Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/dyHAbOZ5Ht_tq5Gn8StqSYShxYc.roa
File: dyHAbOZ5Ht_tq5Gn8StqSYShxYc.roa (raw, json)
Hash identifier: bvo8ydGZZonLk4h+df7BkbalVE/ODBIAjmUFIN4tnEE=
Subject key identifier: 77:21:C0:6C:E6:79:1E:DF:ED:AB:91:A7:F1:2B:6A:49:84:A1:C5:87
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018AFE2AE42766774D713F0056B6BFE71C7B
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/dyHAbOZ5Ht_tq5Gn8StqSYShxYc.roa
Signing time: Thu 05 Oct 2023 04:48:58 +0000
ROA not before: Thu 05 Oct 2023 04:48:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 89.35.155.0/24 maxlen: 24
188.240.68.0/24 maxlen: 24
45.156.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Oct 2023 10:02:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fe:2a:e4:27:66:77:4d:71:3f:00:56:b6:bf:e7:1c:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 5 04:48:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7721c06ce6791edfedab91a7f12b6a4984a1c587
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f9:c9:45:be:93:f3:4c:74:1c:9f:5b:a8:2e:
92:c5:e0:87:9e:76:5e:38:f1:de:ca:02:4e:6c:6b:
dc:6c:7f:ba:4c:4e:07:1d:2c:ad:f7:2e:a6:c4:07:
19:d4:94:e9:ab:aa:d4:c0:3b:bb:37:e7:6d:ff:42:
c9:81:06:f6:f6:0e:9a:c6:b7:f4:a4:36:95:4b:89:
ce:1d:cf:2c:29:76:44:01:4b:1e:69:0d:09:b8:58:
37:c7:a8:cb:e4:e9:c3:86:1b:55:28:8e:ae:25:5a:
d4:ef:eb:97:b9:99:7c:df:15:2e:03:09:0f:ab:de:
c7:6e:27:29:4f:5f:56:47:a7:ae:9b:60:65:db:4c:
20:e2:10:23:6b:01:f6:c2:c1:16:64:34:05:5e:cf:
19:d1:44:9b:54:af:33:48:fb:ad:f7:38:5d:17:02:
99:32:93:c8:99:cb:2d:0d:66:91:84:dd:ad:e9:ff:
8c:c2:11:df:c6:6e:32:0d:59:d7:50:32:bd:d9:04:
19:15:80:65:2c:03:d1:69:36:4d:d2:6c:1a:0c:b8:
b7:81:08:6d:8d:cb:71:e8:ee:bc:cb:52:78:c0:ae:
a5:6e:59:86:4a:c2:41:7d:cf:48:40:91:05:9e:04:
a3:fc:e0:85:b0:1b:0d:81:31:83:96:f1:03:73:8d:
c8:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:21:C0:6C:E6:79:1E:DF:ED:AB:91:A7:F1:2B:6A:49:84:A1:C5:87
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/dyHAbOZ5Ht_tq5Gn8StqSYShxYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.159.0/24
89.35.155.0/24
188.240.68.0/24
Signature Algorithm: sha256WithRSAEncryption
73:4c:87:de:f8:38:86:0a:0a:02:1c:b4:06:42:b0:b3:bd:86:
8c:d5:50:34:11:53:c9:15:2a:28:8c:dc:b3:cd:30:35:68:32:
f5:df:81:0d:15:22:44:59:f0:c0:2f:9a:0f:ce:02:54:c1:01:
92:92:6e:2a:5c:27:86:20:4d:3d:5e:ac:f2:a8:fa:ab:d0:97:
e6:f8:b7:f9:fe:78:96:19:9d:09:16:d8:58:ee:b5:bf:ad:69:
b0:f2:2f:40:7a:9b:87:e5:d9:dd:be:2b:b2:1d:a6:b9:3e:0c:
a9:c5:e4:86:38:70:7a:21:a2:72:24:ab:92:ca:f9:e4:3a:e6:
c6:ef:8b:4a:71:7f:fd:69:f4:d1:17:e6:75:eb:9a:31:27:69:
de:64:a3:5f:13:53:3a:a6:64:f7:ab:94:e6:9e:8d:e8:3e:d9:
85:77:a1:68:c9:21:41:9e:ac:92:e6:97:0e:a3:4b:8c:cd:e6:
01:b0:f1:14:95:96:75:20:2a:82:c0:22:70:94:19:bd:21:8f:
7d:19:7b:a7:5c:e9:ea:d9:99:d0:5d:37:a9:79:0f:51:d5:14:
39:e8:be:7a:f8:4e:c5:42:4c:2e:17:18:59:80:2b:21:eb:39:
a5:8f:bf:2f:19:09:64:c6:6f:ac:01:e5:f9:13:fe:c5:c0:63:
63:7e:76:0e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYr+KuQnZndNcT8AVra/5xx7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDA1MDQ0ODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzIxYzA2Y2U2NzkxZWRmZWRhYjkxYTdmMTJiNmE0OTg0YTFjNTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvnJRb6T80x0HJ9bqC6SxeCHnnZe
OPHeygJObGvcbH+6TE4HHSyt9y6mxAcZ1JTpq6rUwDu7N+dt/0LJgQb29g6axrf0
pDaVS4nOHc8sKXZEAUseaQ0JuFg3x6jL5OnDhhtVKI6uJVrU7+uXuZl83xUuAwkP
q97HbicpT19WR6eum2Bl20wg4hAjawH2wsEWZDQFXs8Z0USbVK8zSPut9zhdFwKZ
MpPImcstDWaRhN2t6f+MwhHfxm4yDVnXUDK92QQZFYBlLAPRaTZN0mwaDLi3gQht
jctx6O68y1J4wK6lblmGSsJBfc9IQJEFngSj/OCFsBsNgTGDlvEDc43IUQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHchwGzmeR7f7auRp/ErakmEocWHMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvZHlIQWJPWjVIdF90cTVHbjhTdHFTWVNoeFljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZyfAwQA
WSObAwQAvPBEMA0GCSqGSIb3DQEBCwUAA4IBAQBzTIfe+DiGCgoCHLQGQrCzvYaM
1VA0EVPJFSoojNyzzTA1aDL134ENFSJEWfDAL5oPzgJUwQGSkm4qXCeGIE09Xqzy
qPqr0Jfm+Lf5/niWGZ0JFthY7rW/rWmw8i9AepuH5dndviuyHaa5PgypxeSGOHB6
IaJyJKuSyvnkOubG74tKcX/9afTRF+Z165oxJ2neZKNfE1M6pmT3q5Tmno3oPtmF
d6FoySFBnqyS5pcOo0uMzeYBsPEUlZZ1ICqCwCJwlBm9IY99GXunXOnq2ZnQXTep
eQ9R1RQ56L56+E7FQkwuFxhZgCsh6zmlj78vGQlkxm+sAeX5E/7FwGNjfnYO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:12 2024 by rpki-client on console-ams.rpki-client.org