Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Krt3d5FeUsUVXKBco85nP5Ocfg0.roa
File: Krt3d5FeUsUVXKBco85nP5Ocfg0.roa (raw, json)
Hash identifier: XGu8j7GokQ4AUFsRKbjJsGUEQsxMVLaZjbMaDDHVm/E=
Subject key identifier: 2A:BB:77:77:91:5E:52:C5:15:5C:A0:5C:A3:CE:67:3F:93:9C:7E:0D
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01862A713D64F08B51392F40ADB8E1EC80F5
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Krt3d5FeUsUVXKBco85nP5Ocfg0.roa
Signing time: Tue 07 Feb 2023 05:55:09 +0000
ROA not before: Tue 07 Feb 2023 05:55:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400304
IP address blocks: 89.35.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Jun 2023 10:16:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2a:71:3d:64:f0:8b:51:39:2f:40:ad:b8:e1:ec:80:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 7 05:55:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2abb7777915e52c5155ca05ca3ce673f939c7e0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:3e:b7:7d:79:0d:78:a5:b4:f5:c7:5d:ab:88:
bb:00:0a:f5:b4:26:03:cf:d2:bf:ce:73:75:9a:ab:
fb:d6:d3:8e:af:92:c6:0d:b1:f0:f9:f7:9a:4f:08:
86:bd:d6:12:36:a5:b2:26:c8:8e:e2:be:1d:92:66:
19:b5:69:49:9f:7e:84:26:5e:7b:d3:b7:03:68:a1:
60:0c:07:20:35:a9:f2:6f:39:8b:77:53:d9:8f:c2:
84:90:5c:a8:40:cd:30:f3:90:eb:ff:cc:49:6e:04:
18:a4:5d:2e:29:7d:1c:8b:62:a0:d1:70:d2:ef:0c:
58:3b:e9:6a:28:fa:b2:75:62:34:b6:b2:d6:e7:0e:
f3:bb:25:ed:38:5e:97:70:7d:30:f9:92:89:a4:08:
24:29:20:47:55:04:cd:6a:43:db:5e:00:e3:c4:62:
d5:3f:da:85:1b:88:a9:62:ff:44:d0:b4:b5:2f:1c:
ac:48:a2:30:f7:1f:cf:6f:64:f4:8c:de:19:ac:6a:
7c:cc:75:94:ea:50:80:23:57:8b:86:7d:13:0d:da:
2c:3e:d2:3e:69:25:d7:08:ba:b9:45:ff:99:2f:e4:
88:f1:29:a0:03:dc:85:83:0f:08:cc:2e:d7:0d:a1:
a3:a3:80:11:e5:f1:c4:25:6b:e9:99:6e:68:b4:94:
80:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:BB:77:77:91:5E:52:C5:15:5C:A0:5C:A3:CE:67:3F:93:9C:7E:0D
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Krt3d5FeUsUVXKBco85nP5Ocfg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.155.0/24
Signature Algorithm: sha256WithRSAEncryption
26:cc:cf:09:f1:15:5c:de:c6:1e:6a:87:75:1a:cc:6b:dc:8f:
33:14:f2:89:14:e2:b9:89:14:ee:fd:5d:23:02:aa:35:67:b2:
09:24:de:47:5b:79:9b:00:0d:0d:f5:be:07:4a:73:b5:30:c0:
73:13:ec:be:29:e5:af:d3:5c:64:ca:2e:d0:38:72:b4:09:a1:
67:db:ac:3f:ef:17:ea:2e:91:34:68:f5:82:e0:af:50:d3:26:
6e:65:64:99:14:52:86:e3:fe:72:df:dd:91:0e:95:38:4a:fe:
d9:e3:5c:3b:9a:81:0e:ce:40:8f:c5:3f:f1:0b:57:6f:b6:1b:
a9:94:93:3c:0d:06:86:7a:3c:38:30:f4:70:54:ee:5e:46:e6:
86:96:cc:f6:e0:e3:10:05:54:54:1e:4c:3b:a5:90:ee:3f:9e:
46:2f:b8:b6:9d:bb:bb:df:58:bf:ff:29:39:67:fc:86:97:c7:
ac:50:8b:6d:74:a3:14:b1:fd:11:6e:98:ea:a1:91:9f:41:98:
87:33:87:69:b0:f4:74:90:b1:b3:75:28:37:0b:0b:2f:ff:ee:
b3:d4:60:48:0e:22:c0:ab:65:0d:74:76:ad:8d:f8:86:1f:92:
e4:37:84:f7:63:46:c4:4e:4f:38:03:60:91:f2:e0:f1:05:da:
12:f2:f6:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYqcT1k8ItROS9Arbjh7ID1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjA3MDU1NTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWJiNzc3NzkxNWU1MmM1MTU1Y2EwNWNhM2NlNjczZjkzOWM3ZTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkz63fXkNeKW09cddq4i7AAr1tCYD
z9K/znN1mqv71tOOr5LGDbHw+feaTwiGvdYSNqWyJsiO4r4dkmYZtWlJn36EJl57
07cDaKFgDAcgNanybzmLd1PZj8KEkFyoQM0w85Dr/8xJbgQYpF0uKX0ci2Kg0XDS
7wxYO+lqKPqydWI0trLW5w7zuyXtOF6XcH0w+ZKJpAgkKSBHVQTNakPbXgDjxGLV
P9qFG4ipYv9E0LS1LxysSKIw9x/Pb2T0jN4ZrGp8zHWU6lCAI1eLhn0TDdosPtI+
aSXXCLq5Rf+ZL+SI8SmgA9yFgw8IzC7XDaGjo4AR5fHEJWvpmW5otJSA0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCq7d3eRXlLFFVygXKPOZz+TnH4NMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvS3J0M2Q1RmVVc1VWWEtCY284NW5QNU9jZmcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSObMA0G
CSqGSIb3DQEBCwUAA4IBAQAmzM8J8RVc3sYeaod1Gsxr3I8zFPKJFOK5iRTu/V0j
Aqo1Z7IJJN5HW3mbAA0N9b4HSnO1MMBzE+y+KeWv01xkyi7QOHK0CaFn26w/7xfq
LpE0aPWC4K9Q0yZuZWSZFFKG4/5y392RDpU4Sv7Z41w7moEOzkCPxT/xC1dvthup
lJM8DQaGejw4MPRwVO5eRuaGlsz24OMQBVRUHkw7pZDuP55GL7i2nbu731i//yk5
Z/yGl8esUIttdKMUsf0RbpjqoZGfQZiHM4dpsPR0kLGzdSg3Cwsv/+6z1GBIDiLA
q2UNdHatjfiGH5LkN4T3Y0bETk84A2CR8uDxBdoS8vYS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:10 2024 by rpki-client on console-ams.rpki-client.org