Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BrolME6uBWwyT3oMWFqJ5VdIUI4.roa
File: BrolME6uBWwyT3oMWFqJ5VdIUI4.roa (raw, json)
Hash identifier: 6dAYaoRkni7x/W+M11jnZ6S775Pta/j+TuKEW3c5Ibs=
Subject key identifier: 06:BA:25:30:4E:AE:05:6C:32:4F:7A:0C:58:5A:89:E5:57:48:50:8E
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01904B69FA3867174D6DBBEBFDF9F3BCCBC6
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BrolME6uBWwyT3oMWFqJ5VdIUI4.roa
Signing time: Mon 24 Jun 2024 18:02:34 +0000
ROA not before: Mon 24 Jun 2024 18:02:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3758
IP address blocks: 2.56.56.0/22 maxlen: 24
91.217.236.0/24 maxlen: 24
193.84.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Nov 2024 06:19:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4b:69:fa:38:67:17:4d:6d:bb:eb:fd:f9:f3:bc:cb:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jun 24 18:02:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06ba25304eae056c324f7a0c585a89e55748508e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d4:51:a9:8c:2a:eb:0d:d0:de:45:8b:b8:5c:
1b:47:d0:7c:47:15:3b:ab:ca:22:88:a5:72:a8:ec:
a9:1d:a0:87:57:87:50:ff:27:55:08:2c:7f:fc:20:
6a:26:b8:c9:ee:d2:be:0b:b2:61:b4:82:1b:e7:11:
86:72:7c:47:b6:12:f6:b5:be:b5:f7:a4:56:6d:8f:
07:a2:13:fa:61:c4:63:e9:5f:26:2a:41:56:ba:b5:
14:53:28:21:04:1b:b0:cf:58:90:fd:dd:36:bd:60:
8c:7c:7b:12:9c:43:4c:21:ac:44:80:d3:bf:d3:94:
77:fb:cf:ec:62:ab:7c:5c:ea:7d:44:3c:c7:35:99:
6b:cb:6d:de:dd:62:a0:eb:fa:83:b2:7e:e6:c6:78:
c2:d9:39:de:3e:fb:35:ce:15:6e:5b:c1:92:51:55:
30:2d:17:1c:de:c6:b2:2d:44:e2:dd:5d:fe:69:bd:
a8:42:09:96:f4:80:a7:e9:90:41:c3:df:18:00:5a:
4c:ad:95:f6:a9:96:01:6f:50:63:0c:56:07:63:16:
58:3b:0c:c5:f4:b2:2e:36:d5:cf:32:78:7a:58:92:
f2:d6:2f:6d:f8:b2:a7:57:c2:56:ca:29:03:1d:af:
21:3a:d9:c7:14:32:5d:38:43:92:18:55:30:72:b9:
f0:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:BA:25:30:4E:AE:05:6C:32:4F:7A:0C:58:5A:89:E5:57:48:50:8E
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BrolME6uBWwyT3oMWFqJ5VdIUI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.56.0/22
91.217.236.0/24
193.84.132.0/24
Signature Algorithm: sha256WithRSAEncryption
42:aa:32:db:2d:65:02:8b:54:0b:15:06:fd:f3:11:81:d3:93:
dd:54:2d:74:f7:b9:f9:8d:e1:3b:86:56:9f:89:43:8b:7c:3d:
c0:c3:32:31:86:57:0a:e0:53:55:37:6f:b7:ad:26:0c:3d:68:
52:9d:c5:55:6b:62:b7:ae:9a:79:8f:9f:95:98:7f:22:81:e5:
0a:ba:7e:4c:bc:60:86:75:2e:02:da:b8:6f:8a:1f:58:84:b5:
64:78:ce:8c:14:98:d3:6c:f0:10:89:32:99:7d:fa:eb:89:cc:
d3:be:de:22:6c:c3:62:63:b1:db:cc:7c:48:5e:d5:5f:c9:5f:
85:cf:32:48:54:2e:66:3f:ba:e0:18:c6:15:6b:72:c0:fc:8d:
46:b0:44:b9:a9:3d:4d:e5:3d:35:4b:99:b2:24:b7:32:fc:c0:
25:8e:d6:9d:80:63:14:db:3f:db:d3:02:a9:b8:65:f3:bc:72:
32:c3:11:3c:eb:f9:e9:9b:33:92:7c:9d:fd:71:80:87:26:8a:
c4:f1:55:5d:f2:ae:c3:27:d6:a9:cf:d9:20:91:67:93:93:40:
dd:58:c3:8e:52:c7:99:fc:52:a7:5a:b3:f7:bd:50:27:e1:88:
79:5f:a3:38:f9:fd:af:c1:e7:95:3f:0b:b3:8e:47:eb:cb:7c:
5a:b4:10:92
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZBLafo4ZxdNbbvr/fnzvMvGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwNjI0MTgwMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmJhMjUzMDRlYWUwNTZjMzI0ZjdhMGM1ODVhODllNTU3NDg1MDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9RRqYwq6w3Q3kWLuFwbR9B8RxU7
q8oiiKVyqOypHaCHV4dQ/ydVCCx//CBqJrjJ7tK+C7JhtIIb5xGGcnxHthL2tb61
96RWbY8HohP6YcRj6V8mKkFWurUUUyghBBuwz1iQ/d02vWCMfHsSnENMIaxEgNO/
05R3+8/sYqt8XOp9RDzHNZlry23e3WKg6/qDsn7mxnjC2TnePvs1zhVuW8GSUVUw
LRcc3sayLUTi3V3+ab2oQgmW9ICn6ZBBw98YAFpMrZX2qZYBb1BjDFYHYxZYOwzF
9LIuNtXPMnh6WJLy1i9t+LKnV8JWyikDHa8hOtnHFDJdOEOSGFUwcrnw2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAa6JTBOrgVsMk96DFhaieVXSFCOMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvQnJvbE1FNnVCV3d5VDNvTVdGcUo1VmRJVUk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCAjg4AwQA
W9nsAwQAwVSEMA0GCSqGSIb3DQEBCwUAA4IBAQBCqjLbLWUCi1QLFQb98xGB05Pd
VC1097n5jeE7hlafiUOLfD3AwzIxhlcK4FNVN2+3rSYMPWhSncVVa2K3rpp5j5+V
mH8igeUKun5MvGCGdS4C2rhvih9YhLVkeM6MFJjTbPAQiTKZffrriczTvt4ibMNi
Y7HbzHxIXtVfyV+FzzJIVC5mP7rgGMYVa3LA/I1GsES5qT1N5T01S5myJLcy/MAl
jtadgGMU2z/b0wKpuGXzvHIywxE86/npmzOSfJ39cYCHJorE8VVd8q7DJ9apz9kg
kWeTk0DdWMOOUseZ/FKnWrP3vVAn4Yh5X6M4+f2vweeVPwuzjkfry3xatBCS
-----END CERTIFICATE-----
Generated at Tue Nov 5 08:36:25 2024 by rpki-client on console-fra.rpki-client.org