Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/HIsayDkxn1UWwkRv7ffKDK3JzD8.roa
File: HIsayDkxn1UWwkRv7ffKDK3JzD8.roa (raw, json)
Hash identifier: XNaRNIdticwAUlXJB5EF12NiBUiBj3LHaLe1TAAimMo=
Subject key identifier: 1C:8B:1A:C8:39:31:9F:55:16:C2:44:6F:ED:F7:CA:0C:AD:C9:CC:3F
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018BB427776243228F588E8AFE9DCFA40AD2
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/HIsayDkxn1UWwkRv7ffKDK3JzD8.roa
Signing time: Thu 09 Nov 2023 12:56:07 +0000
ROA not before: Thu 09 Nov 2023 12:56:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49981
IP address blocks: 62.106.89.0/24 maxlen: 24
45.130.201.0/24 maxlen: 24
185.244.138.0/24 maxlen: 24
212.119.35.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b4:27:77:62:43:22:8f:58:8e:8a:fe:9d:cf:a4:0a:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 9 12:56:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c8b1ac839319f5516c2446fedf7ca0cadc9cc3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:9c:9f:d3:ec:e8:0c:21:05:fd:e8:e9:00:6d:
71:88:04:da:5a:19:7d:dc:95:3d:a1:c5:dc:6f:1a:
01:61:90:49:d2:b7:ca:fd:2b:fc:4d:f9:3c:88:af:
4b:93:9a:76:4b:4f:1f:24:4a:9c:ff:32:30:77:0f:
00:f0:5d:a7:c2:c4:29:b8:43:dc:e5:4d:cb:a6:5a:
94:d0:e1:ea:b1:f3:1e:27:cc:c3:5b:4a:88:01:8f:
d4:22:e5:02:0c:57:12:68:f4:78:0b:80:f5:b5:47:
cf:dc:95:24:8e:3f:e6:fa:07:4f:e2:66:7c:02:f9:
84:80:b0:5c:95:56:fc:47:12:fb:2a:37:72:ec:27:
5c:42:08:8b:8d:38:fc:a0:ef:20:1a:5d:63:af:ec:
e7:5f:06:e7:03:44:76:f2:02:a2:0a:f2:66:ee:ac:
1e:0d:50:f8:1f:a7:b9:6c:3d:96:b0:49:3f:4f:70:
a1:01:e2:1b:93:c9:ea:b8:f4:be:f8:a9:f0:06:dd:
f5:44:5f:34:32:dc:a6:7f:64:d9:f3:ed:93:58:12:
98:6e:dd:16:34:d7:7e:2a:ff:e7:e9:32:08:ce:cb:
28:38:45:7e:23:8c:17:3f:5c:5d:42:e0:b2:27:ea:
0b:d5:d5:43:46:d3:db:cf:4c:4e:6d:84:51:1f:78:
88:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:8B:1A:C8:39:31:9F:55:16:C2:44:6F:ED:F7:CA:0C:AD:C9:CC:3F
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/HIsayDkxn1UWwkRv7ffKDK3JzD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.201.0/24
62.106.89.0/24
185.244.138.0/24
212.119.35.0/24
Signature Algorithm: sha256WithRSAEncryption
81:1b:56:2d:10:10:6a:28:94:ae:32:18:59:16:44:3e:c5:20:
3b:59:55:97:72:61:2c:59:88:20:73:b0:87:fc:ec:c5:fb:c9:
4d:37:f8:ea:11:6e:96:c6:7e:2b:8b:9b:85:9c:d3:fc:1c:a6:
5a:76:62:ed:b0:9b:bc:41:91:89:a9:ef:56:41:ed:12:ff:4d:
26:c6:f3:d6:bf:b8:d0:6f:fa:59:c7:0b:1e:cb:ed:2d:96:5d:
43:a7:64:e1:cc:3b:4f:da:97:35:1f:64:9f:6f:9a:06:f4:af:
a1:af:be:d7:f8:68:2b:bd:55:8c:2a:2f:6d:d7:f9:40:ec:44:
f1:0e:b1:4f:76:df:13:92:25:9f:1f:41:51:9b:43:f8:f5:6c:
10:81:2c:05:55:1e:36:60:5e:ca:21:30:49:88:21:e7:74:91:
6b:63:11:55:34:d7:cc:53:7d:5b:f8:d9:d8:f8:ac:b4:ea:cf:
90:00:d1:38:d0:ef:a8:a5:da:88:d4:9a:08:b8:8e:21:9d:1e:
d5:df:35:6c:e3:9d:36:9b:f3:10:17:0d:ad:ae:25:eb:7f:1e:
ce:7d:1c:e2:db:6f:c8:0e:6a:6d:61:8e:0e:48:71:b3:f7:3f:
86:74:46:4d:ab:b7:d3:a6:c9:89:89:b1:ea:29:6b:9d:e2:8a:
e0:ca:df:61
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYu0J3diQyKPWI6K/p3PpArSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTA5MTI1NjA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzhiMWFjODM5MzE5ZjU1MTZjMjQ0NmZlZGY3Y2EwY2FkYzljYzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5yf0+zoDCEF/ejpAG1xiATaWhl9
3JU9ocXcbxoBYZBJ0rfK/Sv8Tfk8iK9Lk5p2S08fJEqc/zIwdw8A8F2nwsQpuEPc
5U3LplqU0OHqsfMeJ8zDW0qIAY/UIuUCDFcSaPR4C4D1tUfP3JUkjj/m+gdP4mZ8
AvmEgLBclVb8RxL7Kjdy7CdcQgiLjTj8oO8gGl1jr+znXwbnA0R28gKiCvJm7qwe
DVD4H6e5bD2WsEk/T3ChAeIbk8nquPS++KnwBt31RF80Mtymf2TZ8+2TWBKYbt0W
NNd+Kv/n6TIIzssoOEV+I4wXP1xdQuCyJ+oL1dVDRtPbz0xObYRRH3iIkQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFByLGsg5MZ9VFsJEb+33ygytycw/MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSElzYXlEa3huMVVXd2tSdjdmZktESzNKekQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYLJAwQA
PmpZAwQAufSKAwQA1HcjMA0GCSqGSIb3DQEBCwUAA4IBAQCBG1YtEBBqKJSuMhhZ
FkQ+xSA7WVWXcmEsWYggc7CH/OzF+8lNN/jqEW6Wxn4ri5uFnNP8HKZadmLtsJu8
QZGJqe9WQe0S/00mxvPWv7jQb/pZxwsey+0tll1Dp2ThzDtP2pc1H2Sfb5oG9K+h
r77X+GgrvVWMKi9t1/lA7ETxDrFPdt8TkiWfH0FRm0P49WwQgSwFVR42YF7KITBJ
iCHndJFrYxFVNNfMU31b+NnY+Ky06s+QANE40O+opdqI1JoIuI4hnR7V3zVs4502
m/MQFw2triXrfx7OfRzi22/IDmptYY4OSHGz9z+GdEZNq7fTpsmJibHqKWud4org
yt9h
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:17 2024 by rpki-client on console-ams.rpki-client.org