Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/l29iXawR1tNJiLS3IxilrR3PIJ4.roa
File: l29iXawR1tNJiLS3IxilrR3PIJ4.roa (raw, json)
Hash identifier: kkJU00CIpRz4NI5o7cK4SEp1YAOCL+1o8rZqjcgfAg4=
Subject key identifier: 97:6F:62:5D:AC:11:D6:D3:49:88:B4:B7:23:18:A5:AD:1D:CF:20:9E
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0186B0BFBC247043BBE41C41BCFC2F4E6BFE
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/l29iXawR1tNJiLS3IxilrR3PIJ4.roa
Signing time: Sun 05 Mar 2023 07:50:00 +0000
ROA not before: Sun 05 Mar 2023 07:50:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 89.38.136.0/24 maxlen: 24
91.217.250.0/24 maxlen: 24
91.217.249.0/24 maxlen: 24
45.89.32.0/22 maxlen: 24
84.245.57.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b0:bf:bc:24:70:43:bb:e4:1c:41:bc:fc:2f:4e:6b:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 5 07:50:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=976f625dac11d6d34988b4b72318a5ad1dcf209e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b2:00:51:a5:a6:9b:a5:a0:a6:3b:af:73:1a:
02:9f:1e:3c:80:44:94:60:a7:6d:43:5d:a2:ba:09:
e9:bc:d6:32:c7:9e:2c:ba:d1:3b:82:08:1a:5c:65:
59:79:ae:05:63:a9:fc:56:6a:c2:3f:62:97:b5:8a:
56:df:19:4b:53:c3:e3:0a:c9:06:fa:de:2c:cd:18:
2e:88:64:01:6c:cf:06:c4:1f:fc:b1:c0:7c:52:ae:
09:49:9a:a0:50:6a:78:74:81:e9:9e:6c:69:cb:4f:
65:61:e5:02:0a:b4:f3:64:d4:af:b1:32:a9:a4:f1:
ad:51:4f:09:29:8a:95:52:c8:f4:a8:a4:62:bb:5c:
b5:77:49:67:83:74:cb:f0:ee:6b:99:48:8d:df:9e:
3a:55:a7:21:59:bf:b7:19:be:e7:4f:e7:65:cd:fd:
7d:e6:03:53:a0:4b:bd:82:38:3a:70:b6:ff:22:28:
06:b9:f1:1b:e8:84:51:eb:e0:7f:0c:a5:18:81:25:
6f:6f:f1:10:a0:40:20:05:22:4f:9a:ba:2e:52:d1:
12:d4:1f:96:21:b1:5c:12:3f:60:67:af:a2:d6:17:
09:d9:2f:23:6e:f9:67:84:33:59:66:9e:48:3a:a2:
9d:2f:c6:0b:4b:d6:67:f4:5b:d6:4d:9e:94:f5:bc:
31:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:6F:62:5D:AC:11:D6:D3:49:88:B4:B7:23:18:A5:AD:1D:CF:20:9E
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/l29iXawR1tNJiLS3IxilrR3PIJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.32.0/22
84.245.57.0/24
89.38.136.0/24
91.217.249.0-91.217.250.255
Signature Algorithm: sha256WithRSAEncryption
5d:fa:4e:2a:24:d9:4f:6f:77:a7:e1:47:10:c8:2c:f9:dc:19:
62:91:87:99:a5:12:8b:f7:a6:0e:bc:b7:ff:e3:8e:da:bd:5c:
9c:bc:83:ea:bf:06:b9:fa:d3:2e:72:da:d9:1c:29:3f:50:03:
46:51:37:12:ff:af:8e:43:cd:dc:59:c2:8b:78:7c:d3:0a:ed:
99:3c:22:13:3a:f9:0e:08:83:f0:bf:5a:08:79:83:1e:80:fd:
e6:6e:2f:bc:e5:9a:49:06:b4:a6:63:eb:48:18:12:bd:6f:4f:
f1:f2:0e:67:22:68:63:17:e2:5a:5f:b3:b1:59:1f:f9:27:df:
a6:06:6d:c5:98:ba:a6:b3:ce:31:28:74:3e:55:5d:a9:eb:1d:
c7:91:98:29:be:0d:ab:f4:e2:b7:88:58:cd:d9:11:10:b5:22:
12:f0:f3:b5:09:e1:8e:ce:77:22:2a:ba:13:72:d8:e5:3c:f8:
93:db:f1:1f:e3:bf:5b:a0:90:a4:15:d2:8f:88:b8:be:29:5b:
45:41:05:a9:48:b1:2d:18:e6:19:d6:67:fc:73:a1:ea:13:b1:
c6:d0:96:cd:91:2f:7d:25:58:1b:fc:64:9c:be:dd:3e:9b:fc:
cc:35:c4:08:a8:77:bc:d9:ea:fb:5d:a6:21:97:42:52:5b:5c:
51:e0:ca:80
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYawv7wkcEO75BxBvPwvTmv+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzA1MDc1MDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzZmNjI1ZGFjMTFkNmQzNDk4OGI0YjcyMzE4YTVhZDFkY2YyMDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrIAUaWmm6WgpjuvcxoCnx48gESU
YKdtQ12iugnpvNYyx54sutE7gggaXGVZea4FY6n8VmrCP2KXtYpW3xlLU8PjCskG
+t4szRguiGQBbM8GxB/8scB8Uq4JSZqgUGp4dIHpnmxpy09lYeUCCrTzZNSvsTKp
pPGtUU8JKYqVUsj0qKRiu1y1d0lng3TL8O5rmUiN3546VachWb+3Gb7nT+dlzf19
5gNToEu9gjg6cLb/IigGufEb6IRR6+B/DKUYgSVvb/EQoEAgBSJPmrouUtES1B+W
IbFcEj9gZ6+i1hcJ2S8jbvlnhDNZZp5IOqKdL8YLS9Zn9FvWTZ6U9bwxcQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJdvYl2sEdbTSYi0tyMYpa0dzyCeMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbDI5aVhhd1IxdE5KaUxTM0l4aWxyUjNQSUo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCLVkgAwQA
VPU5AwQAWSaIMAwDBABb2fkDBABb2fowDQYJKoZIhvcNAQELBQADggEBAF36Tiok
2U9vd6fhRxDILPncGWKRh5mlEov3pg68t//jjtq9XJy8g+q/Brn60y5y2tkcKT9Q
A0ZRNxL/r45DzdxZwot4fNMK7Zk8IhM6+Q4Ig/C/Wgh5gx6A/eZuL7zlmkkGtKZj
60gYEr1vT/HyDmciaGMX4lpfs7FZH/kn36YGbcWYuqazzjEodD5VXanrHceRmCm+
Dav04reIWM3ZERC1IhLw87UJ4Y7OdyIquhNy2OU8+JPb8R/jv1ugkKQV0o+IuL4p
W0VBBalIsS0Y5hnWZ/xzoeoTscbQls2RL30lWBv8ZJy+3T6b/Mw1xAiod7zZ6vtd
piGXQlJbXFHgyoA=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:03 2023 by rpki-client on console-fra.rpki-client.org