Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Spz4S1K0VffBd6IqK2X4YANmJpM.roa
File: Spz4S1K0VffBd6IqK2X4YANmJpM.roa (raw, json)
Hash identifier: HOIwYVbBc0Up6emdcMiTKUi01C1PXZWBJXkN7wimOQA=
Subject key identifier: 4A:9C:F8:4B:52:B4:55:F7:C1:77:A2:2A:2B:65:F8:60:03:66:26:93
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0186E0309C1DBB9704800A225E02CD9B69E1
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Spz4S1K0VffBd6IqK2X4YANmJpM.roa
Signing time: Tue 14 Mar 2023 12:55:27 +0000
ROA not before: Tue 14 Mar 2023 12:55:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 89.38.136.0/24 maxlen: 24
91.217.250.0/24 maxlen: 24
91.217.249.0/24 maxlen: 24
45.89.32.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e0:30:9c:1d:bb:97:04:80:0a:22:5e:02:cd:9b:69:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 14 12:55:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a9cf84b52b455f7c177a22a2b65f86003662693
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:43:ec:9e:80:69:05:d2:fd:69:c7:21:4d:f9:
a3:7f:48:00:ac:88:df:a5:54:53:b9:97:4f:38:75:
e7:f0:fe:e4:b1:eb:a9:4a:6f:57:7a:4d:9c:e1:93:
83:c1:8e:8d:0a:62:b5:07:ec:75:1f:41:14:10:d1:
5d:05:e6:64:9d:b3:4e:bb:fc:0e:9e:0f:b9:a9:8a:
f4:47:63:2d:c9:0f:3a:b2:7b:db:2c:aa:2d:2d:34:
c7:04:b7:82:d8:b1:cb:36:c1:1d:2d:f2:e4:57:60:
9b:cf:51:31:58:72:04:37:ce:f7:f6:34:60:0d:9e:
54:07:dc:51:7e:63:6e:d6:80:4c:79:bd:a9:be:d3:
08:9b:02:8a:6d:0f:ca:2e:63:e2:77:17:37:60:d3:
35:13:17:b9:9f:78:aa:6b:b6:20:71:55:4b:2b:e7:
ce:d6:28:22:f9:5a:45:af:2f:41:34:bc:f1:e1:02:
42:85:87:c8:f5:78:79:eb:1d:fa:36:14:9d:12:a9:
05:54:64:f5:bd:e2:1e:f8:8f:80:e4:d2:d2:5a:42:
71:d3:7f:d8:57:2b:b7:b9:12:01:25:87:84:9c:8c:
77:b9:9e:23:05:00:74:f2:7a:09:f2:86:9b:b5:71:
96:78:ab:98:76:16:5f:ba:dd:4e:6d:02:05:c3:06:
d9:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:9C:F8:4B:52:B4:55:F7:C1:77:A2:2A:2B:65:F8:60:03:66:26:93
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Spz4S1K0VffBd6IqK2X4YANmJpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.32.0/22
89.38.136.0/24
91.217.249.0-91.217.250.255
Signature Algorithm: sha256WithRSAEncryption
2c:93:4b:ed:17:24:15:00:99:e4:bb:81:73:b8:53:4e:e8:93:
98:08:2a:92:2b:a5:65:cf:7f:03:a3:d4:3c:ea:ed:70:5f:f0:
44:c0:34:73:c7:f5:bd:dc:2c:bd:90:33:7b:26:f0:17:1f:f4:
0e:12:c7:3e:16:5c:58:0c:8e:18:85:6b:0c:4b:ff:88:3a:90:
6e:78:17:92:01:d5:11:7f:c2:38:3c:14:e0:80:9d:5f:a3:5d:
1e:f4:17:f7:44:27:d7:cf:41:94:de:90:f4:5a:93:54:04:de:
0c:3c:07:a3:6f:7b:3e:ca:80:ce:99:75:50:73:f7:7c:e0:f0:
ef:c0:f7:7e:fb:ef:3e:13:fc:90:6a:1a:72:9c:8b:58:86:43:
39:fe:c3:1f:66:98:3e:61:17:89:a9:f0:bf:e8:8c:25:28:64:
bd:16:38:2a:58:c9:32:d1:e3:8d:05:cb:e8:fb:e8:37:5c:73:
5d:9e:64:a8:36:a3:ba:95:62:72:ab:f0:33:ae:e5:5c:7c:25:
20:9b:64:ba:20:44:7e:74:b5:86:e9:95:33:c8:69:cc:60:b1:
47:c1:6e:6e:24:d6:aa:5a:db:67:8a:c4:87:3f:9a:31:56:a5:
41:58:ba:14:0e:35:93:a4:9c:81:89:be:5f:dd:5b:79:9f:eb:
bd:ca:51:70
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYbgMJwdu5cEgAoiXgLNm2nhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzE0MTI1NTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTljZjg0YjUyYjQ1NWY3YzE3N2EyMmEyYjY1Zjg2MDAzNjYyNjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0PsnoBpBdL9acchTfmjf0gArIjf
pVRTuZdPOHXn8P7kseupSm9Xek2c4ZODwY6NCmK1B+x1H0EUENFdBeZknbNOu/wO
ng+5qYr0R2MtyQ86snvbLKotLTTHBLeC2LHLNsEdLfLkV2Cbz1ExWHIEN8739jRg
DZ5UB9xRfmNu1oBMeb2pvtMImwKKbQ/KLmPidxc3YNM1Exe5n3iqa7YgcVVLK+fO
1igi+VpFry9BNLzx4QJChYfI9Xh56x36NhSdEqkFVGT1veIe+I+A5NLSWkJx03/Y
Vyu3uRIBJYeEnIx3uZ4jBQB08noJ8oabtXGWeKuYdhZfut1ObQIFwwbZbQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEqc+EtStFX3wXeiKitl+GADZiaTMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvU3B6NFMxSzBWZmZCZDZJcUsyWDRZQU5tSnBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCLVkgAwQA
WSaIMAwDBABb2fkDBABb2fowDQYJKoZIhvcNAQELBQADggEBACyTS+0XJBUAmeS7
gXO4U07ok5gIKpIrpWXPfwOj1Dzq7XBf8ETANHPH9b3cLL2QM3sm8Bcf9A4Sxz4W
XFgMjhiFawxL/4g6kG54F5IB1RF/wjg8FOCAnV+jXR70F/dEJ9fPQZTekPRak1QE
3gw8B6Nvez7KgM6ZdVBz93zg8O/A93777z4T/JBqGnKci1iGQzn+wx9mmD5hF4mp
8L/ojCUoZL0WOCpYyTLR440Fy+j76Ddcc12eZKg2o7qVYnKr8DOu5Vx8JSCbZLog
RH50tYbplTPIacxgsUfBbm4k1qpa22eKxIc/mjFWpUFYuhQONZOknIGJvl/dW3mf
673KUXA=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:55 2023 by rpki-client on console-ams.rpki-client.org