Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/UrAbQBicQB479sA3gqErjy2iFUM.roa
File: UrAbQBicQB479sA3gqErjy2iFUM.roa (raw, json)
Hash identifier: 0iyghXKe6ODz9dMvZlI8NsggTSoZSXu/rNbCyO9E6eY=
Subject key identifier: 52:B0:1B:40:18:9C:40:1E:3B:F6:C0:37:82:A1:2B:8F:2D:A2:15:43
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0192953689068E396EF194AFA73788358EEA
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/UrAbQBicQB479sA3gqErjy2iFUM.roa
Signing time: Wed 16 Oct 2024 12:03:52 +0000
ROA not before: Wed 16 Oct 2024 12:03:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 89.43.199.0/24 maxlen: 24
185.121.122.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 20 Oct 2024 07:12:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:95:36:89:06:8e:39:6e:f1:94:af:a7:37:88:35:8e:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 16 12:03:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52b01b40189c401e3bf6c03782a12b8f2da21543
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:3a:dd:b3:ad:42:46:d2:ae:51:37:07:9a:cc:
43:9f:1f:8f:70:9f:61:e3:ca:b1:c3:e0:4f:8f:25:
71:b4:59:01:55:39:0c:56:08:63:59:de:11:1b:c9:
c4:f7:e6:c0:00:a3:c2:d5:d8:8d:ee:cb:90:db:27:
2c:4b:83:eb:19:34:bd:c8:62:5e:49:97:e3:3a:f3:
e0:98:0c:ef:e2:32:8e:c3:e2:e1:fc:97:7f:ac:bf:
51:cd:d2:e7:98:5e:cc:3f:0e:55:d3:7a:df:24:e5:
19:9a:08:20:d7:5a:56:04:d0:64:5d:69:73:f6:d7:
2a:17:bd:fc:27:41:b8:01:15:a5:84:ec:ea:5c:cd:
1e:ed:fb:51:ee:5b:39:07:46:86:af:60:62:53:21:
97:f4:fa:a7:76:2c:8d:5a:7e:49:00:a2:b3:0f:66:
b2:91:53:9c:5b:43:01:55:42:fd:20:3e:26:dc:fb:
df:df:03:0a:a4:ca:3f:92:24:be:6a:83:d7:25:d9:
ea:40:e6:3e:7a:33:de:6e:47:7d:bf:c3:a3:11:db:
7d:e7:57:9a:0b:62:42:59:1a:26:22:55:35:5a:3c:
67:06:1b:82:6a:53:16:64:ab:d8:f0:f9:83:45:54:
93:20:5b:91:11:ee:3c:7d:f7:19:db:a4:e5:69:1e:
6d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B0:1B:40:18:9C:40:1E:3B:F6:C0:37:82:A1:2B:8F:2D:A2:15:43
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/UrAbQBicQB479sA3gqErjy2iFUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.43.199.0/24
185.121.122.0/23
Signature Algorithm: sha256WithRSAEncryption
13:59:a4:f2:97:61:30:d2:f9:36:2b:b9:ca:03:c4:41:d6:4a:
66:e8:a9:dc:41:57:51:de:04:01:66:96:8d:e4:51:4a:18:b0:
c4:e3:7a:19:22:c9:10:88:f2:e7:b3:9a:25:cf:aa:9e:fc:e7:
14:ce:19:7b:37:19:48:d0:4e:34:b5:4d:e9:6a:79:28:59:aa:
6a:9d:5b:e8:10:85:0a:48:76:07:3e:c7:dc:34:0b:f0:8d:b8:
31:d8:f7:b1:1d:a0:b2:91:c3:53:45:ad:22:53:2e:70:5b:76:
f0:9f:35:0d:ed:4d:0c:15:64:3a:78:8d:e5:6d:87:76:c8:f4:
53:fa:ff:80:05:82:71:af:fb:00:5b:18:c0:00:f1:5e:28:23:
01:21:2f:d6:42:c3:ef:d5:87:d3:4e:74:a5:6f:9c:5c:02:8d:
b3:b3:0a:82:4f:d0:9b:b6:f5:3d:f4:2b:59:70:35:8d:e1:7b:
1e:70:b9:21:c7:c4:56:33:1e:1c:24:fd:de:d5:00:f6:76:5d:
79:f2:87:60:78:40:cc:e6:fd:6b:32:37:03:98:10:d2:da:e9:
ea:4d:48:2b:1d:2a:b9:65:70:f3:cb:44:96:e2:10:bf:79:ad:
5c:47:a0:9a:2d:02:57:ba:58:4f:cc:6b:a8:3c:eb:90:d1:89:
44:12:ee:0b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZKVNokGjjlu8ZSvpzeINY7qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQxMDE2MTIwMzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmIwMWI0MDE4OWM0MDFlM2JmNmMwMzc4MmExMmI4ZjJkYTIxNTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjrds61CRtKuUTcHmsxDnx+PcJ9h
48qxw+BPjyVxtFkBVTkMVghjWd4RG8nE9+bAAKPC1diN7suQ2ycsS4PrGTS9yGJe
SZfjOvPgmAzv4jKOw+Lh/Jd/rL9RzdLnmF7MPw5V03rfJOUZmggg11pWBNBkXWlz
9tcqF738J0G4ARWlhOzqXM0e7ftR7ls5B0aGr2BiUyGX9PqndiyNWn5JAKKzD2ay
kVOcW0MBVUL9ID4m3Pvf3wMKpMo/kiS+aoPXJdnqQOY+ejPebkd9v8OjEdt951ea
C2JCWRomIlU1WjxnBhuCalMWZKvY8PmDRVSTIFuREe48ffcZ26TlaR5tNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFKwG0AYnEAeO/bAN4KhK48tohVDMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVXJBYlFCaWNRQjQ3OXNBM2dxRXJqeTJpRlVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSvHAwQB
uXl6MA0GCSqGSIb3DQEBCwUAA4IBAQATWaTyl2Ew0vk2K7nKA8RB1kpm6KncQVdR
3gQBZpaN5FFKGLDE43oZIskQiPLns5olz6qe/OcUzhl7NxlI0E40tU3pankoWapq
nVvoEIUKSHYHPsfcNAvwjbgx2PexHaCykcNTRa0iUy5wW3bwnzUN7U0MFWQ6eI3l
bYd2yPRT+v+ABYJxr/sAWxjAAPFeKCMBIS/WQsPv1YfTTnSlb5xcAo2zswqCT9Cb
tvU99CtZcDWN4XsecLkhx8RWMx4cJP3e1QD2dl158odgeEDM5v1rMjcDmBDS2unq
TUgrHSq5ZXDzy0SW4hC/ea1cR6CaLQJXulhPzGuoPOuQ0YlEEu4L
-----END CERTIFICATE-----
Generated at Sun Oct 20 08:09:01 2024 by rpki-client on console-fra.rpki-client.org