Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/RoVyIw6cqTgJBmdCqVBHp-A79BY.roa
File: RoVyIw6cqTgJBmdCqVBHp-A79BY.roa (raw, json)
Hash identifier: wX6YCJu88cV0MqzCFa1fUwFiP3VU1+nODT8wsR6YI7s=
Subject key identifier: 46:85:72:23:0E:9C:A9:38:09:06:67:42:A9:50:47:A7:E0:3B:F4:16
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01862D7B711F549565677B1A64CA7C78E23F
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/RoVyIw6cqTgJBmdCqVBHp-A79BY.roa
Signing time: Tue 07 Feb 2023 20:05:09 +0000
ROA not before: Tue 07 Feb 2023 20:05:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 139660
IP address blocks: 89.33.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 04 Mar 2023 07:46:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2d:7b:71:1f:54:95:65:67:7b:1a:64:ca:7c:78:e2:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 7 20:05:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=468572230e9ca93809066742a95047a7e03bf416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:c9:61:e3:1b:39:55:2f:e1:13:79:ea:d7:36:
b6:bf:cc:9c:5f:e3:d9:af:cf:32:0c:75:25:98:a4:
e0:dd:77:a9:3f:a9:68:8e:55:31:1e:7f:2d:91:81:
9b:16:5c:e1:23:a3:7c:7d:7d:6e:99:f5:2f:9d:06:
c2:17:77:21:9c:24:6b:a2:76:f2:0e:aa:57:86:cd:
5d:d4:fe:8f:1c:f1:6c:60:22:84:9a:f5:f5:e9:5b:
39:2f:45:a7:ef:aa:cc:1f:4a:16:b3:52:9c:f3:10:
96:f4:d7:a3:79:e8:04:56:21:3f:46:dd:23:55:fe:
42:50:74:58:49:4b:d4:ab:b0:b3:ec:84:be:de:70:
27:3b:33:b3:eb:66:fe:db:c7:db:94:de:ae:f3:a1:
72:8b:f7:c3:d4:33:48:52:56:31:1b:a7:7e:8c:d8:
2f:7d:ee:94:c9:90:4c:28:0d:17:a7:35:fe:7d:9d:
9a:bf:e3:54:d7:2e:9f:21:36:7d:3f:6f:ce:c3:7b:
29:2c:cf:84:07:d6:57:cf:65:30:89:4d:3a:6d:26:
fe:57:f7:7a:47:e2:db:82:e3:ad:36:93:82:f0:ed:
30:df:31:38:8f:d8:65:b5:40:3b:64:44:aa:04:f6:
2a:98:24:a6:80:b5:c7:fc:66:04:14:90:53:0b:6b:
e0:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:85:72:23:0E:9C:A9:38:09:06:67:42:A9:50:47:A7:E0:3B:F4:16
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/RoVyIw6cqTgJBmdCqVBHp-A79BY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.14.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:a2:cf:ef:fb:89:3c:4d:5a:a6:f6:0b:8f:2f:b1:9a:07:82:
ff:58:cf:50:e4:06:93:53:7c:5d:ab:1c:bf:39:ce:e9:b6:b9:
74:c7:de:3e:08:c9:da:76:7b:6f:44:e6:8f:ab:a3:26:b8:fb:
67:44:49:f8:46:9f:0a:02:2c:fa:78:3a:be:91:5a:65:5c:22:
2f:31:bd:74:36:30:ab:90:7c:2d:97:a4:02:b1:75:8f:c9:fb:
1e:2b:65:39:99:bd:b6:76:e3:04:c6:fa:30:f1:11:0a:66:3a:
84:d0:20:fb:60:eb:a6:3a:71:c6:ef:48:4c:26:62:0b:5d:f8:
ba:1e:f2:7b:e0:2d:14:a3:39:99:48:7f:f9:7f:aa:2f:79:da:
60:2d:7a:29:e2:04:2e:18:58:30:f6:9e:46:09:cf:1c:f7:c1:
40:6c:78:b7:0f:66:d1:1c:65:00:21:c1:52:f5:5e:51:df:8b:
19:5e:f9:c3:df:da:63:82:02:6f:0a:3d:61:1b:8f:22:d4:61:
71:a3:6b:63:6b:5c:9e:40:c0:f7:f6:23:c8:9b:52:a6:05:03:
3f:3a:f2:aa:48:94:fb:b7:44:6e:04:bc:3d:26:d9:dc:dc:dd:
c7:18:4a:fd:0e:3d:8c:6b:5a:fc:e7:8b:e8:4b:02:8e:99:69:
7a:ca:1b:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYte3EfVJVlZ3saZMp8eOI/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjA3MjAwNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Njg1NzIyMzBlOWNhOTM4MDkwNjY3NDJhOTUwNDdhN2UwM2JmNDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMlh4xs5VS/hE3nq1za2v8ycX+PZ
r88yDHUlmKTg3XepP6lojlUxHn8tkYGbFlzhI6N8fX1umfUvnQbCF3chnCRronby
DqpXhs1d1P6PHPFsYCKEmvX16Vs5L0Wn76rMH0oWs1Kc8xCW9NejeegEViE/Rt0j
Vf5CUHRYSUvUq7Cz7IS+3nAnOzOz62b+28fblN6u86Fyi/fD1DNIUlYxG6d+jNgv
fe6UyZBMKA0XpzX+fZ2av+NU1y6fITZ9P2/Ow3spLM+EB9ZXz2UwiU06bSb+V/d6
R+LbguOtNpOC8O0w3zE4j9hltUA7ZESqBPYqmCSmgLXH/GYEFJBTC2vgbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEaFciMOnKk4CQZnQqlQR6fgO/QWMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUm9WeUl3NmNxVGdKQm1kQ3FWQkhwLUE3OUJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSEOMA0G
CSqGSIb3DQEBCwUAA4IBAQA7os/v+4k8TVqm9guPL7GaB4L/WM9Q5AaTU3xdqxy/
Oc7ptrl0x94+CMnadntvROaPq6MmuPtnREn4Rp8KAiz6eDq+kVplXCIvMb10NjCr
kHwtl6QCsXWPyfseK2U5mb22duMExvow8REKZjqE0CD7YOumOnHG70hMJmILXfi6
HvJ74C0UozmZSH/5f6ovedpgLXop4gQuGFgw9p5GCc8c98FAbHi3D2bRHGUAIcFS
9V5R34sZXvnD39pjggJvCj1hG48i1GFxo2tja1yeQMD39iPIm1KmBQM/OvKqSJT7
t0RuBLw9Jtnc3N3HGEr9Dj2Ma1r854voSwKOmWl6yhue
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:46 2024 by rpki-client on console-fra.rpki-client.org