Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/32qr2OeVyxrbq4zOu5H3gwiAai8.roa
File: 32qr2OeVyxrbq4zOu5H3gwiAai8.roa (raw, json)
Hash identifier: cgGbdIZ0Y7crkSvEmqlTKGt6P0acsNBZLE8EG/1cBZE=
Subject key identifier: DF:6A:AB:D8:E7:95:CB:1A:DB:AB:8C:CE:BB:91:F7:83:08:80:6A:2F
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0192FAFA03F00565610902C6F4ABACF39589
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/32qr2OeVyxrbq4zOu5H3gwiAai8.roa
Signing time: Tue 05 Nov 2024 06:19:01 +0000
ROA not before: Tue 05 Nov 2024 06:19:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3758
IP address blocks: 2.56.56.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Nov 2024 06:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fa:fa:03:f0:05:65:61:09:02:c6:f4:ab:ac:f3:95:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 5 06:19:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df6aabd8e795cb1adbab8ccebb91f78308806a2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a0:0d:3a:28:ad:fc:23:14:6c:a9:58:25:89:
90:5a:4f:db:fd:ba:de:1c:18:83:63:1f:f6:a4:ea:
58:45:6f:21:92:d0:62:bf:43:e2:52:fe:3d:18:9c:
3c:84:a0:a4:80:73:72:d9:61:28:60:1d:5f:6e:5f:
14:20:c2:61:5e:af:fe:cb:dc:51:9d:c7:3e:f3:fe:
eb:c4:f3:b0:1d:ab:f0:98:c6:bb:7a:45:8a:f9:f6:
51:ec:c5:27:49:ce:b2:b6:e0:c5:47:8b:b3:ef:cc:
bf:e9:4e:09:6a:6d:66:50:99:ce:ba:42:3b:9f:99:
30:86:38:84:14:e2:eb:46:b0:2c:c0:cc:43:96:e4:
28:27:b3:99:0f:47:8a:7d:ed:d1:7b:a6:b8:6c:55:
24:67:e7:8c:ea:3b:a2:9c:8d:c8:ec:90:27:59:39:
3e:a2:ac:8b:89:e7:41:97:2a:67:3e:f7:88:0f:c8:
7c:ed:7d:b4:0c:71:85:bd:e6:3d:60:7c:d6:91:5a:
90:15:10:3a:05:a2:fb:8a:cb:b6:ec:85:02:3a:66:
04:79:66:9e:a2:60:8b:ae:e4:ae:bb:9e:ee:5f:19:
9f:04:cf:07:fe:a0:c8:27:ae:3e:1e:b7:76:b0:f7:
33:77:8d:38:24:5f:fc:28:9e:a5:09:28:40:af:89:
c3:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:6A:AB:D8:E7:95:CB:1A:DB:AB:8C:CE:BB:91:F7:83:08:80:6A:2F
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/32qr2OeVyxrbq4zOu5H3gwiAai8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.56.0/22
Signature Algorithm: sha256WithRSAEncryption
49:e6:b1:10:5d:62:49:b3:f4:4c:86:5c:47:eb:3e:cd:e4:7e:
86:76:0b:c0:3d:be:bb:06:09:15:f6:af:f5:a2:d8:8f:65:42:
57:d7:d6:70:66:7b:66:41:be:88:2b:8c:46:c9:ef:ae:70:cf:
4e:0d:c0:62:ad:82:81:3c:48:4c:09:b0:ec:76:7c:9e:52:0c:
fc:3d:05:46:c6:04:00:a8:5b:d1:f5:15:0d:9a:cc:93:c8:97:
75:7b:7f:0a:fa:f7:0f:fd:b7:8f:74:d1:e7:8c:24:e7:d6:80:
8f:e9:6b:cd:e3:95:20:0a:48:53:76:aa:84:16:01:fd:ed:64:
38:c5:1f:ed:0b:fa:95:fd:11:8f:52:86:98:ca:2c:71:d9:79:
6d:0e:51:b2:77:44:bd:b3:6b:78:cf:7f:7b:66:1a:70:59:de:
79:81:db:ef:fa:0b:b0:b5:fe:48:1f:b9:f1:1f:ee:49:87:f3:
7a:fb:63:97:23:f7:dd:c8:6a:5f:9a:aa:c3:49:58:32:e2:47:
26:51:8d:1c:aa:ff:c4:64:c1:69:f7:8a:71:27:e2:be:d8:5c:
a3:6c:9c:65:4d:88:26:73:61:e7:26:68:39:0f:5b:33:46:da:
95:e5:b4:1e:61:1e:cf:90:09:60:49:fb:54:36:96:9a:ba:10:
e1:22:db:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZL6+gPwBWVhCQLG9Kus85WJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQxMTA1MDYxOTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjZhYWJkOGU3OTVjYjFhZGJhYjhjY2ViYjkxZjc4MzA4ODA2YTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6ANOiit/CMUbKlYJYmQWk/b/bre
HBiDYx/2pOpYRW8hktBiv0PiUv49GJw8hKCkgHNy2WEoYB1fbl8UIMJhXq/+y9xR
ncc+8/7rxPOwHavwmMa7ekWK+fZR7MUnSc6ytuDFR4uz78y/6U4Jam1mUJnOukI7
n5kwhjiEFOLrRrAswMxDluQoJ7OZD0eKfe3Re6a4bFUkZ+eM6juinI3I7JAnWTk+
oqyLiedBlypnPveID8h87X20DHGFveY9YHzWkVqQFRA6BaL7isu27IUCOmYEeWae
omCLruSuu57uXxmfBM8H/qDIJ64+Hrd2sPczd404JF/8KJ6lCShAr4nDjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN9qq9jnlcsa26uMzruR94MIgGovMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMzJxcjJPZVZ5eHJicTR6T3U1SDNnd2lBYWk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjg4MA0G
CSqGSIb3DQEBCwUAA4IBAQBJ5rEQXWJJs/RMhlxH6z7N5H6GdgvAPb67BgkV9q/1
otiPZUJX19ZwZntmQb6IK4xGye+ucM9ODcBirYKBPEhMCbDsdnyeUgz8PQVGxgQA
qFvR9RUNmsyTyJd1e38K+vcP/bePdNHnjCTn1oCP6WvN45UgCkhTdqqEFgH97WQ4
xR/tC/qV/RGPUoaYyixx2XltDlGyd0S9s2t4z397ZhpwWd55gdvv+guwtf5IH7nx
H+5Jh/N6+2OXI/fdyGpfmqrDSVgy4kcmUY0cqv/EZMFp94pxJ+K+2FyjbJxlTYgm
c2HnJmg5D1szRtqV5bQeYR7PkAlgSftUNpaauhDhItsP
-----END CERTIFICATE-----
Generated at Tue Nov 12 08:31:08 2024 by rpki-client on console-fra.rpki-client.org