Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/gSNVDhEXt851sn5pps-a8wnr7r8.roa
File: gSNVDhEXt851sn5pps-a8wnr7r8.roa (raw, json)
Hash identifier: It22RKmdSElBhwBJ2O1XpWXZQni0/wJV3HTiWfUv9Wk=
Subject key identifier: 81:23:55:0E:11:17:B7:CE:75:B2:7E:69:A6:CF:9A:F3:09:EB:EE:BF
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0192F6EBCDCFD39CCB5EB6405AF7DE3A5F9D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/gSNVDhEXt851sn5pps-a8wnr7r8.roa
Signing time: Mon 04 Nov 2024 11:25:01 +0000
ROA not before: Mon 04 Nov 2024 11:25:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 89.35.159.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
89.44.207.0/24 maxlen: 24
92.114.107.0/24 maxlen: 24
103.212.80.0/24 maxlen: 24
185.9.55.0/24 maxlen: 24
185.121.122.0/23 maxlen: 24
188.212.133.0/24 maxlen: 24
188.241.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Nov 2024 14:26:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f6:eb:cd:cf:d3:9c:cb:5e:b6:40:5a:f7:de:3a:5f:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 4 11:25:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8123550e1117b7ce75b27e69a6cf9af309ebeebf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a8:56:2a:7d:b5:a0:37:8c:cb:a6:fa:cc:3f:
84:65:b3:1e:56:d7:c6:f5:74:62:02:e4:a8:11:e3:
ab:5a:5e:c8:b3:8f:05:36:a1:46:a1:1a:eb:31:84:
48:9f:b2:b4:c2:ce:a7:43:cd:74:84:a8:21:e6:be:
00:7d:9c:2b:c9:e1:05:98:04:60:c8:38:1a:72:2a:
82:dc:79:3d:36:9f:b7:62:c8:4a:6d:0a:f9:df:f1:
a4:6c:35:71:5d:5c:9d:db:06:58:82:bd:aa:f3:69:
0d:53:1a:30:89:86:08:0f:90:63:98:8e:53:5e:88:
47:48:de:07:80:a7:e6:f5:92:65:73:69:ba:29:86:
1a:6b:a1:e7:d0:ce:db:85:9c:46:d1:ef:c1:a6:1e:
da:8f:a4:1a:75:d2:39:f3:c0:cb:40:1a:47:22:57:
45:2a:28:a9:dc:6f:7f:7a:77:03:9a:44:bf:b8:9b:
12:ed:3c:d5:31:24:81:1b:70:d2:76:ba:21:26:e8:
14:b4:f0:f7:a4:b0:6b:53:d7:c6:cc:2b:e7:8b:35:
df:22:92:e2:fa:ad:e5:9e:b8:7b:28:13:73:f3:5f:
ee:60:e3:68:aa:bc:fb:79:fc:27:b1:90:82:3f:38:
8c:84:df:f2:6f:c7:38:2e:b2:dd:03:95:6f:7f:12:
57:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:23:55:0E:11:17:B7:CE:75:B2:7E:69:A6:CF:9A:F3:09:EB:EE:BF
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/gSNVDhEXt851sn5pps-a8wnr7r8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.159.0/24
89.37.63.0/24
89.44.207.0/24
92.114.107.0/24
103.212.80.0/24
185.9.55.0/24
185.121.122.0/23
188.212.133.0/24
188.241.214.0/24
Signature Algorithm: sha256WithRSAEncryption
27:e5:e0:74:b2:09:76:59:2e:9a:40:97:fb:ad:84:6a:90:92:
4f:57:2c:32:9a:d0:9e:a8:21:f7:69:0f:a2:5c:fb:dd:cd:75:
61:6f:95:de:26:df:2a:ec:cf:ab:59:11:ba:7f:c5:3d:16:21:
0e:e6:39:0d:b1:a8:90:d4:fa:1a:a3:07:44:92:1f:02:f3:5d:
21:11:02:b1:14:bc:48:00:05:2d:d8:d5:f1:0e:72:ec:1f:ca:
8b:ef:8f:1b:37:0a:3a:96:70:c1:ed:f0:5b:67:1a:5a:b4:3f:
83:22:26:bc:84:da:2a:46:3b:0d:b4:d1:80:89:52:ee:d5:a9:
97:34:a3:22:e6:92:fb:3d:2f:5d:75:63:a4:21:1a:d4:65:e1:
b9:85:a0:16:e3:69:91:02:7b:b6:07:b7:19:f6:34:56:4c:5d:
b8:cb:b4:d8:08:ca:d1:27:48:cd:30:e2:50:17:3f:eb:cf:17:
0c:e3:f6:90:55:bd:9c:14:8c:10:1e:fa:d0:b7:16:12:66:0d:
6b:8e:eb:ac:dd:97:22:59:bb:69:17:79:fe:de:86:18:db:83:
9a:68:95:0e:5c:b5:f5:54:66:73:6a:b3:0c:07:f3:72:ca:f9:
c6:21:a7:f4:28:28:72:82:c6:a4:ae:3e:26:00:55:f7:ee:a7:
80:f5:2a:3e
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZL2683P05zLXrZAWvfeOl+dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQxMTA0MTEyNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTIzNTUwZTExMTdiN2NlNzViMjdlNjlhNmNmOWFmMzA5ZWJlZWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqhWKn21oDeMy6b6zD+EZbMeVtfG
9XRiAuSoEeOrWl7Is48FNqFGoRrrMYRIn7K0ws6nQ810hKgh5r4AfZwryeEFmARg
yDgaciqC3Hk9Np+3YshKbQr53/GkbDVxXVyd2wZYgr2q82kNUxowiYYID5BjmI5T
XohHSN4HgKfm9ZJlc2m6KYYaa6Hn0M7bhZxG0e/Bph7aj6QaddI588DLQBpHIldF
Kiip3G9/encDmkS/uJsS7TzVMSSBG3DSdrohJugUtPD3pLBrU9fGzCvnizXfIpLi
+q3lnrh7KBNz81/uYONoqrz7efwnsZCCPziMhN/yb8c4LrLdA5VvfxJXpQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFIEjVQ4RF7fOdbJ+aabPmvMJ6+6/MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvZ1NOVkRoRVh0ODUxc241cHBzLWE4d25yN3I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAWSOfAwQA
WSU/AwQAWSzPAwQAXHJrAwQAZ9RQAwQAuQk3AwQBuXl6AwQAvNSFAwQAvPHWMA0G
CSqGSIb3DQEBCwUAA4IBAQAn5eB0sgl2WS6aQJf7rYRqkJJPVywymtCeqCH3aQ+i
XPvdzXVhb5XeJt8q7M+rWRG6f8U9FiEO5jkNsaiQ1PoaowdEkh8C810hEQKxFLxI
AAUt2NXxDnLsH8qL748bNwo6lnDB7fBbZxpatD+DIia8hNoqRjsNtNGAiVLu1amX
NKMi5pL7PS9ddWOkIRrUZeG5haAW42mRAnu2B7cZ9jRWTF24y7TYCMrRJ0jNMOJQ
Fz/rzxcM4/aQVb2cFIwQHvrQtxYSZg1rjuus3ZciWbtpF3n+3oYY24OaaJUOXLX1
VGZzarMMB/NyyvnGIaf0KChygsakrj4mAFX37qeA9So+
-----END CERTIFICATE-----
Generated at Tue Nov 19 18:43:34 2024 by rpki-client on console-ams.rpki-client.org