Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/8f4P2tOokY32D60TTEYI9o2AYJ8.roa
File: 8f4P2tOokY32D60TTEYI9o2AYJ8.roa (raw, json)
Hash identifier: SHVXsO5a3VqpV+aWtniXgpSDVN5upsQtJK7Q8XYPChs=
Subject key identifier: F1:FE:0F:DA:D3:A8:91:8D:F6:0F:AD:13:4C:46:08:F6:8D:80:60:9F
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018C15FF99AC8E2026F11FE9DF705CBCF002
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/8f4P2tOokY32D60TTEYI9o2AYJ8.roa
Signing time: Tue 28 Nov 2023 12:55:21 +0000
ROA not before: Tue 28 Nov 2023 12:55:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42926
IP address blocks: 89.40.76.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:15:ff:99:ac:8e:20:26:f1:1f:e9:df:70:5c:bc:f0:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 28 12:55:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1fe0fdad3a8918df60fad134c4608f68d80609f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a0:4a:52:df:20:7b:07:82:34:23:95:69:34:
f4:14:57:6a:b8:0e:f8:65:64:a4:a1:2a:6b:f9:ec:
b3:e4:3d:5f:e0:77:8d:9c:52:72:9a:96:70:64:28:
25:48:50:6f:a8:77:6a:97:7f:be:82:83:59:35:05:
16:d0:e8:e1:f7:51:66:ca:59:d7:82:58:e2:46:bd:
c9:57:41:49:45:13:68:fe:58:e7:5a:8c:ac:7e:44:
90:c0:14:a7:5e:cb:45:4f:c3:af:1d:8f:8c:72:c9:
b0:a2:3c:42:b7:81:17:16:93:ac:98:1f:d2:3f:6c:
1d:62:e0:84:3b:70:bb:45:74:95:91:35:bd:16:2f:
ba:10:eb:5b:55:ce:0a:a7:16:c6:8d:8b:ca:23:b1:
d4:91:bd:b6:7f:79:e3:0e:20:97:ae:df:a5:af:84:
87:54:af:1c:88:3c:82:84:00:59:e0:03:83:bf:76:
13:ca:e2:a1:96:bb:fd:77:c6:11:1f:64:4b:2a:d0:
67:99:78:35:b9:09:b4:8f:3d:20:49:44:54:91:f5:
26:1b:04:9d:ff:76:b7:ef:c1:77:e9:b6:81:39:6f:
25:b3:78:a6:36:cd:d0:49:3d:71:e7:dc:75:d3:09:
a4:3f:d5:9f:63:42:71:00:bc:80:35:28:77:72:08:
a8:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:FE:0F:DA:D3:A8:91:8D:F6:0F:AD:13:4C:46:08:F6:8D:80:60:9F
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/8f4P2tOokY32D60TTEYI9o2AYJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.76.0/24
Signature Algorithm: sha256WithRSAEncryption
35:71:94:06:45:0d:36:b5:18:fc:e2:12:4c:54:1a:2e:f5:a1:
41:a8:33:88:1d:8d:a5:f3:69:01:35:21:3d:7f:0e:4b:86:f1:
92:73:02:16:9e:39:8f:82:44:4a:78:f4:4c:51:6f:af:2d:27:
a7:84:65:31:3b:12:2e:f9:5d:9e:37:26:2d:52:8d:9c:ea:37:
35:e6:64:43:27:0c:19:b7:77:ce:71:c6:55:ec:a7:50:47:15:
ba:9f:e0:39:8f:2e:f9:0f:da:b2:a6:e4:fc:02:7b:ee:ec:3a:
de:c4:d9:a5:9d:1f:78:ab:9b:12:2e:9b:b0:f9:92:f5:42:1b:
da:94:cd:d7:04:1e:58:1b:1b:fe:9e:13:b5:64:a6:bf:4e:2d:
2d:d6:15:a5:43:05:19:45:28:66:67:16:ab:1d:e7:a4:b9:22:
e6:da:00:d5:17:e6:7d:e6:23:39:65:ce:60:c3:b3:73:95:ae:
f9:3e:f6:49:8b:45:aa:c1:7a:b3:f1:5c:7c:d6:d0:26:f1:17:
d6:b8:66:93:a6:97:b7:02:43:8c:0a:ac:8b:07:10:7a:f8:29:
e0:53:1b:9c:a1:3f:30:2d:a1:03:00:c6:f7:68:6e:f1:33:f1:
57:ba:0c:2b:61:ee:b2:34:00:72:ca:5f:de:52:77:0a:1c:3b:
93:ac:1f:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwV/5msjiAm8R/p33BcvPACMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTI4MTI1NTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWZlMGZkYWQzYTg5MThkZjYwZmFkMTM0YzQ2MDhmNjhkODA2MDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqBKUt8geweCNCOVaTT0FFdquA74
ZWSkoSpr+eyz5D1f4HeNnFJympZwZCglSFBvqHdql3++goNZNQUW0Ojh91FmylnX
gljiRr3JV0FJRRNo/ljnWoysfkSQwBSnXstFT8OvHY+McsmwojxCt4EXFpOsmB/S
P2wdYuCEO3C7RXSVkTW9Fi+6EOtbVc4KpxbGjYvKI7HUkb22f3njDiCXrt+lr4SH
VK8ciDyChABZ4AODv3YTyuKhlrv9d8YRH2RLKtBnmXg1uQm0jz0gSURUkfUmGwSd
/3a378F36baBOW8ls3imNs3QST1x59x10wmkP9WfY0JxALyANSh3cgioNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPH+D9rTqJGN9g+tE0xGCPaNgGCfMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvOGY0UDJ0T29rWTMyRDYwVFRFWUk5bzJBWUo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWShMMA0G
CSqGSIb3DQEBCwUAA4IBAQA1cZQGRQ02tRj84hJMVBou9aFBqDOIHY2l82kBNSE9
fw5LhvGScwIWnjmPgkRKePRMUW+vLSenhGUxOxIu+V2eNyYtUo2c6jc15mRDJwwZ
t3fOccZV7KdQRxW6n+A5jy75D9qypuT8Anvu7DrexNmlnR94q5sSLpuw+ZL1Qhva
lM3XBB5YGxv+nhO1ZKa/Ti0t1hWlQwUZRShmZxarHeekuSLm2gDVF+Z95iM5Zc5g
w7Nzla75PvZJi0WqwXqz8Vx81tAm8RfWuGaTppe3AkOMCqyLBxB6+CngUxucoT8w
LaEDAMb3aG7xM/FXugwrYe6yNAByyl/eUncKHDuTrB/2
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:17 2024 by rpki-client on console-ams.rpki-client.org