Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/K63C1BKKbKWrq4ZnTzM2N1hYrXk.roa
File: K63C1BKKbKWrq4ZnTzM2N1hYrXk.roa (raw, json)
Hash identifier: l08TAfnYt3t6NfKaUT+i67rUe7uk+F98UpaAk8CLeAE=
Subject key identifier: 2B:AD:C2:D4:12:8A:6C:A5:AB:AB:86:67:4F:33:36:37:58:58:AD:79
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0192E407122D380472336B16EAA85B98D08B
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/K63C1BKKbKWrq4ZnTzM2N1hYrXk.roa
Signing time: Thu 31 Oct 2024 19:22:01 +0000
ROA not before: Thu 31 Oct 2024 19:22:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 89.37.63.0/24 maxlen: 24
185.121.122.0/23 maxlen: 24
188.212.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Nov 2024 13:07:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e4:07:12:2d:38:04:72:33:6b:16:ea:a8:5b:98:d0:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 31 19:22:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2badc2d4128a6ca5abab86674f3336375858ad79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:46:b4:dd:fa:6a:e3:29:9f:d3:fa:83:7f:78:
b3:d3:fd:d1:52:dd:12:7e:f4:eb:b8:09:8c:7d:dc:
ef:d3:de:2c:40:22:91:9e:06:e1:f3:ca:a6:04:63:
b6:71:cc:85:e4:4f:72:25:c6:7f:03:51:cd:b1:bd:
aa:e7:be:75:5c:79:fb:f3:fa:24:3e:8f:95:22:83:
fa:6a:fc:ff:8d:fe:f3:9a:d8:01:ac:fa:19:a3:ae:
7a:99:63:76:20:ff:01:0f:21:41:94:7c:ea:b6:81:
4f:cc:c5:f6:51:5b:1a:b2:01:6a:ba:ca:71:0f:06:
17:32:c9:fa:66:49:b4:50:67:81:c0:bf:48:e7:6d:
8b:7e:37:4d:f3:cd:84:62:a2:c5:3c:6c:f2:81:0b:
83:51:40:95:26:94:14:1f:0c:d8:32:67:63:19:9c:
5b:90:bf:53:04:f3:45:5f:94:ec:17:cd:63:58:a9:
2d:48:64:4a:00:aa:c8:c5:54:0a:6a:d0:4e:8a:63:
91:2f:05:bb:07:a5:8b:37:3b:24:f5:75:e7:9a:a6:
22:95:f5:55:d5:3d:f3:90:5c:f5:a4:ba:47:ee:20:
3f:89:50:f5:b3:e7:0f:98:0f:0f:17:8f:7c:ee:cc:
5f:8a:63:15:d5:bc:75:90:2a:13:6f:3b:38:51:0d:
16:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:AD:C2:D4:12:8A:6C:A5:AB:AB:86:67:4F:33:36:37:58:58:AD:79
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/K63C1BKKbKWrq4ZnTzM2N1hYrXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.63.0/24
185.121.122.0/23
188.212.133.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:21:40:79:e2:61:b9:8d:58:12:64:a5:80:f4:c5:40:2e:5e:
ef:ef:59:d7:e1:ec:5a:e4:ad:f9:0e:ff:2a:ca:0b:34:51:76:
70:e7:80:f6:ff:67:86:bb:79:b7:c6:a7:a5:6a:ca:d3:d2:06:
34:15:91:60:20:b4:52:fa:22:0c:47:e2:d3:fa:44:fa:12:3a:
48:1f:f3:32:8b:5d:8c:68:86:e5:03:55:63:2e:6a:d3:d7:da:
11:2b:67:13:5d:6f:7c:2d:99:8b:e1:f4:29:92:ea:30:3d:33:
fe:ba:30:ea:8f:44:78:f6:8c:fb:d5:99:2a:a2:44:90:69:c6:
66:ac:42:35:99:7a:c5:f3:09:b3:5e:33:a9:6c:4b:8d:57:fa:
2c:e9:90:ce:e6:79:c9:4e:e4:02:21:b1:7a:2e:e1:33:88:cd:
31:3e:ca:08:60:7f:4e:c9:47:9d:e0:eb:d7:c4:5a:f1:c5:f0:
7a:fc:67:0d:73:3f:3b:d0:da:77:95:3b:d8:53:ed:ca:51:92:
c2:4a:b0:2d:e6:30:e9:ab:e7:0f:74:2f:a6:dd:08:e1:17:37:
7f:fb:63:7b:53:8e:4b:24:7c:a5:2b:3a:7d:e7:2f:35:78:91:
64:cf:df:b2:47:b6:e1:f9:60:9b:c8:7d:b3:dc:68:24:d6:6f:
1e:fc:57:93
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZLkBxItOARyM2sW6qhbmNCLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQxMDMxMTkyMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmFkYzJkNDEyOGE2Y2E1YWJhYjg2Njc0ZjMzMzYzNzU4NThhZDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUa03fpq4ymf0/qDf3iz0/3RUt0S
fvTruAmMfdzv094sQCKRngbh88qmBGO2ccyF5E9yJcZ/A1HNsb2q5751XHn78/ok
Po+VIoP6avz/jf7zmtgBrPoZo656mWN2IP8BDyFBlHzqtoFPzMX2UVsasgFquspx
DwYXMsn6Zkm0UGeBwL9I522LfjdN882EYqLFPGzygQuDUUCVJpQUHwzYMmdjGZxb
kL9TBPNFX5TsF81jWKktSGRKAKrIxVQKatBOimORLwW7B6WLNzsk9XXnmqYilfVV
1T3zkFz1pLpH7iA/iVD1s+cPmA8PF4987sxfimMV1bx1kCoTbzs4UQ0WaQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCutwtQSimylq6uGZ08zNjdYWK15MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSzYzQzFCS0tiS1dycTRablR6TTJOMWhZclhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSU/AwQB
uXl6AwQAvNSFMA0GCSqGSIb3DQEBCwUAA4IBAQAtIUB54mG5jVgSZKWA9MVALl7v
71nX4exa5K35Dv8qygs0UXZw54D2/2eGu3m3xqelasrT0gY0FZFgILRS+iIMR+LT
+kT6EjpIH/Myi12MaIblA1VjLmrT19oRK2cTXW98LZmL4fQpkuowPTP+ujDqj0R4
9oz71ZkqokSQacZmrEI1mXrF8wmzXjOpbEuNV/os6ZDO5nnJTuQCIbF6LuEziM0x
PsoIYH9OyUed4OvXxFrxxfB6/GcNcz870Np3lTvYU+3KUZLCSrAt5jDpq+cPdC+m
3QjhFzd/+2N7U45LJHylKzp95y81eJFkz9+yR7bh+WCbyH2z3Ggk1m8e/FeT
-----END CERTIFICATE-----
Generated at Fri Nov 1 14:34:51 2024 by rpki-client on console-fra.rpki-client.org