Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/PD-6ZNCshwvMeFyIHatZN3zDGPY.roa
File: PD-6ZNCshwvMeFyIHatZN3zDGPY.roa (raw, json)
Hash identifier: WNKTaIdzNNQrex5qvEoKiuXj5T8+rbSnlfjawNuZSRA=
Subject key identifier: 3C:3F:BA:64:D0:AC:87:0B:CC:78:5C:88:1D:AB:59:37:7C:C3:18:F6
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01867A58FDA5E81AD4F212A436CD4C2F22EF
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/PD-6ZNCshwvMeFyIHatZN3zDGPY.roa
Signing time: Wed 22 Feb 2023 18:18:17 +0000
ROA not before: Wed 22 Feb 2023 18:18:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211237
IP address blocks: 89.35.159.0/24 maxlen: 24
89.44.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Mar 2023 06:24:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7a:58:fd:a5:e8:1a:d4:f2:12:a4:36:cd:4c:2f:22:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 22 18:18:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c3fba64d0ac870bcc785c881dab59377cc318f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:6f:c1:19:c7:80:dd:72:e1:2b:b0:27:59:38:
91:e4:63:c5:d4:a9:ba:17:94:a4:c2:9f:4a:b7:0c:
d6:02:d1:af:de:36:7e:37:96:f7:fc:d8:99:b0:99:
88:51:d9:f5:dd:0d:35:92:84:83:a1:7f:45:52:dc:
f4:c8:36:e7:d1:a8:a3:c6:81:e9:3e:5b:2a:41:2a:
f8:92:58:53:cd:51:56:f7:f9:f5:57:fb:d2:80:0e:
00:0d:05:4e:2e:ce:41:34:5b:53:f1:52:35:2f:4e:
a0:9b:4c:88:0c:f9:25:22:49:b5:f9:39:75:27:ab:
7c:6a:34:bc:22:94:af:84:b9:f5:4a:0f:5e:01:00:
c3:50:33:83:9b:f4:56:08:91:7e:5c:5b:b7:ec:51:
14:9e:cc:76:b6:ee:93:9b:6e:e3:d8:71:06:16:c7:
ac:eb:0a:fc:46:fa:1b:b8:06:37:9c:b5:75:54:60:
83:d5:73:1c:e4:c8:ed:29:8e:15:77:e1:d0:e1:01:
77:5b:6e:a2:d3:a9:98:ba:32:08:55:3c:23:10:e5:
96:3d:b6:25:a9:40:02:dc:07:2a:3f:ac:12:88:9a:
c5:6d:fe:33:0e:b3:49:27:fb:25:36:a6:0d:9b:8d:
50:75:1a:12:b0:0e:c7:57:5a:43:d3:35:94:de:e1:
be:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:3F:BA:64:D0:AC:87:0B:CC:78:5C:88:1D:AB:59:37:7C:C3:18:F6
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/PD-6ZNCshwvMeFyIHatZN3zDGPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.159.0/24
89.44.207.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:65:96:3b:09:10:f1:f0:ae:d0:2f:ff:ab:f3:49:24:ca:df:
5d:d9:f3:3a:34:26:6c:3e:1f:af:e1:ec:fa:c7:f3:17:28:77:
20:39:9a:f4:2b:d7:8e:5e:48:93:a6:30:5c:ca:91:bc:dc:99:
65:fb:57:38:4b:50:34:d5:c0:59:63:8c:a3:1e:b9:7a:70:b1:
2f:cd:0d:32:06:4d:cc:73:9e:c6:8f:aa:1d:59:d5:2f:3a:ae:
4e:c0:b0:ec:02:c0:3a:f8:f9:b8:94:e6:63:9d:f5:f2:38:81:
4d:11:36:c2:ed:1e:02:67:08:33:2a:e6:ba:dd:64:27:98:b4:
8d:be:3a:83:1f:f1:37:99:70:e6:01:d1:01:dd:1c:26:86:b4:
b2:75:3d:eb:8b:ec:d3:4d:7f:9f:ff:ef:25:8d:80:da:04:59:
31:72:0d:8e:98:7e:01:0a:4f:90:f4:5e:bc:dd:f7:76:da:3b:
bb:ca:1a:4a:40:5b:3f:eb:05:1c:e8:37:30:3c:15:fd:45:ac:
c4:ad:01:ca:78:85:30:e3:33:57:b1:d9:00:47:f5:2a:da:8c:
10:ab:39:20:5a:df:1e:da:ad:80:a0:a5:4d:9c:16:1e:fb:df:
47:a5:63:1a:11:db:ee:62:c7:af:75:c3:41:91:36:c7:24:ca:
63:cf:28:d4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZ6WP2l6BrU8hKkNs1MLyLvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjIyMTgxODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzNmYmE2NGQwYWM4NzBiY2M3ODVjODgxZGFiNTkzNzdjYzMxOGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApG/BGceA3XLhK7AnWTiR5GPF1Km6
F5Skwp9KtwzWAtGv3jZ+N5b3/NiZsJmIUdn13Q01koSDoX9FUtz0yDbn0aijxoHp
PlsqQSr4klhTzVFW9/n1V/vSgA4ADQVOLs5BNFtT8VI1L06gm0yIDPklIkm1+Tl1
J6t8ajS8IpSvhLn1Sg9eAQDDUDODm/RWCJF+XFu37FEUnsx2tu6Tm27j2HEGFses
6wr8RvobuAY3nLV1VGCD1XMc5MjtKY4Vd+HQ4QF3W26i06mYujIIVTwjEOWWPbYl
qUAC3AcqP6wSiJrFbf4zDrNJJ/slNqYNm41QdRoSsA7HV1pD0zWU3uG+5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDw/umTQrIcLzHhciB2rWTd8wxj2MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUEQtNlpOQ3Nod3ZNZUZ5SUhhdFpOM3pER1BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSOfAwQA
WSzPMA0GCSqGSIb3DQEBCwUAA4IBAQAqZZY7CRDx8K7QL/+r80kkyt9d2fM6NCZs
Ph+v4ez6x/MXKHcgOZr0K9eOXkiTpjBcypG83Jll+1c4S1A01cBZY4yjHrl6cLEv
zQ0yBk3Mc57Gj6odWdUvOq5OwLDsAsA6+Pm4lOZjnfXyOIFNETbC7R4CZwgzKua6
3WQnmLSNvjqDH/E3mXDmAdEB3RwmhrSydT3ri+zTTX+f/+8ljYDaBFkxcg2OmH4B
Ck+Q9F683fd22ju7yhpKQFs/6wUc6DcwPBX9RazErQHKeIUw4zNXsdkAR/Uq2owQ
qzkgWt8e2q2AoKVNnBYe+99HpWMaEdvuYsevdcNBkTbHJMpjzyjU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:10 2024 by rpki-client on console-ams.rpki-client.org