Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-BdbCxen8VPqYSNt75QXT4RkLxQ.roa
File: 1-BdbCxen8VPqYSNt75QXT4RkLxQ.roa (raw, json)
Hash identifier: VoleIL5z5Rey6RPG0pJVsqjUIeztV4NWy8j/vq4wGJs=
Subject key identifier: F8:17:5B:0B:17:A7:F1:53:EA:61:23:6D:EF:94:17:4F:84:64:2F:14
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0190DA3906DC503C279BD47305B3A30C0034
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-BdbCxen8VPqYSNt75QXT4RkLxQ.roa
Signing time: Mon 22 Jul 2024 11:34:48 +0000
ROA not before: Mon 22 Jul 2024 11:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42831
IP address blocks: 89.40.92.0/24 maxlen: 24
178.239.198.0/24 maxlen: 24
185.192.70.0/24 maxlen: 24
185.228.225.0/24 maxlen: 24
194.32.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Sep 2024 05:34:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:da:39:06:dc:50:3c:27:9b:d4:73:05:b3:a3:0c:00:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 22 11:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8175b0b17a7f153ea61236def94174f84642f14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:df:98:4e:75:07:c8:e3:70:29:38:43:0f:53:
fa:82:84:23:fe:6e:c5:1e:60:49:f9:9d:2f:38:34:
9b:54:54:d6:e1:29:7d:19:36:db:05:73:9a:b6:f8:
32:7e:89:2d:79:5e:6b:5b:f7:28:e2:f1:46:3e:2f:
30:58:3b:c8:a5:e5:60:7b:ed:68:23:af:8b:59:b5:
b1:26:99:20:3d:c0:94:7b:79:f8:9c:f0:54:90:cd:
9f:e9:32:e2:97:19:b1:5b:f2:6d:b6:fb:36:28:04:
0b:a6:4b:e8:b3:6a:e1:ba:a8:9a:fb:da:d7:e2:dc:
cd:c5:c8:65:76:b7:13:cd:8e:75:d7:48:2a:ef:ca:
eb:1b:4f:97:86:fa:3c:b4:08:30:a9:7a:d7:7d:82:
e1:a8:46:93:e2:c1:c4:96:63:d5:66:68:d9:14:b2:
aa:c7:4c:fc:ae:c7:47:51:5b:a9:e5:d9:85:61:e4:
29:9e:02:0e:8b:99:66:f4:03:9d:b8:80:ef:2b:80:
21:88:7b:8e:99:8e:24:ed:18:f7:d8:32:fa:9d:a1:
fa:ee:3a:a7:98:a3:5e:a2:ab:3b:e1:8b:36:ad:b3:
0e:04:7a:9c:17:39:a0:75:6b:0b:5b:f9:53:33:07:
74:31:29:ea:d8:8d:fe:7e:f0:0f:14:fb:89:a8:ae:
84:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:17:5B:0B:17:A7:F1:53:EA:61:23:6D:EF:94:17:4F:84:64:2F:14
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-BdbCxen8VPqYSNt75QXT4RkLxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.92.0/24
178.239.198.0/24
185.192.70.0/24
185.228.225.0/24
194.32.120.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:ad:32:0b:42:4b:34:a4:bd:6c:19:d1:37:c4:fa:74:28:3f:
3a:09:9f:7d:93:9a:86:09:9e:af:a0:51:35:e8:d6:7b:24:ed:
8c:3d:54:15:0e:cc:cb:df:52:07:e5:0e:4f:72:5a:e7:76:be:
bc:55:68:de:80:53:06:f8:a5:b3:63:78:03:65:b2:3a:c2:d5:
ae:91:56:63:d7:f8:90:62:d2:7b:71:4d:d9:b2:c4:01:8c:bb:
89:ef:a9:8a:91:6f:a2:00:bc:2c:f2:b2:37:69:3e:99:70:c3:
b3:90:c8:39:62:74:20:e5:c0:60:33:ac:61:c7:10:33:0e:d6:
21:2e:b5:32:6a:ab:88:29:ac:20:bc:38:26:ad:cb:4e:15:48:
c8:27:a4:96:cb:66:f6:ce:70:90:18:ba:da:2b:82:67:5b:ab:
b2:10:a4:c6:50:21:10:f4:d0:ef:a2:2e:0f:f1:7f:99:22:11:
e1:69:ba:26:ba:a2:a1:0b:df:55:03:03:ce:6d:fd:91:1e:df:
2f:3a:37:4c:66:4a:d5:81:dc:e1:20:10:42:fe:87:95:e1:56:
ba:12:74:0b:19:b0:9c:83:88:86:dd:29:08:90:ba:97:41:f5:
de:89:1c:d5:c1:22:4d:fd:f5:ec:f7:a8:42:1c:16:bd:8c:74:
37:f1:90:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZDaOQbcUDwnm9RzBbOjDAA0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwNzIyMTEzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODE3NWIwYjE3YTdmMTUzZWE2MTIzNmRlZjk0MTc0Zjg0NjQyZjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAut+YTnUHyONwKThDD1P6goQj/m7F
HmBJ+Z0vODSbVFTW4Sl9GTbbBXOatvgyfokteV5rW/co4vFGPi8wWDvIpeVge+1o
I6+LWbWxJpkgPcCUe3n4nPBUkM2f6TLilxmxW/Jttvs2KAQLpkvos2rhuqia+9rX
4tzNxchldrcTzY5110gq78rrG0+Xhvo8tAgwqXrXfYLhqEaT4sHElmPVZmjZFLKq
x0z8rsdHUVup5dmFYeQpngIOi5lm9AOduIDvK4AhiHuOmY4k7Rj32DL6naH67jqn
mKNeoqs74Ys2rbMOBHqcFzmgdWsLW/lTMwd0MSnq2I3+fvAPFPuJqK6EvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPgXWwsXp/FT6mEjbe+UF0+EZC8UMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMS1CZGJDeGVuOFZQcVlTTnQ3NVFYVDRSa0x4US5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1
OC8xL05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFkoXAME
ALLvxgMEALnARgMEALnk4QMEAMIgeDANBgkqhkiG9w0BAQsFAAOCAQEAi60yC0JL
NKS9bBnRN8T6dCg/OgmffZOahgmer6BRNejWeyTtjD1UFQ7My99SB+UOT3Ja53a+
vFVo3oBTBvils2N4A2WyOsLVrpFWY9f4kGLSe3FN2bLEAYy7ie+pipFvogC8LPKy
N2k+mXDDs5DIOWJ0IOXAYDOsYccQMw7WIS61MmqriCmsILw4Jq3LThVIyCeklstm
9s5wkBi62iuCZ1urshCkxlAhEPTQ76IuD/F/mSIR4Wm6JrqioQvfVQMDzm39kR7f
Lzo3TGZK1YHc4SAQQv6HleFWuhJ0CxmwnIOIht0pCJC6l0H13okc1cEiTf317Peo
QhwWvYx0N/GQ5A==
-----END CERTIFICATE-----
Generated at Wed Sep 4 07:23:12 2024 by rpki-client on console-ams.rpki-client.org