Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/2q_yRh3VHPZzv_d-DDHWlBmGz7M.roa
File: 2q_yRh3VHPZzv_d-DDHWlBmGz7M.roa (raw, json)
Hash identifier: BICTXrEUURWWGeJyg3xk7FrRUpL1xwwxHZ9IQ9IUVaE=
Subject key identifier: DA:AF:F2:46:1D:D5:1C:F6:73:BF:F7:7E:0C:31:D6:94:19:86:CF:B3
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CC501218B2F249F7C56C11B974492C678
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/2q_yRh3VHPZzv_d-DDHWlBmGz7M.roa
Signing time: Mon 01 Jan 2024 12:30:34 +0000
ROA not before: Mon 01 Jan 2024 12:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200017
IP address blocks: 89.35.159.0/24 maxlen: 24
92.114.107.0/24 maxlen: 24
89.43.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Oct 2024 12:03:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:21:8b:2f:24:9f:7c:56:c1:1b:97:44:92:c6:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 12:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=daaff2461dd51cf673bff77e0c31d6941986cfb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9d:ba:6a:48:66:9e:ae:60:99:65:b2:f3:83:
04:91:92:7b:67:45:87:89:26:46:cd:75:f7:54:2e:
43:03:08:5a:e3:48:b9:c1:c7:2c:f9:71:f3:80:90:
3a:5b:0e:80:d2:89:1b:df:74:f9:1c:3e:67:d1:ec:
c8:d7:89:59:56:c3:a0:1d:d3:58:d4:d0:96:83:39:
4b:a8:0c:33:7b:89:b2:9a:ba:59:05:01:1d:56:c8:
93:6c:43:88:b9:ab:90:2f:a1:1c:c2:93:2f:04:a1:
be:07:51:a4:1b:b9:b3:a9:e4:5a:d9:6b:3d:37:5b:
ce:ba:f3:51:3e:ea:85:27:d3:73:d1:70:10:fb:06:
fa:9f:33:99:20:b9:6f:d7:68:79:ab:fb:4f:20:9e:
76:10:7b:e2:80:6a:93:2c:8b:95:a3:50:de:f2:e4:
d8:84:c4:0d:db:bf:79:34:bf:94:12:8e:26:71:cc:
de:53:74:e0:ac:96:78:c5:b0:60:98:d2:29:50:e2:
43:77:96:9e:fd:3a:28:ec:c1:ad:e0:62:62:5e:fa:
53:5b:57:11:2f:94:f2:62:41:75:ef:2e:24:ad:81:
88:9e:12:e1:c2:c3:19:86:80:3f:92:97:fe:a6:14:
61:0b:01:c9:63:5e:51:5d:91:f3:17:8a:cf:2a:a3:
5b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:AF:F2:46:1D:D5:1C:F6:73:BF:F7:7E:0C:31:D6:94:19:86:CF:B3
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/2q_yRh3VHPZzv_d-DDHWlBmGz7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.159.0/24
89.43.199.0/24
92.114.107.0/24
Signature Algorithm: sha256WithRSAEncryption
57:e5:5f:b8:29:87:f4:f2:24:ce:ce:9f:5f:4a:76:94:49:a3:
26:8c:c3:6e:10:4b:3c:8c:2f:ad:59:44:fe:0d:03:0d:94:94:
c2:4d:7e:34:76:ea:8f:9b:18:04:02:8c:bd:19:b9:c4:b1:ef:
98:39:6a:12:fd:ef:6d:b2:92:cb:72:0d:1b:06:5b:d7:56:61:
ba:2c:e0:07:eb:cc:8f:43:49:b7:ab:b1:ec:1c:1f:24:4c:5a:
37:a2:3a:14:dc:20:87:1a:88:5b:7f:4e:c6:f3:33:b7:46:20:
0e:50:47:b7:ab:a9:0d:57:1f:23:14:28:07:f0:2c:ae:0a:55:
93:28:b4:de:24:73:58:77:a9:be:6c:c2:d2:98:3d:a3:5e:d6:
6e:43:45:ff:38:5c:f3:11:da:46:cb:c4:0e:14:2e:73:b6:41:
74:bc:72:dc:7d:29:88:a3:66:cd:7c:db:51:ed:dd:42:87:f0:
25:74:c9:62:3b:d1:11:00:ad:a6:86:1e:09:0a:9c:c9:44:00:
15:96:2b:37:7c:93:81:91:4b:12:71:fe:3a:73:02:cc:30:1b:
c2:fa:df:44:99:b0:1d:9e:b3:81:b8:c1:99:f8:df:c5:a7:b8:
53:2a:37:ec:08:f1:cd:50:56:9f:69:f5:bf:6a:cd:3f:cf:ae:
5f:7d:42:71
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFASGLLySffFbBG5dEksZ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWFmZjI0NjFkZDUxY2Y2NzNiZmY3N2UwYzMxZDY5NDE5ODZjZmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJ26akhmnq5gmWWy84MEkZJ7Z0WH
iSZGzXX3VC5DAwha40i5wccs+XHzgJA6Ww6A0okb33T5HD5n0ezI14lZVsOgHdNY
1NCWgzlLqAwze4mymrpZBQEdVsiTbEOIuauQL6EcwpMvBKG+B1GkG7mzqeRa2Ws9
N1vOuvNRPuqFJ9Nz0XAQ+wb6nzOZILlv12h5q/tPIJ52EHvigGqTLIuVo1De8uTY
hMQN2795NL+UEo4mcczeU3TgrJZ4xbBgmNIpUOJDd5ae/Too7MGt4GJiXvpTW1cR
L5TyYkF17y4krYGInhLhwsMZhoA/kpf+phRhCwHJY15RXZHzF4rPKqNb/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNqv8kYd1Rz2c7/3fgwx1pQZhs+zMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMnFfeVJoM1ZIUFp6dl9kLURESFdsQm1HejdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSOfAwQA
WSvHAwQAXHJrMA0GCSqGSIb3DQEBCwUAA4IBAQBX5V+4KYf08iTOzp9fSnaUSaMm
jMNuEEs8jC+tWUT+DQMNlJTCTX40duqPmxgEAoy9GbnEse+YOWoS/e9tspLLcg0b
BlvXVmG6LOAH68yPQ0m3q7HsHB8kTFo3ojoU3CCHGohbf07G8zO3RiAOUEe3q6kN
Vx8jFCgH8CyuClWTKLTeJHNYd6m+bMLSmD2jXtZuQ0X/OFzzEdpGy8QOFC5ztkF0
vHLcfSmIo2bNfNtR7d1Ch/AldMliO9ERAK2mhh4JCpzJRAAVlis3fJOBkUsScf46
cwLMMBvC+t9EmbAdnrOBuMGZ+N/Fp7hTKjfsCPHNUFafafW/as0/z65ffUJx
-----END CERTIFICATE-----
Generated at Wed Oct 16 13:44:39 2024 by rpki-client on console-fra.rpki-client.org