Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5vLVooOkSK2sY76GjxOMWkZL1OI.roa
File: 5vLVooOkSK2sY76GjxOMWkZL1OI.roa (raw, json)
Hash identifier: 5P038HDMB/TtthORMxNkafsv8I65yIYzMMOPCgsd6UA=
Subject key identifier: E6:F2:D5:A2:83:A4:48:AD:AC:63:BE:86:8F:13:8C:5A:46:4B:D4:E2
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0189829BCE2BBC068C5ACBF002EC870B3A8A
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5vLVooOkSK2sY76GjxOMWkZL1OI.roa
Signing time: Sun 23 Jul 2023 11:56:36 +0000
ROA not before: Sun 23 Jul 2023 11:56:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200017
IP address blocks: 89.35.159.0/24 maxlen: 24
92.114.107.0/24 maxlen: 24
89.43.199.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:82:9b:ce:2b:bc:06:8c:5a:cb:f0:02:ec:87:0b:3a:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 23 11:56:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6f2d5a283a448adac63be868f138c5a464bd4e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:bc:9d:26:ab:14:f3:f7:0e:e6:74:b4:c1:95:
3f:7f:95:64:a5:7e:c1:2e:6c:89:b6:db:4c:25:25:
7c:fb:2a:70:05:03:3b:94:e2:ee:ae:72:0e:ca:92:
ec:a8:95:c3:2e:69:6c:89:20:77:82:53:22:a8:df:
28:5a:86:a6:52:00:3d:50:2b:15:af:4e:87:55:10:
d7:c5:ad:03:d8:16:ac:d5:5e:40:f3:de:c6:84:70:
26:fe:18:59:ba:54:5a:43:e5:6f:37:70:0b:1f:c1:
8a:f7:94:0b:65:3e:b5:8c:1c:d4:37:73:2a:23:af:
bf:2c:c2:15:0d:f6:96:e2:9e:02:85:ff:6e:dd:fa:
be:5b:7c:ec:40:5b:12:86:30:90:18:77:75:99:0e:
b2:85:ff:93:ad:55:db:e2:19:78:01:07:64:06:41:
9c:aa:ff:8e:41:1b:1f:45:55:85:33:da:2e:f9:a1:
6a:52:92:05:3b:88:bc:df:35:a5:ba:ef:32:08:cc:
b7:7a:e2:31:5c:9b:4c:4b:82:32:18:05:84:e3:fa:
c8:d7:4f:cc:74:5c:30:70:40:a1:a3:7c:f7:ce:c5:
2b:dd:49:55:75:99:58:78:fe:7b:75:af:dd:24:e3:
0b:59:8d:f2:99:55:d2:9d:8a:c2:20:ae:06:3d:c7:
f3:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:F2:D5:A2:83:A4:48:AD:AC:63:BE:86:8F:13:8C:5A:46:4B:D4:E2
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5vLVooOkSK2sY76GjxOMWkZL1OI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.159.0/24
89.43.199.0/24
92.114.107.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:70:b8:ce:51:c4:87:58:86:9d:11:f0:69:f5:79:39:ed:d8:
8c:cf:f0:e3:5a:7e:c4:d3:7a:12:5b:5c:3a:bf:6d:49:e2:9e:
6d:57:3b:b0:56:c0:65:ef:42:fa:3d:35:c1:8b:47:42:7b:f9:
18:09:89:78:0c:a8:8b:75:ec:47:07:e8:f3:4a:ae:79:86:ec:
f8:fa:15:25:e3:d6:f9:4d:ce:db:c6:0e:7a:2e:57:43:76:ad:
35:aa:7f:90:8e:0a:89:05:dd:e5:da:e3:08:21:7b:48:53:66:
04:84:80:56:64:5f:ff:60:72:47:9b:b3:5e:d5:79:eb:a3:64:
9d:9e:ba:ee:8d:9a:e2:c7:bd:e9:e4:cf:8b:96:ef:8f:27:37:
dd:ba:1d:d1:b7:79:9c:c8:39:58:06:74:da:c8:9b:d5:db:a6:
1a:7b:a5:fb:a8:1f:2e:f9:e5:38:3c:d9:01:dd:e9:ca:71:25:
40:b3:07:20:4e:6c:27:1e:b6:ac:5d:b4:7e:74:b3:de:fe:d9:
d6:a0:08:30:7b:36:c9:73:9c:6c:53:67:30:c8:30:90:26:65:
4c:85:8b:2d:2f:27:05:b7:f8:3d:ec:e3:72:73:b2:ec:64:2f:
d6:ca:5d:16:f1:1b:11:d5:be:ef:a0:54:c9:c9:82:e1:34:15:
21:83:19:15
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYmCm84rvAaMWsvwAuyHCzqKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzIzMTE1NjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmYyZDVhMjgzYTQ0OGFkYWM2M2JlODY4ZjEzOGM1YTQ2NGJkNGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7ydJqsU8/cO5nS0wZU/f5VkpX7B
LmyJtttMJSV8+ypwBQM7lOLurnIOypLsqJXDLmlsiSB3glMiqN8oWoamUgA9UCsV
r06HVRDXxa0D2Bas1V5A897GhHAm/hhZulRaQ+VvN3ALH8GK95QLZT61jBzUN3Mq
I6+/LMIVDfaW4p4Chf9u3fq+W3zsQFsShjCQGHd1mQ6yhf+TrVXb4hl4AQdkBkGc
qv+OQRsfRVWFM9ou+aFqUpIFO4i83zWluu8yCMy3euIxXJtMS4IyGAWE4/rI10/M
dFwwcECho3z3zsUr3UlVdZlYeP57da/dJOMLWY3ymVXSnYrCIK4GPcfzjwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOby1aKDpEitrGO+ho8TjFpGS9TiMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvNXZMVm9vT2tTSzJzWTc2R2p4T01Xa1pMMU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSOfAwQA
WSvHAwQAXHJrMA0GCSqGSIb3DQEBCwUAA4IBAQBacLjOUcSHWIadEfBp9Xk57diM
z/DjWn7E03oSW1w6v21J4p5tVzuwVsBl70L6PTXBi0dCe/kYCYl4DKiLdexHB+jz
Sq55huz4+hUl49b5Tc7bxg56LldDdq01qn+QjgqJBd3l2uMIIXtIU2YEhIBWZF//
YHJHm7Ne1Xnro2SdnrrujZrix73p5M+Llu+PJzfduh3Rt3mcyDlYBnTayJvV26Ya
e6X7qB8u+eU4PNkB3enKcSVAswcgTmwnHrasXbR+dLPe/tnWoAgwezbJc5xsU2cw
yDCQJmVMhYstLycFt/g97ONyc7LsZC/Wyl0W8RsR1b7voFTJyYLhNBUhgxkV
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:17 2024 by rpki-client on console-ams.rpki-client.org