Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/dj003VPIhD25jHOa1R6PLxvBW2U.roa
File: dj003VPIhD25jHOa1R6PLxvBW2U.roa (raw, json)
Hash identifier: 7WIfmhGCkKck8F4zRbkJTrnCYlWDhp6h+ihBzL3tpa8=
Subject key identifier: 76:3D:34:DD:53:C8:84:3D:B9:8C:73:9A:D5:1E:8F:2F:1B:C1:5B:65
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01929536896BC817940BBD3D695C63735DAD
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/dj003VPIhD25jHOa1R6PLxvBW2U.roa
Signing time: Wed 16 Oct 2024 12:03:52 +0000
ROA not before: Wed 16 Oct 2024 12:03:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200017
IP address blocks: 89.35.159.0/24 maxlen: 24
92.114.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Nov 2024 13:06:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:95:36:89:6b:c8:17:94:0b:bd:3d:69:5c:63:73:5d:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 16 12:03:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=763d34dd53c8843db98c739ad51e8f2f1bc15b65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d5:f3:0a:92:8b:c8:af:8e:09:a1:3d:34:56:
ec:4a:ee:03:9b:70:f5:db:8b:cc:2c:0c:61:fd:6f:
e0:d5:02:50:b1:60:e4:19:7b:6f:4c:8e:57:2b:55:
44:54:d9:be:53:ae:2a:ea:9d:35:46:93:1d:9e:7e:
3d:0e:b2:b5:b8:2b:25:aa:8d:ab:de:91:b3:a1:05:
0d:6b:fb:22:91:ae:57:f7:ab:d0:62:38:cd:66:10:
ba:22:5d:92:93:9d:99:7d:f7:cd:5e:54:b5:9a:6a:
69:5b:9e:94:c0:2f:7f:1b:38:75:db:14:dc:aa:dd:
89:43:8d:c3:a0:f8:c2:f3:b3:c1:42:8c:68:b2:b0:
61:e6:2c:68:4f:a6:0f:61:d2:ec:ab:56:78:54:78:
56:f4:6d:06:f6:03:2f:6f:fb:6e:51:9c:b4:36:f3:
bf:ba:c2:bf:d7:13:79:13:cc:58:d4:68:0a:5e:a7:
62:ed:cc:4c:71:ae:dd:4f:2e:27:98:ee:96:a9:b9:
9a:93:97:e6:0a:a2:ee:62:1c:d3:15:ac:fc:42:8e:
37:c1:a7:0a:fb:c3:88:e6:24:a2:c6:30:8a:8d:9b:
70:e1:da:10:7c:80:e9:3c:ff:3d:34:9f:b4:e5:69:
23:28:14:39:b3:a8:63:a9:59:42:5e:35:28:a7:b2:
67:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:3D:34:DD:53:C8:84:3D:B9:8C:73:9A:D5:1E:8F:2F:1B:C1:5B:65
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/dj003VPIhD25jHOa1R6PLxvBW2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.159.0/24
92.114.107.0/24
Signature Algorithm: sha256WithRSAEncryption
11:5a:98:77:be:0a:7f:09:13:53:81:52:af:5b:6b:77:12:72:
69:6b:a2:69:75:99:ab:87:66:74:1e:f7:16:df:f2:7e:ab:46:
33:f3:86:ee:a7:7f:3a:26:74:1f:7b:c3:1b:8d:8e:56:13:de:
6b:1d:c8:aa:05:80:a8:d9:e4:a4:6a:04:2a:e2:b2:b8:ea:a6:
5a:3c:8a:24:78:49:4f:90:b2:7f:44:e7:9e:5c:78:ad:1a:c1:
8b:24:62:fc:5b:18:25:23:d4:53:71:d7:4b:6b:7e:17:1a:d9:
16:1e:cf:46:3f:ea:27:b6:f2:02:bc:3f:3c:24:6d:b6:df:97:
51:77:5d:d0:90:93:61:a1:3d:6b:4e:2e:d9:01:8a:d2:41:c2:
bf:07:c8:85:d6:b4:a8:f3:71:9d:e8:1c:0c:db:38:0b:a8:8d:
48:28:94:6b:a1:36:99:f4:c5:cd:0d:7b:af:12:99:d6:2c:14:
cc:9f:7d:8f:25:07:b1:ee:6b:34:80:30:5e:1f:c5:bb:4e:c1:
d3:76:ba:ff:c1:eb:88:b0:19:a9:3a:3a:2f:2f:01:c3:07:c6:
46:49:a9:56:74:c6:31:99:7e:fa:11:18:f1:e6:df:7f:45:dd:
6c:ad:4a:f6:b6:b5:a8:87:21:f5:25:c3:83:ea:23:d9:9a:e6:
79:f2:22:f5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZKVNolryBeUC709aVxjc12tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQxMDE2MTIwMzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjNkMzRkZDUzYzg4NDNkYjk4YzczOWFkNTFlOGYyZjFiYzE1YjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltXzCpKLyK+OCaE9NFbsSu4Dm3D1
24vMLAxh/W/g1QJQsWDkGXtvTI5XK1VEVNm+U64q6p01RpMdnn49DrK1uCslqo2r
3pGzoQUNa/sika5X96vQYjjNZhC6Il2Sk52ZfffNXlS1mmppW56UwC9/Gzh12xTc
qt2JQ43DoPjC87PBQoxosrBh5ixoT6YPYdLsq1Z4VHhW9G0G9gMvb/tuUZy0NvO/
usK/1xN5E8xY1GgKXqdi7cxMca7dTy4nmO6Wqbmak5fmCqLuYhzTFaz8Qo43wacK
+8OI5iSixjCKjZtw4doQfIDpPP89NJ+05WkjKBQ5s6hjqVlCXjUop7JnyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHY9NN1TyIQ9uYxzmtUejy8bwVtlMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvZGowMDNWUEloRDI1akhPYTFSNlBMeHZCVzJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSOfAwQA
XHJrMA0GCSqGSIb3DQEBCwUAA4IBAQARWph3vgp/CRNTgVKvW2t3EnJpa6JpdZmr
h2Z0HvcW3/J+q0Yz84bup386JnQfe8MbjY5WE95rHciqBYCo2eSkagQq4rK46qZa
PIokeElPkLJ/ROeeXHitGsGLJGL8WxglI9RTcddLa34XGtkWHs9GP+ontvICvD88
JG2235dRd13QkJNhoT1rTi7ZAYrSQcK/B8iF1rSo83Gd6BwM2zgLqI1IKJRroTaZ
9MXNDXuvEpnWLBTMn32PJQex7ms0gDBeH8W7TsHTdrr/weuIsBmpOjovLwHDB8ZG
SalWdMYxmX76ERjx5t9/Rd1srUr2trWohyH1JcOD6iPZmuZ58iL1
-----END CERTIFICATE-----
Generated at Fri Nov 1 14:34:51 2024 by rpki-client on console-fra.rpki-client.org