c:7c:7b:cd:89:1a:9b:ae:3a:a9:bb:43:3b:b3:9b:28:
fa:a0:14:08
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/yIqSx7Z5VGeX7P7nkhdYZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwNjA3MDk1ODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzY1OTJiZTRkNWRjMzNiNzRiYjRhMmNiNmUzOWIyOWIyODRkMjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbTglV+/UDRyyrjuwKPxvlI+IKJe
bFbuvYteIsms7/lIVfV9VmsSi5FC2RkZ48lAWsCif0ZsB0q4I6C7tgxiNwyxZ2E/
JBnaANihHl4XlrzDerHeJN7XsTx6uFfRNKi0JbHv0T3zD67H87dOCTIGxwEt35I+
cTfI6lq9semyBYMfZwta4XXWoaknvJWR/D6mnapOEWNn3f+wDwRKzsD3/YU3w3TV
aOyRbQLOb3qs+B3eN7MqslYpRVJWcaVcYQYsnPR908Q0NHHnOc9Pf68BvdAJQwBG
TrmbKZ6g+OLIwzyBCLvA+OhEg+EYLJPJdVPyJXro2xiwNcifibOi4hl0/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLdlkr5NXcM7dLtKLLbjmymyhNJ2MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvdDJXU3ZrMWR3enQwdTBvc3R1T2JLYktFMG5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSSJAwQA
uY3YMA0GCSqGSIb3DQEBCwUAA4IBAQAa4yt0BsZx/ZSwRtv4ifvbwssg8RB4WP1z
6j7Qtzh3ZVU+NDyO/FHJz+TlUkR7GvudX5drQcamSz2SJJJ5yDzFet+yKmZc6R41
wNR21bR8Ji2qzNxwwnHQmWn/NyoHjl/x0c1rQALS6euBt6hrMH3cdX15QYSlzdaD
msnb5XUGTa12hqssembJbFdZdJTd2gKzVMCGnf4oTldhNoyFC+PidRAvSdTOZIOR
+ana3akXIZ7/0bfNMcrY38YKIRRDgCMgrKLVwftPWzuIhzj3OREsT9Vu8W3YDA1I
3TsNJuz80YGUuSVqa3lu0tWLLGx8e82JGpuuOqm7Qzuzmyj6oBQI
-----END CERTIFICATE-----
Generated at Fri Sep 27 15:32:02 2024 by rpki-client on console-fra.rpki-client.org