Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/cbg975Baf6Wt4CsjP92chCxbcn0.roa
File: cbg975Baf6Wt4CsjP92chCxbcn0.roa (raw, json)
Hash identifier: 49ZTYz5cS67q4vbCpskwQyprr125tu6X0A8LjXU+kOI=
Subject key identifier: 71:B8:3D:EF:90:5A:7F:A5:AD:E0:2B:23:3F:DD:9C:84:2C:5B:72:7D
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0189829BCD382281282D9C2C821477C8D552
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/cbg975Baf6Wt4CsjP92chCxbcn0.roa
Signing time: Sun 23 Jul 2023 11:56:35 +0000
ROA not before: Sun 23 Jul 2023 11:56:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 93.114.195.0/24 maxlen: 24
89.46.92.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 24 Sep 2023 07:23:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:82:9b:cd:38:22:81:28:2d:9c:2c:82:14:77:c8:d5:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 23 11:56:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71b83def905a7fa5ade02b233fdd9c842c5b727d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:cf:4e:a2:68:bf:02:79:13:93:a4:5f:91:df:
df:d0:03:50:8f:f9:52:d4:0d:d6:eb:bb:6b:cc:c6:
48:02:b6:ca:be:99:c8:13:43:7f:47:ee:5a:39:f4:
a3:2d:5f:45:b9:35:ac:14:40:a5:fb:ed:fc:38:9f:
d8:9c:da:28:cf:00:53:97:8e:7c:ef:22:94:60:15:
02:eb:c3:ef:c9:b2:e7:a6:ea:21:74:e1:39:af:74:
b5:e1:9b:1a:c8:a9:9c:39:fe:fa:36:f5:7c:ac:b9:
f1:5f:73:5d:f8:12:f7:1d:5f:03:93:cc:e6:55:c3:
da:18:a8:9a:2f:41:18:67:2e:ea:16:32:26:4f:88:
ec:75:e7:1b:09:a7:e7:3d:72:24:3e:1c:ac:cc:a0:
78:07:87:c6:ba:47:3c:ae:09:fc:fa:ff:93:5b:90:
18:27:74:97:9e:bb:b1:d7:c0:21:0f:81:33:88:04:
2b:25:d0:ee:f1:e0:9b:0d:2e:7e:04:49:8e:66:7c:
08:b7:9a:85:af:54:be:88:ee:68:87:d9:fd:df:d1:
2d:5c:3e:a2:19:ae:ed:78:71:e4:45:49:4e:e8:fe:
8a:a3:08:31:76:1f:e0:d5:3f:e1:7b:26:20:f2:69:
ef:8f:6f:75:3f:5b:cb:f3:79:7a:b6:7c:f5:54:50:
e9:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:B8:3D:EF:90:5A:7F:A5:AD:E0:2B:23:3F:DD:9C:84:2C:5B:72:7D
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/cbg975Baf6Wt4CsjP92chCxbcn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.92.0/24
93.114.195.0/24
Signature Algorithm: sha256WithRSAEncryption
55:2c:73:bf:46:1f:ae:c2:22:03:b6:ab:48:70:09:16:26:ee:
f3:fd:3a:22:7b:1a:21:76:fa:84:1c:ae:d8:c7:57:02:bc:6d:
01:77:5b:e9:a1:0b:88:41:bd:4a:f0:c2:8d:62:c9:a6:47:c5:
a4:57:06:93:c6:af:00:50:63:a5:2a:5a:fb:34:75:49:fb:21:
98:c9:f3:c2:2b:ae:e6:8b:a4:de:aa:cc:d0:b5:63:8d:2e:95:
fb:22:3d:e0:d4:2e:5f:c4:63:15:98:18:ac:94:25:56:89:c3:
e4:e1:f1:90:06:b0:48:09:1e:67:ed:d7:e1:52:8b:ca:d4:da:
6b:ad:07:fb:c5:12:40:83:01:98:95:1c:88:16:7c:46:f5:33:
79:31:fa:a3:c2:c5:fd:b6:5b:db:6c:f7:6d:3c:0b:a7:7a:83:
e2:33:32:4a:1d:c4:27:4c:a7:71:93:81:16:14:29:09:02:e4:
ed:8a:2c:51:94:c6:4b:c0:2e:ea:05:4b:e3:ec:cd:0b:ab:02:
ea:c8:27:40:37:b9:8a:76:ab:2b:b3:e7:8e:e2:f7:f5:88:4a:
ee:f8:a2:21:0f:33:53:aa:64:45:a9:78:99:9a:09:54:7a:6d:
dd:0a:3e:ee:94:98:9b:c2:5c:70:33:c1:82:78:26:93:3c:a8:
e7:e3:e6:ac
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYmCm804IoEoLZwsghR3yNVSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzIzMTE1NjM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWI4M2RlZjkwNWE3ZmE1YWRlMDJiMjMzZmRkOWM4NDJjNWI3MjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyc9Oomi/AnkTk6Rfkd/f0ANQj/lS
1A3W67trzMZIArbKvpnIE0N/R+5aOfSjLV9FuTWsFECl++38OJ/YnNoozwBTl458
7yKUYBUC68PvybLnpuohdOE5r3S14ZsayKmcOf76NvV8rLnxX3Nd+BL3HV8Dk8zm
VcPaGKiaL0EYZy7qFjImT4jsdecbCafnPXIkPhyszKB4B4fGukc8rgn8+v+TW5AY
J3SXnrux18AhD4EziAQrJdDu8eCbDS5+BEmOZnwIt5qFr1S+iO5oh9n939EtXD6i
Ga7teHHkRUlO6P6Kowgxdh/g1T/heyYg8mnvj291P1vL83l6tnz1VFDpkwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHG4Pe+QWn+lreArIz/dnIQsW3J9MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvY2JnOTc1QmFmNld0NENzalA5MmNoQ3hiY24wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWS5cAwQA
XXLDMA0GCSqGSIb3DQEBCwUAA4IBAQBVLHO/Rh+uwiIDtqtIcAkWJu7z/Toiexoh
dvqEHK7Yx1cCvG0Bd1vpoQuIQb1K8MKNYsmmR8WkVwaTxq8AUGOlKlr7NHVJ+yGY
yfPCK67mi6TeqszQtWONLpX7Ij3g1C5fxGMVmBislCVWicPk4fGQBrBICR5n7dfh
UovK1NprrQf7xRJAgwGYlRyIFnxG9TN5MfqjwsX9tlvbbPdtPAuneoPiMzJKHcQn
TKdxk4EWFCkJAuTtiixRlMZLwC7qBUvj7M0LqwLqyCdAN7mKdqsrs+eO4vf1iEru
+KIhDzNTqmRFqXiZmglUem3dCj7ulJibwlxwM8GCeCaTPKjn4+as
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:12 2024 by rpki-client on console-ams.rpki-client.org