Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aUc2t8wCsgtObS-z6NZELWpawzA.roa
File: aUc2t8wCsgtObS-z6NZELWpawzA.roa (raw, json)
Hash identifier: fhRoQWE5kgCcI6t9H6nl5K8jNyk+enbsSYuPWYXSFew=
Subject key identifier: 69:47:36:B7:CC:02:B2:0B:4E:6D:2F:B3:E8:D6:44:2D:6A:5A:C3:30
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0192A8C5051257B7C3677F9F1AB4D5A9BC58
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aUc2t8wCsgtObS-z6NZELWpawzA.roa
Signing time: Sun 20 Oct 2024 07:12:17 +0000
ROA not before: Sun 20 Oct 2024 07:12:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 89.43.199.0/24 maxlen: 24
103.212.81.0/24 maxlen: 24
185.121.122.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 20 Oct 2024 10:13:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:a8:c5:05:12:57:b7:c3:67:7f:9f:1a:b4:d5:a9:bc:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 20 07:12:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=694736b7cc02b20b4e6d2fb3e8d6442d6a5ac330
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:6e:15:42:f0:20:c5:7f:be:0d:e3:b5:d5:ef:
31:28:1c:e7:6f:9e:2b:87:38:dd:06:de:c0:67:9d:
56:17:99:94:31:8e:58:a4:e5:f3:0e:25:1f:32:43:
90:06:82:2d:8d:b0:f8:1b:1b:df:51:d4:d3:23:b8:
0e:d8:ae:b3:4a:33:22:b5:d2:e7:02:2c:e0:63:0e:
12:05:ac:15:dd:76:b2:80:25:a1:2c:46:b1:61:16:
4c:e9:d1:20:2f:a6:49:4a:f0:9e:d8:06:ce:5e:1a:
50:d1:e3:04:f9:c9:70:e7:01:49:c0:3f:17:80:1b:
94:59:d1:93:8d:53:c6:d5:65:0a:74:76:20:ee:45:
f7:94:6b:62:f0:92:d6:23:3c:8d:90:50:de:f4:c0:
0b:33:8b:e9:15:5c:36:4e:13:7b:17:a5:1b:f9:2f:
08:fd:82:55:b9:42:ce:f1:e8:68:e9:6c:e0:82:49:
03:ed:fc:dc:9b:03:02:c8:6b:a9:03:79:6d:75:69:
f4:de:ff:c4:9e:32:1d:61:6e:30:d3:9e:62:f7:e0:
42:8e:13:45:71:99:34:62:4b:7f:1d:6e:2e:5c:db:
08:ed:43:3f:f4:13:76:9e:d1:94:ee:7b:ea:90:3b:
47:3b:fa:37:1f:8a:75:5d:d2:35:2c:34:2b:15:81:
9d:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:47:36:B7:CC:02:B2:0B:4E:6D:2F:B3:E8:D6:44:2D:6A:5A:C3:30
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aUc2t8wCsgtObS-z6NZELWpawzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.43.199.0/24
103.212.81.0/24
185.121.122.0/23
Signature Algorithm: sha256WithRSAEncryption
64:1c:87:42:62:db:03:03:96:53:a2:f7:0e:7b:e5:2b:3e:ee:
21:8b:12:ba:cf:de:40:33:08:ff:58:58:ff:6d:8e:1d:19:57:
92:1b:6d:d0:39:a9:42:aa:52:f4:24:e6:ff:c4:df:b0:bf:46:
a5:8a:ba:f3:0e:0f:cd:f6:7f:b0:05:ed:96:73:fb:d7:29:fd:
d4:4c:f7:4f:cc:ca:9f:a1:b1:6d:c0:f4:a7:b6:72:62:f4:1a:
fd:94:6b:48:6d:89:6f:d5:fa:22:c5:4c:9c:25:51:1d:dd:7e:
7a:7c:f1:a7:ed:a7:6d:eb:ae:3f:a8:7c:a4:34:40:5e:73:a4:
96:62:c5:75:8b:33:b5:4d:d3:cc:94:4c:9c:85:3d:39:07:a4:
1c:1e:ae:54:7d:32:b9:c3:ab:b1:00:12:e8:84:5b:c2:e1:90:
4b:db:2d:27:fb:40:ed:6f:e9:17:23:e9:38:94:8b:ec:1f:dd:
3e:df:45:d5:57:cd:70:dc:00:b2:b9:06:a8:9f:e0:30:91:d6:
60:2c:e7:3f:bd:ae:29:51:8e:30:6b:83:a6:a0:57:8b:2b:d2:
69:e6:8c:ef:83:cc:ea:9f:1c:64:62:85:d7:fe:f0:76:5a:46:
6c:03:59:74:e1:9a:da:36:44:cf:db:30:24:f3:fd:04:31:a0:
c6:3f:43:02
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZKoxQUSV7fDZ3+fGrTVqbxYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQxMDIwMDcxMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTQ3MzZiN2NjMDJiMjBiNGU2ZDJmYjNlOGQ2NDQyZDZhNWFjMzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjG4VQvAgxX++DeO11e8xKBznb54r
hzjdBt7AZ51WF5mUMY5YpOXzDiUfMkOQBoItjbD4GxvfUdTTI7gO2K6zSjMitdLn
AizgYw4SBawV3XaygCWhLEaxYRZM6dEgL6ZJSvCe2AbOXhpQ0eME+clw5wFJwD8X
gBuUWdGTjVPG1WUKdHYg7kX3lGti8JLWIzyNkFDe9MALM4vpFVw2ThN7F6Ub+S8I
/YJVuULO8eho6WzggkkD7fzcmwMCyGupA3ltdWn03v/EnjIdYW4w055i9+BCjhNF
cZk0Ykt/HW4uXNsI7UM/9BN2ntGU7nvqkDtHO/o3H4p1XdI1LDQrFYGdhwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGlHNrfMArILTm0vs+jWRC1qWsMwMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvYVVjMnQ4d0NzZ3RPYlMtejZOWkVMV3Bhd3pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSvHAwQA
Z9RRAwQBuXl6MA0GCSqGSIb3DQEBCwUAA4IBAQBkHIdCYtsDA5ZTovcOe+UrPu4h
ixK6z95AMwj/WFj/bY4dGVeSG23QOalCqlL0JOb/xN+wv0alirrzDg/N9n+wBe2W
c/vXKf3UTPdPzMqfobFtwPSntnJi9Br9lGtIbYlv1foixUycJVEd3X56fPGn7adt
664/qHykNEBec6SWYsV1izO1TdPMlEychT05B6QcHq5UfTK5w6uxABLohFvC4ZBL
2y0n+0Dtb+kXI+k4lIvsH90+30XVV81w3ACyuQaon+AwkdZgLOc/va4pUY4wa4Om
oFeLK9Jp5ozvg8zqnxxkYoXX/vB2WkZsA1l04ZraNkTP2zAk8/0EMaDGP0MC
Generated at Sun Oct 20 11:58:24 2024 by rpki-client on console-fra.rpki-client.org