Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/SJ4fO2Hha4xIdUwQ41LqgNmvN8c.roa
File: SJ4fO2Hha4xIdUwQ41LqgNmvN8c.roa (raw, json)
Hash identifier: ZpieCpWqjUKE25FhWVeR39DcPS/vO3cyIrTx+rVUPgQ=
Subject key identifier: 48:9E:1F:3B:61:E1:6B:8C:48:75:4C:10:E3:52:EA:80:D9:AF:37:C7
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01874B630AD70FB6F1DB76C764965EC80947
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/SJ4fO2Hha4xIdUwQ41LqgNmvN8c.roa
Signing time: Tue 04 Apr 2023 08:29:54 +0000
ROA not before: Tue 04 Apr 2023 08:29:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7411
IP address blocks: 89.36.22.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4b:63:0a:d7:0f:b6:f1:db:76:c7:64:96:5e:c8:09:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 4 08:29:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=489e1f3b61e16b8c48754c10e352ea80d9af37c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:fc:96:8f:72:64:88:f5:12:ca:21:a8:b5:11:
f4:44:46:9c:87:2b:17:12:e6:ce:80:9d:16:87:d2:
6c:d0:ad:8a:ae:e5:75:d9:56:2f:32:dc:d4:37:d5:
e0:0a:4c:1f:b0:8e:00:ba:b2:45:36:6c:12:ef:ea:
0d:33:c7:bd:ea:79:bd:51:ed:7a:01:d0:58:e7:fc:
61:bf:f5:18:54:f7:9b:e7:e2:0c:1f:87:36:54:27:
6d:8d:ba:a2:05:35:05:53:a7:e6:d1:5e:e1:64:58:
08:c9:63:b8:d3:dc:51:d5:f7:14:09:1a:08:ab:c2:
88:ae:e9:20:a2:56:b9:a6:c9:3b:5a:7d:58:a0:b3:
6f:d5:c5:df:ea:dd:d5:34:1a:48:01:1c:99:63:56:
b3:30:75:6d:4b:0c:f6:31:40:1e:af:9c:41:48:0f:
94:cf:d9:98:e8:75:bc:16:38:48:0a:e0:3c:23:f4:
07:eb:65:bf:c5:04:57:b0:97:c6:d1:55:d3:d9:03:
3a:81:fe:1f:fa:a6:25:b3:52:fd:d3:c9:91:b6:f4:
cb:ff:aa:e4:26:13:d0:d1:9e:72:c1:1d:fc:24:7e:
57:eb:9a:1f:88:a4:c0:9e:7d:ea:58:fa:05:86:6b:
53:f4:47:bc:ad:c3:21:85:52:23:f9:98:77:05:14:
a8:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:9E:1F:3B:61:E1:6B:8C:48:75:4C:10:E3:52:EA:80:D9:AF:37:C7
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/SJ4fO2Hha4xIdUwQ41LqgNmvN8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.85.0/24
89.36.22.0/24
188.240.232.0/23
Signature Algorithm: sha256WithRSAEncryption
38:64:77:c7:5e:ea:59:f5:60:93:dd:d3:cd:11:e1:66:b1:cc:
1e:0c:4b:9d:bf:33:b7:c3:bf:08:ae:e1:25:af:9b:48:c6:22:
d6:01:ec:8e:f4:28:7d:90:bb:66:46:e8:63:d6:ba:39:b9:a8:
b7:c3:f7:76:02:69:fb:a0:40:0d:c2:0d:8f:db:2e:53:23:b6:
8e:74:0f:78:8c:0a:b1:0d:ca:58:28:74:be:56:23:53:3a:d3:
4b:c1:de:61:3f:fa:a7:03:b5:57:d9:62:3c:c4:6e:57:6e:05:
c7:84:07:ed:0b:4b:62:ba:d8:2c:b9:f9:07:d4:91:4b:a9:71:
2f:2a:a5:7e:68:a7:fa:19:e0:24:32:f4:28:33:63:50:e3:26:
2d:08:8c:aa:8a:3b:b2:ab:77:1b:db:d4:89:3d:06:5d:a7:95:
64:da:c4:6f:cf:b2:43:1b:d1:36:46:c2:d0:4a:e7:39:1a:b3:
49:d4:d4:a0:c4:dd:e8:b4:18:47:8f:21:84:a0:48:7a:74:9c:
e6:75:2e:f0:49:36:6d:84:eb:52:8e:8d:ca:89:3f:20:87:c9:
2d:b3:87:d5:a1:21:55:c8:33:36:96:d9:6e:b2:62:43:c8:be:
0e:8b:c1:2b:6a:8a:54:8a:7c:7f:ca:73:49:1f:4a:bc:b2:ad:
f2:5a:a8:ae
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYdLYwrXD7bx23bHZJZeyAlHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDA0MDgyOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODllMWYzYjYxZTE2YjhjNDg3NTRjMTBlMzUyZWE4MGQ5YWYzN2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfyWj3JkiPUSyiGotRH0REachysX
EubOgJ0Wh9Js0K2KruV12VYvMtzUN9XgCkwfsI4AurJFNmwS7+oNM8e96nm9Ue16
AdBY5/xhv/UYVPeb5+IMH4c2VCdtjbqiBTUFU6fm0V7hZFgIyWO409xR1fcUCRoI
q8KIrukgola5psk7Wn1YoLNv1cXf6t3VNBpIARyZY1azMHVtSwz2MUAer5xBSA+U
z9mY6HW8FjhICuA8I/QH62W/xQRXsJfG0VXT2QM6gf4f+qYls1L908mRtvTL/6rk
JhPQ0Z5ywR38JH5X65ofiKTAnn3qWPoFhmtT9Ee8rcMhhVIj+Zh3BRSoNQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEieHzth4WuMSHVMEONS6oDZrzfHMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvU0o0Zk8ySGhhNHhJZFV3UTQxTHFnTm12TjhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSFVAwQA
WSQWAwQBvPDoMA0GCSqGSIb3DQEBCwUAA4IBAQA4ZHfHXupZ9WCT3dPNEeFmscwe
DEudvzO3w78IruElr5tIxiLWAeyO9Ch9kLtmRuhj1ro5uai3w/d2Amn7oEANwg2P
2y5TI7aOdA94jAqxDcpYKHS+ViNTOtNLwd5hP/qnA7VX2WI8xG5XbgXHhAftC0ti
utgsufkH1JFLqXEvKqV+aKf6GeAkMvQoM2NQ4yYtCIyqijuyq3cb29SJPQZdp5Vk
2sRvz7JDG9E2RsLQSuc5GrNJ1NSgxN3otBhHjyGEoEh6dJzmdS7wSTZthOtSjo3K
iT8gh8kts4fVoSFVyDM2ltlusmJDyL4Oi8EraopUinx/ynNJH0q8sq3yWqiu
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:55 2023 by rpki-client on console-ams.rpki-client.org