Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/72OS6XebOWrj2lzLPT1UKDuSAKg.roa
File: 72OS6XebOWrj2lzLPT1UKDuSAKg.roa (raw, json)
Hash identifier: KEUuOjvYu4H9nXeFamCNKd4JSynuX5kCFE3Ijhu3bUs=
Subject key identifier: EF:63:92:E9:77:9B:39:6A:E3:DA:5C:CB:3D:3D:54:28:3B:92:00:A8
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0186FD9E7C6DD2785AC7A243AAFB839E3CF3
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/72OS6XebOWrj2lzLPT1UKDuSAKg.roa
Signing time: Mon 20 Mar 2023 06:04:27 +0000
ROA not before: Mon 20 Mar 2023 06:04:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212953
IP address blocks: 89.40.76.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:fd:9e:7c:6d:d2:78:5a:c7:a2:43:aa:fb:83:9e:3c:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 20 06:04:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef6392e9779b396ae3da5ccb3d3d54283b9200a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b7:7b:c3:57:95:a8:2b:1c:8d:94:bc:c4:46:
e4:50:89:65:18:ec:7f:f6:93:18:94:d0:5b:5f:2b:
33:7c:6e:c2:4b:d0:bc:c8:cc:f4:a1:8e:c8:c5:0e:
8a:54:5a:2a:f8:28:83:31:ab:04:6f:98:9c:82:4b:
78:84:ef:1d:6e:15:2a:a8:c1:1b:a2:3f:42:41:2f:
48:fa:5b:8c:6e:2b:8e:ad:4a:6d:25:47:6d:be:ef:
34:ad:7c:bc:7f:84:43:bb:ec:02:58:3d:89:90:a3:
a0:f2:3c:9a:fb:90:26:14:83:25:b3:82:13:fe:7c:
4c:2d:cc:97:a0:78:f6:59:f2:02:7b:ba:38:f7:ea:
a8:7a:1c:06:d0:de:d5:1a:cd:94:04:7c:3c:9f:fd:
e7:9e:5f:96:26:c7:92:4e:43:32:35:10:c5:25:89:
bf:ac:e7:48:a8:a0:09:e9:dc:58:9e:51:9d:8e:78:
1a:62:b3:27:4b:68:39:be:df:28:c4:24:56:1b:8d:
66:80:ee:09:e6:66:84:14:11:1d:be:bf:60:4d:dc:
f5:56:e3:5b:01:bd:a3:b9:e2:94:f2:4b:9e:25:1a:
82:99:74:c1:35:18:fe:97:50:67:95:75:f5:d6:99:
1c:ba:a7:6c:ec:44:ab:f0:c6:73:7b:26:83:c6:25:
1b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:63:92:E9:77:9B:39:6A:E3:DA:5C:CB:3D:3D:54:28:3B:92:00:A8
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/72OS6XebOWrj2lzLPT1UKDuSAKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.76.0/24
Signature Algorithm: sha256WithRSAEncryption
08:b7:16:65:e9:33:d9:0f:7d:b5:e1:17:48:fd:61:ef:1b:92:
05:81:e2:ae:f0:61:fe:c8:4b:78:9c:83:0e:c7:f7:08:55:58:
b6:a2:93:0f:e8:54:71:ed:0f:be:4e:94:41:7e:92:fa:92:f4:
94:19:57:78:e7:97:f1:17:38:07:b1:c0:14:19:57:1f:3f:55:
96:93:d2:ac:a5:bd:c9:69:c0:a9:9c:af:c6:a1:2d:45:09:3e:
3f:b3:fd:ba:f8:3a:b4:9a:4a:73:ef:85:03:f2:d4:83:a0:fa:
b4:34:9e:49:1f:03:f1:bc:61:00:d4:9f:2a:f6:2e:f8:6d:cb:
8b:40:3d:0d:15:91:79:42:6d:cf:d1:e1:2a:a3:74:3e:fc:55:
05:73:d8:8c:ac:90:e6:38:a1:eb:3b:c9:58:78:ef:f1:26:3d:
e7:8d:b9:14:fc:f6:59:61:e0:4a:78:9d:7c:bd:ab:7f:14:5a:
4e:7a:1d:19:2f:ce:b0:80:f4:b1:66:14:2a:8d:a4:a0:11:55:
15:51:42:e2:17:68:a5:1c:a7:ff:55:b5:0c:e5:85:af:b3:a3:
c9:cd:59:64:2c:05:3c:c3:53:c8:4b:b8:5f:ff:8a:23:db:1c:
be:6a:47:f4:4e:3f:9c:09:3f:3e:aa:f3:65:98:6a:cf:47:b6:
1e:cd:01:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYb9nnxt0nhax6JDqvuDnjzzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzIwMDYwNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjYzOTJlOTc3OWIzOTZhZTNkYTVjY2IzZDNkNTQyODNiOTIwMGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrd7w1eVqCscjZS8xEbkUIllGOx/
9pMYlNBbXyszfG7CS9C8yMz0oY7IxQ6KVFoq+CiDMasEb5icgkt4hO8dbhUqqMEb
oj9CQS9I+luMbiuOrUptJUdtvu80rXy8f4RDu+wCWD2JkKOg8jya+5AmFIMls4IT
/nxMLcyXoHj2WfICe7o49+qoehwG0N7VGs2UBHw8n/3nnl+WJseSTkMyNRDFJYm/
rOdIqKAJ6dxYnlGdjngaYrMnS2g5vt8oxCRWG41mgO4J5maEFBEdvr9gTdz1VuNb
Ab2jueKU8kueJRqCmXTBNRj+l1BnlXX11pkcuqds7ESr8MZzeyaDxiUboQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO9jkul3mzlq49pcyz09VCg7kgCoMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvNzJPUzZYZWJPV3JqMmx6TFBUMVVLRHVTQUtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWShMMA0G
CSqGSIb3DQEBCwUAA4IBAQAItxZl6TPZD3214RdI/WHvG5IFgeKu8GH+yEt4nIMO
x/cIVVi2opMP6FRx7Q++TpRBfpL6kvSUGVd455fxFzgHscAUGVcfP1WWk9Kspb3J
acCpnK/GoS1FCT4/s/26+Dq0mkpz74UD8tSDoPq0NJ5JHwPxvGEA1J8q9i74bcuL
QD0NFZF5Qm3P0eEqo3Q+/FUFc9iMrJDmOKHrO8lYeO/xJj3njbkU/PZZYeBKeJ18
vat/FFpOeh0ZL86wgPSxZhQqjaSgEVUVUULiF2ilHKf/VbUM5YWvs6PJzVlkLAU8
w1PIS7hf/4oj2xy+akf0Tj+cCT8+qvNlmGrPR7YezQFm
-----END CERTIFICATE-----
Generated at Mon Nov 20 06:53:20 2023 by rpki-client on console-ams.rpki-client.org