Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/lFt6DQ4bLE4fZdgsOHQ7S8BJRIQ.roa
File: lFt6DQ4bLE4fZdgsOHQ7S8BJRIQ.roa (raw, json)
Hash identifier: 5r6Gk36ae4RGfVM4UYx1TvAzKzfbRCjD54MF0GjIyFs=
Subject key identifier: 94:5B:7A:0D:0E:1B:2C:4E:1F:65:D8:2C:38:74:3B:4B:C0:49:44:84
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019170037EAFD4F04233F613F2430A488698
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/lFt6DQ4bLE4fZdgsOHQ7S8BJRIQ.roa
Signing time: Tue 20 Aug 2024 13:39:22 +0000
ROA not before: Tue 20 Aug 2024 13:39:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399471
IP address blocks: 89.37.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 31 Oct 2024 19:22:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:70:03:7e:af:d4:f0:42:33:f6:13:f2:43:0a:48:86:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 20 13:39:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=945b7a0d0e1b2c4e1f65d82c38743b4bc0494484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ad:90:51:74:d2:f8:5a:c9:dd:26:c4:47:73:
3f:08:fa:3e:fb:7e:95:90:fe:6a:6b:18:07:e5:f7:
cc:1f:ca:59:c0:ed:8d:47:8f:3f:68:00:92:c1:01:
76:ae:59:65:c3:b2:43:29:79:31:9f:33:25:33:6a:
e4:f4:e6:d5:80:0c:41:66:db:2d:cf:c2:47:1c:94:
1b:13:8b:05:ea:9c:f7:75:40:bf:eb:0e:98:6c:32:
82:bb:f8:54:7a:f2:06:b9:d3:63:a1:ce:0f:ac:21:
da:64:cc:89:fe:3b:9b:bd:30:ca:b7:c3:a4:49:68:
68:7c:e4:69:f7:6c:11:d9:3e:d1:a4:33:be:4b:b9:
97:bd:36:80:d1:03:ad:aa:da:3e:f9:8a:58:30:28:
ff:31:ce:96:42:2b:58:a9:19:6e:56:80:2c:32:cf:
67:a6:2d:50:ce:93:3c:08:8d:ac:12:73:86:97:fd:
50:95:24:1b:a2:c7:33:53:59:e9:4f:26:63:61:5d:
7e:ca:e9:42:ba:c4:cd:0d:35:89:c9:e1:92:79:dd:
92:9a:08:54:be:58:b1:dc:a0:cb:2d:65:02:d9:92:
de:26:61:bd:fc:71:f9:2e:2e:29:3f:e1:51:fc:99:
c5:14:43:a8:73:55:f2:d9:06:cd:3a:51:66:a1:8f:
96:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:5B:7A:0D:0E:1B:2C:4E:1F:65:D8:2C:38:74:3B:4B:C0:49:44:84
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/lFt6DQ4bLE4fZdgsOHQ7S8BJRIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.63.0/24
Signature Algorithm: sha256WithRSAEncryption
89:19:5f:86:8b:6e:ba:79:09:3b:7b:1d:99:69:7a:f0:03:3c:
00:6f:ea:3b:ed:c9:3c:68:03:86:63:b0:10:a0:eb:03:e0:99:
81:b9:dd:4f:ca:2f:cb:d8:31:bc:db:08:7e:f8:14:51:bd:e4:
7b:0e:29:7d:fa:54:c4:9f:64:e6:05:68:39:0c:50:1f:e9:7e:
ad:24:12:6e:21:d9:23:67:6a:b5:f6:ba:b1:c4:a6:cf:db:c0:
ab:e5:5f:55:30:0b:2c:0f:2f:c7:20:d6:73:5c:6c:03:f0:f1:
da:9e:c1:ab:1e:c3:b4:f6:da:03:8d:e3:60:93:61:e9:fe:80:
24:44:bf:49:68:48:a8:f6:75:6a:0c:2d:72:2f:52:7e:e7:30:
5c:96:66:77:51:18:96:7d:60:af:b7:9e:66:13:49:14:f4:3a:
a7:ff:ef:89:46:2a:cc:e0:1e:b0:17:6b:4c:ae:a1:53:47:fc:
05:88:b9:37:6f:8a:bf:1f:b3:19:1c:1d:0b:04:3d:98:23:47:
1e:4b:0c:f4:0b:21:8f:db:c7:d1:bb:e3:f0:b0:cd:5d:d2:be:
f0:29:9d:45:e8:5d:f7:66:62:80:e6:ce:a0:46:fc:28:a8:07:
7b:4d:71:4c:31:47:27:52:25:50:5d:f5:90:ce:94:e7:19:11:
2c:9c:77:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFwA36v1PBCM/YT8kMKSIaYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwODIwMTMzOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDViN2EwZDBlMWIyYzRlMWY2NWQ4MmMzODc0M2I0YmMwNDk0NDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnK2QUXTS+FrJ3SbER3M/CPo++36V
kP5qaxgH5ffMH8pZwO2NR48/aACSwQF2rlllw7JDKXkxnzMlM2rk9ObVgAxBZtst
z8JHHJQbE4sF6pz3dUC/6w6YbDKCu/hUevIGudNjoc4PrCHaZMyJ/jubvTDKt8Ok
SWhofORp92wR2T7RpDO+S7mXvTaA0QOtqto++YpYMCj/Mc6WQitYqRluVoAsMs9n
pi1QzpM8CI2sEnOGl/1QlSQbosczU1npTyZjYV1+yulCusTNDTWJyeGSed2SmghU
vlix3KDLLWUC2ZLeJmG9/HH5Li4pP+FR/JnFFEOoc1Xy2QbNOlFmoY+WUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJRbeg0OGyxOH2XYLDh0O0vASUSEMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbEZ0NkRRNGJMRTRmWmRnc09IUTdTOEJKUklRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSU/MA0G
CSqGSIb3DQEBCwUAA4IBAQCJGV+Gi266eQk7ex2ZaXrwAzwAb+o77ck8aAOGY7AQ
oOsD4JmBud1Pyi/L2DG82wh++BRRveR7Dil9+lTEn2TmBWg5DFAf6X6tJBJuIdkj
Z2q19rqxxKbP28Cr5V9VMAssDy/HINZzXGwD8PHansGrHsO09toDjeNgk2Hp/oAk
RL9JaEio9nVqDC1yL1J+5zBclmZ3URiWfWCvt55mE0kU9Dqn/++JRirM4B6wF2tM
rqFTR/wFiLk3b4q/H7MZHB0LBD2YI0ceSwz0CyGP28fRu+PwsM1d0r7wKZ1F6F33
ZmKA5s6gRvwoqAd7TXFMMUcnUiVQXfWQzpTnGREsnHcl
-----END CERTIFICATE-----
Generated at Thu Oct 31 21:20:00 2024 by rpki-client on console-ams.rpki-client.org