Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JrY8ksvYIw5OKyYY5i0FIkHtoUQ.roa
File: JrY8ksvYIw5OKyYY5i0FIkHtoUQ.roa (raw, json)
Hash identifier: WvnfWh/TSXe0ixa5gpj2rp6DJ284kNLGTnsHO/IC0bw=
Subject key identifier: 26:B6:3C:92:CB:D8:23:0E:4E:2B:26:18:E6:2D:05:22:41:ED:A1:44
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019285A2CEBA64C18F70E49470020415BD09
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JrY8ksvYIw5OKyYY5i0FIkHtoUQ.roa
Signing time: Sun 13 Oct 2024 11:28:12 +0000
ROA not before: Sun 13 Oct 2024 11:28:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 89.36.22.0/24 maxlen: 24
185.121.122.0/23 maxlen: 24
188.212.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Oct 2024 09:22:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:85:a2:ce:ba:64:c1:8f:70:e4:94:70:02:04:15:bd:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 13 11:28:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26b63c92cbd8230e4e2b2618e62d052241eda144
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6d:9a:05:24:28:eb:5a:db:ef:a4:4e:8b:5e:
9d:4d:48:ae:d0:bc:91:25:49:f8:68:32:b5:ab:ee:
02:33:f3:12:87:55:44:de:a9:24:9e:79:03:58:d7:
08:5b:33:98:13:e0:ca:69:4f:6e:89:a2:71:13:18:
4b:ae:9f:95:68:ee:e6:d4:df:4b:62:0a:2e:9c:58:
3b:7d:08:d0:fb:b5:80:5e:c3:e3:17:ab:f4:2d:e6:
04:fe:ea:76:78:52:30:c8:c4:9a:d9:90:6a:c6:67:
5b:35:bf:b7:db:4d:ec:7e:72:f3:a4:8a:b4:32:81:
75:54:8f:0d:2e:1a:a0:81:fe:57:78:19:34:5a:e8:
a7:e1:55:3b:7b:27:fd:fc:bb:f3:fb:d6:9f:5f:1b:
c8:bb:92:db:2f:23:96:9b:63:73:71:29:c1:94:8f:
35:11:75:50:83:3b:2f:19:55:8f:f0:5b:cd:03:5e:
b6:11:bd:eb:c9:eb:ef:70:4e:0d:67:69:63:0b:46:
c8:93:d7:da:9e:74:b6:b3:d8:b1:e1:16:34:92:50:
75:c1:de:16:37:f8:7c:c3:2a:1f:a4:2b:11:7d:ec:
c9:c1:f0:67:de:39:91:c5:7b:a6:2b:87:0f:3c:83:
dc:0b:40:c2:53:e8:91:2f:f0:4f:32:34:c2:26:31:
eb:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:B6:3C:92:CB:D8:23:0E:4E:2B:26:18:E6:2D:05:22:41:ED:A1:44
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JrY8ksvYIw5OKyYY5i0FIkHtoUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.22.0/24
185.121.122.0/23
188.212.132.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:4c:9b:60:47:d9:59:c4:98:1a:d7:68:4d:cb:f7:37:f1:22:
b0:25:5b:e2:59:7c:56:2b:85:27:9a:f9:62:bf:ca:57:65:9f:
a1:8d:95:6d:4d:43:f2:e5:7a:79:ef:07:99:64:ba:15:11:e5:
ce:8c:9b:89:5d:ab:69:b6:da:14:37:4f:37:dc:e4:a2:f9:fc:
37:68:ee:9e:e8:0e:ed:ea:4e:7a:5e:bb:6b:d2:00:ff:47:7f:
71:ea:2e:2a:d5:b4:cb:5f:fc:10:67:45:e9:98:62:c6:55:56:
a1:6f:49:78:62:cf:c5:b3:82:7a:2d:92:81:23:3c:73:e3:df:
ad:4c:b5:bf:c1:eb:d6:96:b2:aa:be:41:a4:55:64:ef:13:82:
d3:e2:42:8b:14:b8:57:8f:4a:24:54:8e:ea:a6:99:8a:b9:4a:
ee:eb:63:5c:84:89:e7:e0:9a:d5:4b:04:70:cd:dc:f6:15:5c:
a6:b2:56:6b:69:ed:c1:d2:11:14:1d:3b:be:56:06:99:27:5d:
5c:12:3c:97:27:70:1f:40:a8:a5:13:25:0c:ab:a4:69:3a:5b:
91:cc:0b:ae:4b:a6:bb:08:69:21:38:46:08:93:a8:6e:52:8e:
85:bd:5e:9f:ce:be:a7:e1:ea:11:0c:e1:2c:9f:10:7d:f7:63:
6b:23:9d:46
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZKFos66ZMGPcOSUcAIEFb0JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQxMDEzMTEyODEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmI2M2M5MmNiZDgyMzBlNGUyYjI2MThlNjJkMDUyMjQxZWRhMTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo22aBSQo61rb76ROi16dTUiu0LyR
JUn4aDK1q+4CM/MSh1VE3qkknnkDWNcIWzOYE+DKaU9uiaJxExhLrp+VaO7m1N9L
YgounFg7fQjQ+7WAXsPjF6v0LeYE/up2eFIwyMSa2ZBqxmdbNb+3203sfnLzpIq0
MoF1VI8NLhqggf5XeBk0Wuin4VU7eyf9/Lvz+9afXxvIu5LbLyOWm2NzcSnBlI81
EXVQgzsvGVWP8FvNA162Eb3ryevvcE4NZ2ljC0bIk9fannS2s9ix4RY0klB1wd4W
N/h8wyofpCsRfezJwfBn3jmRxXumK4cPPIPcC0DCU+iRL/BPMjTCJjHrzwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCa2PJLL2CMOTismGOYtBSJB7aFEMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSnJZOGtzdllJdzVPS3lZWTVpMEZJa0h0b1VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSQWAwQB
uXl6AwQAvNSEMA0GCSqGSIb3DQEBCwUAA4IBAQAfTJtgR9lZxJga12hNy/c38SKw
JVviWXxWK4Unmvliv8pXZZ+hjZVtTUPy5Xp57weZZLoVEeXOjJuJXatpttoUN083
3OSi+fw3aO6e6A7t6k56Xrtr0gD/R39x6i4q1bTLX/wQZ0XpmGLGVVahb0l4Ys/F
s4J6LZKBIzxz49+tTLW/wevWlrKqvkGkVWTvE4LT4kKLFLhXj0okVI7qppmKuUru
62NchInn4JrVSwRwzdz2FVymslZrae3B0hEUHTu+VgaZJ11cEjyXJ3AfQKilEyUM
q6RpOluRzAuuS6a7CGkhOEYIk6huUo6FvV6fzr6n4eoRDOEsnxB992NrI51G
-----END CERTIFICATE-----
Generated at Tue Oct 15 10:34:59 2024 by rpki-client on console-fra.rpki-client.org