Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/dJBihmcU6ocp1H9xqpGa_iA47Dg.roa
File: dJBihmcU6ocp1H9xqpGa_iA47Dg.roa (raw, json)
Hash identifier: GAHoQo2SJEeg3T22XD34oTRYXX1jYvyrtsVIvU/0D9M=
Subject key identifier: 74:90:62:86:67:14:EA:87:29:D4:7F:71:AA:91:9A:FE:20:38:EC:38
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01863556D6D95CDB39878F7B500D29CA863C
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/dJBihmcU6ocp1H9xqpGa_iA47Dg.roa
Signing time: Thu 09 Feb 2023 08:42:08 +0000
ROA not before: Thu 09 Feb 2023 08:42:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7411
IP address blocks: 92.114.84.0/24 maxlen: 24
89.36.22.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
188.240.233.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:35:56:d6:d9:5c:db:39:87:8f:7b:50:0d:29:ca:86:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 9 08:42:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=749062866714ea8729d47f71aa919afe2038ec38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e3:c7:47:f4:01:13:ea:b1:bc:92:37:c8:27:
5c:d8:6b:bc:68:15:39:96:c5:15:d5:5e:4b:6b:91:
06:bd:74:7e:38:6a:0b:99:28:eb:54:05:21:bc:e8:
82:92:f7:3a:dc:9f:c1:9a:1e:a7:44:a9:78:06:af:
b7:39:11:17:b2:67:1e:d3:5f:57:ae:5d:39:9f:f6:
39:7f:c7:f2:85:e1:10:2e:fc:89:b1:a7:fa:3b:a4:
d1:35:fe:42:c7:95:7d:3a:0b:7b:30:e8:43:f5:a9:
3c:0b:6f:92:b1:3f:95:77:26:6a:f9:0b:df:3e:d3:
73:54:f6:ce:ef:31:7f:01:19:09:bf:f8:82:e2:ff:
5e:fc:22:f9:ed:dd:20:05:e5:3e:77:dc:5b:e8:6f:
b0:6f:4d:99:25:a5:0c:19:9e:0f:c3:2e:52:2e:16:
31:c1:76:39:30:2f:b2:6d:51:a0:d3:e1:2b:5b:38:
4d:83:58:c5:ed:32:09:85:8f:0b:d9:2a:9e:66:6f:
bd:b1:ff:ee:a9:f1:fe:35:a9:e1:0d:59:09:55:56:
b6:75:c4:b1:ab:c1:85:17:8c:f0:11:35:71:da:16:
92:d8:2f:d9:93:7d:56:de:6a:c2:63:2d:d6:bc:b6:
ad:07:46:16:ff:ee:28:74:57:30:5e:4a:62:68:f2:
0f:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:90:62:86:67:14:EA:87:29:D4:7F:71:AA:91:9A:FE:20:38:EC:38
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/dJBihmcU6ocp1H9xqpGa_iA47Dg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.85.0/24
89.36.22.0/24
92.114.84.0/24
188.240.233.0/24
Signature Algorithm: sha256WithRSAEncryption
41:8e:f7:64:d2:ee:9a:5a:77:50:97:b5:64:63:f1:c5:bd:c3:
d6:76:95:6f:7c:cc:0b:52:f7:7f:e6:f4:64:ca:f5:2c:39:31:
c9:6a:bd:43:73:d2:e9:f4:b8:2f:06:5a:cd:d5:cb:a2:cb:39:
3f:cd:cb:8b:31:ef:59:26:ae:80:43:63:02:13:bc:ae:1b:a1:
7a:50:c8:6c:80:cd:da:83:7c:14:29:06:07:40:ac:05:ac:15:
df:51:61:4b:6b:8b:00:ea:25:c9:5e:93:4f:4a:68:df:9b:17:
3b:f1:11:08:01:e8:7b:f7:39:01:13:ad:f0:de:cc:6f:8c:bc:
30:04:c4:ef:ec:93:9c:8b:50:d8:c6:59:2b:2f:48:91:71:6a:
d1:eb:41:25:30:b1:99:e9:31:96:7c:b7:18:42:49:f8:51:38:
92:1d:a9:34:cf:a4:4d:6c:cc:de:1b:c6:f3:9c:82:59:22:f5:
d2:d6:80:9d:59:8f:b4:d8:3a:0e:63:a9:0c:c0:df:74:98:af:
53:56:37:fa:4a:37:74:e4:a5:1c:c5:36:33:93:9f:87:38:bb:
01:78:7e:ce:da:32:31:e6:e5:bc:b8:07:45:3c:df:6d:46:e4:
9a:bb:23:34:19:e9:6c:90:7a:6a:ed:da:35:9e:b6:36:e8:69:
e0:32:dd:7e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYY1VtbZXNs5h497UA0pyoY8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjA5MDg0MjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDkwNjI4NjY3MTRlYTg3MjlkNDdmNzFhYTkxOWFmZTIwMzhlYzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguPHR/QBE+qxvJI3yCdc2Gu8aBU5
lsUV1V5La5EGvXR+OGoLmSjrVAUhvOiCkvc63J/Bmh6nRKl4Bq+3OREXsmce019X
rl05n/Y5f8fyheEQLvyJsaf6O6TRNf5Cx5V9Ogt7MOhD9ak8C2+SsT+VdyZq+Qvf
PtNzVPbO7zF/ARkJv/iC4v9e/CL57d0gBeU+d9xb6G+wb02ZJaUMGZ4Pwy5SLhYx
wXY5MC+ybVGg0+ErWzhNg1jF7TIJhY8L2SqeZm+9sf/uqfH+NanhDVkJVVa2dcSx
q8GFF4zwETVx2haS2C/Zk31W3mrCYy3WvLatB0YW/+4odFcwXkpiaPIPAQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHSQYoZnFOqHKdR/caqRmv4gOOw4MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvZEpCaWhtY1U2b2NwMUg5eHFwR2FfaUE0N0RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWSFVAwQA
WSQWAwQAXHJUAwQAvPDpMA0GCSqGSIb3DQEBCwUAA4IBAQBBjvdk0u6aWndQl7Vk
Y/HFvcPWdpVvfMwLUvd/5vRkyvUsOTHJar1Dc9Lp9LgvBlrN1cuiyzk/zcuLMe9Z
Jq6AQ2MCE7yuG6F6UMhsgM3ag3wUKQYHQKwFrBXfUWFLa4sA6iXJXpNPSmjfmxc7
8REIAeh79zkBE63w3sxvjLwwBMTv7JOci1DYxlkrL0iRcWrR60ElMLGZ6TGWfLcY
Qkn4UTiSHak0z6RNbMzeG8bznIJZIvXS1oCdWY+02DoOY6kMwN90mK9TVjf6Sjd0
5KUcxTYzk5+HOLsBeH7O2jIx5uW8uAdFPN9tRuSauyM0GelskHpq7do1nrY26Gng
Mt1+
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:55 2023 by rpki-client on console-ams.rpki-client.org