Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/dbETZB1L_n2kCsOceYpMHKqoEgU.roa
File: dbETZB1L_n2kCsOceYpMHKqoEgU.roa (raw, json)
Hash identifier: VAUk2bXoGNo3SHfo3bJYlh9cVpOK2i6A1CrL6kP5JMs=
Subject key identifier: 75:B1:13:64:1D:4B:FE:7D:A4:0A:C3:9C:79:8A:4C:1C:AA:A8:12:05
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018AF196E228A9435144D0FB82C04A2B1EC2
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/dbETZB1L_n2kCsOceYpMHKqoEgU.roa
Signing time: Mon 02 Oct 2023 18:11:51 +0000
ROA not before: Mon 02 Oct 2023 18:11:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 89.35.155.0/24 maxlen: 24
188.240.68.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f1:96:e2:28:a9:43:51:44:d0:fb:82:c0:4a:2b:1e:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 2 18:11:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75b113641d4bfe7da40ac39c798a4c1caaa81205
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:65:a8:5f:d8:5a:50:ae:ff:02:c2:0c:5a:03:
6b:30:19:d5:95:1b:10:34:a2:81:26:83:dd:8b:3c:
57:b1:18:df:a5:36:cc:ee:13:e0:6b:c7:22:6f:e1:
42:59:4d:95:f2:3e:b3:b3:bc:24:e0:2b:5a:d7:1b:
23:1f:50:40:d7:61:0f:66:69:7d:f3:68:88:5c:90:
36:63:12:93:93:28:a2:76:ed:fb:b3:cc:13:90:12:
c7:84:cd:76:e3:02:eb:42:8b:e4:6b:0f:77:1a:0b:
9b:b4:a1:7b:aa:64:bf:79:e0:cc:90:38:06:25:34:
c0:ea:bb:da:77:3b:bc:52:72:32:16:e2:e1:48:c3:
ee:db:0d:53:75:8b:af:56:f2:28:fb:a0:6e:71:fb:
86:fe:5a:9a:65:cb:1d:0c:44:97:7c:b1:80:a8:0d:
f7:f3:00:32:5f:39:ba:29:64:1b:a0:30:3d:85:ce:
67:cb:fc:82:47:db:ce:de:b1:63:36:1e:07:f2:73:
92:48:64:e7:b9:6d:91:c6:0e:7a:5a:15:43:8e:bb:
d6:59:11:c2:d4:1a:8e:ce:b9:a3:7e:35:58:bf:ec:
79:89:87:63:84:00:2a:06:ff:17:e8:80:7d:81:0c:
91:4f:12:e2:16:62:ed:80:c6:82:2f:3c:b1:ec:ce:
20:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:B1:13:64:1D:4B:FE:7D:A4:0A:C3:9C:79:8A:4C:1C:AA:A8:12:05
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/dbETZB1L_n2kCsOceYpMHKqoEgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.155.0/24
188.240.68.0/24
Signature Algorithm: sha256WithRSAEncryption
79:28:c5:4d:45:63:af:59:a3:0d:ff:69:91:ff:a2:0c:f2:1c:
fa:7a:79:31:04:7b:fd:8c:42:a2:47:12:b2:96:f3:08:ac:dc:
1b:39:5f:8d:a2:a0:e0:4b:16:4a:5c:94:cf:47:bf:b9:a4:e8:
86:df:d8:e1:fc:1c:17:60:4d:30:85:02:cd:ad:c1:90:c5:06:
8e:1e:96:37:0d:33:dd:99:77:98:c5:7c:48:b3:53:06:3b:af:
6b:ff:51:c9:eb:a2:f9:22:e9:a7:11:3b:db:8c:8a:d1:8c:7a:
78:56:77:fc:3f:b2:3c:cb:fb:ed:a5:4e:32:30:af:dc:b0:2c:
cf:e5:bf:be:b3:23:aa:e7:4d:38:a9:a9:ec:e0:29:1b:59:78:
e6:26:05:14:90:0b:db:e5:2f:4f:96:71:4e:48:46:9a:27:a7:
80:8f:2c:60:fc:f6:8f:c7:9b:45:5d:f6:0a:e8:04:c8:40:4a:
75:79:e5:7a:94:01:e1:36:fe:b3:55:42:b9:63:e2:42:e3:17:
21:5f:d5:c1:51:5d:b5:16:b3:55:6c:4a:07:a8:82:2f:a2:a4:
91:7f:83:33:44:9f:ce:b4:0d:f6:5b:9e:9e:65:dd:10:09:fd:
c6:2a:ba:ab:e5:a3:fc:42:2f:db:7f:32:a5:e7:8b:51:84:6b:
0e:79:22:39
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrxluIoqUNRRND7gsBKKx7CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDAyMTgxMTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWIxMTM2NDFkNGJmZTdkYTQwYWMzOWM3OThhNGMxY2FhYTgxMjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGWoX9haUK7/AsIMWgNrMBnVlRsQ
NKKBJoPdizxXsRjfpTbM7hPga8cib+FCWU2V8j6zs7wk4Cta1xsjH1BA12EPZml9
82iIXJA2YxKTkyiidu37s8wTkBLHhM124wLrQovkaw93GgubtKF7qmS/eeDMkDgG
JTTA6rvadzu8UnIyFuLhSMPu2w1TdYuvVvIo+6BucfuG/lqaZcsdDESXfLGAqA33
8wAyXzm6KWQboDA9hc5ny/yCR9vO3rFjNh4H8nOSSGTnuW2Rxg56WhVDjrvWWRHC
1BqOzrmjfjVYv+x5iYdjhAAqBv8X6IB9gQyRTxLiFmLtgMaCLzyx7M4g2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHWxE2QdS/59pArDnHmKTByqqBIFMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvZGJFVFpCMUxfbjJrQ3NPY2VZcE1IS3FvRWdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSObAwQA
vPBEMA0GCSqGSIb3DQEBCwUAA4IBAQB5KMVNRWOvWaMN/2mR/6IM8hz6enkxBHv9
jEKiRxKylvMIrNwbOV+NoqDgSxZKXJTPR7+5pOiG39jh/BwXYE0whQLNrcGQxQaO
HpY3DTPdmXeYxXxIs1MGO69r/1HJ66L5IumnETvbjIrRjHp4Vnf8P7I8y/vtpU4y
MK/csCzP5b++syOq5004qans4CkbWXjmJgUUkAvb5S9PlnFOSEaaJ6eAjyxg/PaP
x5tFXfYK6ATIQEp1eeV6lAHhNv6zVUK5Y+JC4xchX9XBUV21FrNVbEoHqIIvoqSR
f4MzRJ/OtA32W56eZd0QCf3GKrqr5aP8Qi/bfzKl54tRhGsOeSI5
-----END CERTIFICATE-----
Generated at Thu Oct 5 05:33:15 2023 by rpki-client on console-ams.rpki-client.org