Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/N1N0CLuq7Wbr1vdyibxo0PqseLQ.roa
File: N1N0CLuq7Wbr1vdyibxo0PqseLQ.roa (raw, json)
Hash identifier: YfiTq5NlVIlem/meLqY4AtHUjVlOB0SESXk0SzSE3A8=
Subject key identifier: 37:53:74:08:BB:AA:ED:66:EB:D6:F7:72:89:BC:68:D0:FA:AC:78:B4
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01861603C25156FDFBDD15002D4266B1224E
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/N1N0CLuq7Wbr1vdyibxo0PqseLQ.roa
Signing time: Fri 03 Feb 2023 06:43:10 +0000
ROA not before: Fri 03 Feb 2023 06:43:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3507
IP address blocks: 89.35.154.0/24 maxlen: 24
45.156.158.0/24 maxlen: 24
45.156.157.0/24 maxlen: 24
93.115.109.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 04 Feb 2023 17:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:16:03:c2:51:56:fd:fb:dd:15:00:2d:42:66:b1:22:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 3 06:43:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37537408bbaaed66ebd6f77289bc68d0faac78b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:8a:99:29:5f:d4:ba:6c:26:d7:61:37:e9:fd:
b6:4c:48:b5:8a:30:2a:d8:8c:ff:09:1f:da:45:09:
79:71:50:cc:40:b1:f2:16:92:d3:54:8f:00:72:cd:
8c:3a:ee:f0:0d:2f:3a:49:92:ba:8d:75:e9:5e:ca:
c5:78:00:72:0c:f6:69:cd:8b:15:3d:06:2b:b7:1a:
27:46:b0:a1:f9:86:5b:f6:60:af:80:a4:ae:38:c6:
64:57:41:17:03:70:08:15:d4:83:28:99:7d:bf:bd:
e9:1f:41:05:32:f3:f4:9e:f2:c6:95:dc:da:07:08:
0e:98:88:68:6d:8c:3f:c6:21:ba:ea:9a:e6:88:1c:
74:04:0d:e6:6a:9f:8f:1b:81:77:a9:50:8f:4e:fa:
7c:ff:9a:f4:28:fa:81:19:73:d4:ae:18:20:e7:a1:
86:7c:f1:1b:70:b4:bf:4a:32:06:b0:04:ed:0f:ed:
8f:27:03:7c:f0:42:59:84:b5:d0:74:19:e3:64:dd:
95:e8:33:fe:af:19:43:56:cd:b5:55:d5:8f:c1:a8:
cc:15:5c:84:52:4c:00:ed:cc:2b:c3:a6:99:0e:c6:
62:f7:7b:9b:d5:3c:c7:25:c7:52:3f:87:fa:43:12:
2e:4d:09:eb:83:c1:b4:66:e4:70:e6:a8:95:cd:a5:
e4:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:53:74:08:BB:AA:ED:66:EB:D6:F7:72:89:BC:68:D0:FA:AC:78:B4
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/N1N0CLuq7Wbr1vdyibxo0PqseLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.157.0-45.156.158.255
89.35.154.0/24
89.37.62.0/24
93.115.109.0/24
Signature Algorithm: sha256WithRSAEncryption
93:dc:f4:de:3b:5d:e5:05:6c:94:8d:23:83:55:32:e8:db:b5:
65:fd:6b:b3:bc:e8:10:90:84:63:60:e2:e1:66:9d:9b:86:d6:
24:81:4b:8f:96:cc:0a:21:7b:3e:4c:12:9c:47:8e:cb:97:eb:
85:40:fc:a9:eb:89:9b:5f:98:d9:38:b3:30:5b:01:31:0e:f1:
06:20:0c:42:c6:f8:fb:7a:71:9f:c3:2f:fe:3d:80:9e:83:35:
d4:bf:91:fc:ce:9b:a0:e6:ff:91:79:87:22:8a:dc:58:2c:d6:
a3:a5:30:f2:56:84:2e:9e:ef:db:da:fc:42:cf:da:2d:06:fd:
a5:a1:57:e4:f7:56:4b:19:c2:27:90:a2:1b:77:d4:93:30:5c:
02:c4:aa:eb:94:c4:cd:61:c0:22:a2:cc:b1:76:40:59:6e:0f:
94:8a:32:7b:ab:33:21:07:ef:7d:6d:ba:91:a8:b3:ce:e5:2b:
bc:6e:b1:d2:89:1d:b7:73:ff:04:39:90:23:b7:e6:10:fd:cd:
08:43:8d:6d:dd:5d:3c:47:de:5f:51:19:2e:3b:eb:ef:7c:a2:
87:18:b0:55:31:16:18:58:0c:92:95:c4:be:8d:24:53:4a:52:
98:f3:53:35:0c:f0:b5:17:88:22:2e:09:91:41:ac:98:65:b2:
00:6a:12:cd
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYYWA8JRVv373RUALUJmsSJOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjAzMDY0MzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzUzNzQwOGJiYWFlZDY2ZWJkNmY3NzI4OWJjNjhkMGZhYWM3OGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYqZKV/Uumwm12E36f22TEi1ijAq
2Iz/CR/aRQl5cVDMQLHyFpLTVI8Acs2MOu7wDS86SZK6jXXpXsrFeAByDPZpzYsV
PQYrtxonRrCh+YZb9mCvgKSuOMZkV0EXA3AIFdSDKJl9v73pH0EFMvP0nvLGldza
BwgOmIhobYw/xiG66prmiBx0BA3map+PG4F3qVCPTvp8/5r0KPqBGXPUrhgg56GG
fPEbcLS/SjIGsATtD+2PJwN88EJZhLXQdBnjZN2V6DP+rxlDVs21VdWPwajMFVyE
UkwA7cwrw6aZDsZi93ub1TzHJcdSP4f6QxIuTQnrg8G0ZuRw5qiVzaXkWwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDdTdAi7qu1m69b3com8aND6rHi0MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvTjFOMENMdXE3V2JyMXZkeWlieG8wUHFzZUxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAAtnJ0D
BAAtnJ4DBABZI5oDBABZJT4DBABdc20wDQYJKoZIhvcNAQELBQADggEBAJPc9N47
XeUFbJSNI4NVMujbtWX9a7O86BCQhGNg4uFmnZuG1iSBS4+WzAohez5MEpxHjsuX
64VA/KnriZtfmNk4szBbATEO8QYgDELG+Pt6cZ/DL/49gJ6DNdS/kfzOm6Dm/5F5
hyKK3Fgs1qOlMPJWhC6e79va/ELP2i0G/aWhV+T3VksZwieQoht31JMwXALEquuU
xM1hwCKizLF2QFluD5SKMnurMyEH731tupGos87lK7xusdKJHbdz/wQ5kCO35hD9
zQhDjW3dXTxH3l9RGS476+98oocYsFUxFhhYDJKVxL6NJFNKUpjzUzUM8LUXiCIu
CZFBrJhlsgBqEs0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:45 2024 by rpki-client on console-fra.rpki-client.org