Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NUhH_TkkRMTnA6yOtSvJMpj9RvI.roa
File: NUhH_TkkRMTnA6yOtSvJMpj9RvI.roa (raw, json)
Hash identifier: 9hRdHjDfI9aLLKn/Zyaf5LofG6sxhgkOtREjo18NuVw=
Subject key identifier: 35:48:47:FD:39:24:44:C4:E7:03:AC:8E:B5:2B:C9:32:98:FD:46:F2
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0189DF4DB341B8C27FBD993D3AB432F830BC
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NUhH_TkkRMTnA6yOtSvJMpj9RvI.roa
Signing time: Thu 10 Aug 2023 11:55:58 +0000
ROA not before: Thu 10 Aug 2023 11:55:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51722
IP address blocks: 89.35.155.0/24 maxlen: 24
188.212.158.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:df:4d:b3:41:b8:c2:7f:bd:99:3d:3a:b4:32:f8:30:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 10 11:55:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=354847fd392444c4e703ac8eb52bc93298fd46f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3c:a2:a6:46:e0:96:eb:01:68:70:d9:e8:6a:
96:14:07:22:be:a9:e4:fc:57:4b:d8:e5:8d:7f:56:
03:3b:e3:60:27:f2:61:f6:fa:01:17:f3:3e:c9:63:
2b:1f:da:ec:24:15:d4:69:7c:43:69:01:3a:da:e5:
6b:dc:0e:b5:0f:8e:f5:7f:d3:8f:5d:23:94:b6:bd:
6e:f9:59:03:53:05:b8:e1:30:5e:d7:99:11:a1:3c:
0e:3a:9f:d6:ff:89:79:eb:8a:e0:67:14:13:8e:7b:
48:6a:7b:82:b4:6c:f2:62:02:3f:04:cc:29:2d:8d:
2d:13:f9:99:40:7a:8c:21:1d:89:95:3e:fc:18:39:
71:f9:3b:1c:40:10:c5:75:02:94:82:48:e0:4c:af:
e3:a7:d8:23:a4:50:3d:ea:5c:15:b4:c2:6c:be:c6:
d3:6a:c8:a9:9f:f6:f5:5f:65:65:f4:0e:45:0d:6e:
02:8b:19:21:f8:d0:aa:31:7d:60:d9:1a:91:7b:51:
4c:01:c7:a0:a7:3b:94:2b:11:d3:57:1f:07:3b:98:
d5:9c:c3:5e:c2:e8:d7:fb:2a:24:5a:84:54:bc:58:
0b:22:b0:cf:d3:d9:22:6d:3c:12:ce:89:82:e2:21:
29:b6:48:08:4b:fd:64:0f:8c:31:73:b2:24:34:b3:
49:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:48:47:FD:39:24:44:C4:E7:03:AC:8E:B5:2B:C9:32:98:FD:46:F2
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NUhH_TkkRMTnA6yOtSvJMpj9RvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.155.0/24
89.37.62.0/24
188.212.155.0/24
188.212.158.0/24
Signature Algorithm: sha256WithRSAEncryption
91:05:0c:99:76:5d:0b:6c:e9:a0:5c:40:31:a3:f3:c8:e6:b7:
88:ca:a5:3d:a7:f1:c7:c9:4a:6a:26:3a:4f:32:63:1c:40:3b:
65:2b:61:2e:84:cc:de:ac:79:b4:4a:fe:88:9e:73:59:2f:a3:
87:d0:f1:b0:d9:d4:56:0e:92:b3:aa:18:59:73:ab:25:fc:96:
c4:6f:92:7e:e0:30:76:d3:12:96:c1:8b:22:77:f1:28:8a:3a:
39:d0:8f:8b:56:b0:7d:35:f3:c9:29:9b:4a:21:f2:48:d9:b4:
13:de:5e:08:ec:f8:6b:8d:00:39:f4:43:a0:f4:fd:87:97:95:
8c:d8:08:56:f6:e3:a6:08:bc:d2:37:bc:fe:e8:de:8b:89:df:
72:02:4f:db:95:15:a4:6a:ec:ac:75:87:5b:f1:bf:28:04:3c:
cc:02:fe:6b:e4:9c:90:6b:12:42:d0:02:59:c2:a9:ba:ae:bf:
78:94:d6:f6:16:e1:c2:f8:2a:46:f0:f8:13:60:ea:02:8a:c0:
4e:4b:27:c7:fa:71:97:70:9e:7a:6c:31:3c:f0:d5:eb:e9:60:
d7:58:6a:b4:b2:e9:a5:8f:e2:06:8f:81:cd:26:2a:d0:e3:1b:
8c:50:08:e5:14:eb:61:16:00:2f:b8:8c:62:7d:5a:60:ee:1a:
59:1a:f2:e4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYnfTbNBuMJ/vZk9OrQy+DC8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwODEwMTE1NTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTQ4NDdmZDM5MjQ0NGM0ZTcwM2FjOGViNTJiYzkzMjk4ZmQ0NmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDyipkbglusBaHDZ6GqWFAcivqnk
/FdL2OWNf1YDO+NgJ/Jh9voBF/M+yWMrH9rsJBXUaXxDaQE62uVr3A61D471f9OP
XSOUtr1u+VkDUwW44TBe15kRoTwOOp/W/4l564rgZxQTjntIanuCtGzyYgI/BMwp
LY0tE/mZQHqMIR2JlT78GDlx+TscQBDFdQKUgkjgTK/jp9gjpFA96lwVtMJsvsbT
asipn/b1X2Vl9A5FDW4Cixkh+NCqMX1g2RqRe1FMAcegpzuUKxHTVx8HO5jVnMNe
wujX+yokWoRUvFgLIrDP09kibTwSzomC4iEptkgIS/1kD4wxc7IkNLNJLQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDVIR/05JETE5wOsjrUryTKY/UbyMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvTlVoSF9Ua2tSTVRuQTZ5T3RTdkpNcGo5UnZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWSObAwQA
WSU+AwQAvNSbAwQAvNSeMA0GCSqGSIb3DQEBCwUAA4IBAQCRBQyZdl0LbOmgXEAx
o/PI5reIyqU9p/HHyUpqJjpPMmMcQDtlK2EuhMzerHm0Sv6InnNZL6OH0PGw2dRW
DpKzqhhZc6sl/JbEb5J+4DB20xKWwYsid/Eoijo50I+LVrB9NfPJKZtKIfJI2bQT
3l4I7PhrjQA59EOg9P2Hl5WM2AhW9uOmCLzSN7z+6N6Lid9yAk/blRWkauysdYdb
8b8oBDzMAv5r5JyQaxJC0AJZwqm6rr94lNb2FuHC+CpG8PgTYOoCisBOSyfH+nGX
cJ56bDE88NXr6WDXWGq0sumlj+IGj4HNJirQ4xuMUAjlFOthFgAvuIxifVpg7hpZ
GvLk
-----END CERTIFICATE-----
Generated at Sun Aug 13 09:34:38 2023 by rpki-client on console-fra.rpki-client.org