Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/lIG7Xc6Ye9E9eC-rEZvzOfXaQCA.roa
File: lIG7Xc6Ye9E9eC-rEZvzOfXaQCA.roa (raw, json)
Hash identifier: U/3Z0rERKC7DO4YHhUTZtrqEslMVB+heKgTvEnLlIH4=
Subject key identifier: 94:81:BB:5D:CE:98:7B:D1:3D:78:2F:AB:11:9B:F3:39:F5:DA:40:20
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018A667AA4EF01259FA556FE983BF314F9CA
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/lIG7Xc6Ye9E9eC-rEZvzOfXaQCA.roa
Signing time: Tue 05 Sep 2023 17:53:48 +0000
ROA not before: Tue 05 Sep 2023 17:53:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 89.35.155.0/24 maxlen: 24
45.156.159.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Sep 2023 11:07:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:66:7a:a4:ef:01:25:9f:a5:56:fe:98:3b:f3:14:f9:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Sep 5 17:53:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9481bb5dce987bd13d782fab119bf339f5da4020
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:16:26:6f:bb:78:ab:d9:ad:48:8e:96:b8:e9:
08:a3:7a:87:86:71:e6:f0:2e:52:c7:56:a8:c2:e2:
85:12:75:19:74:2d:81:85:77:85:ce:9d:52:2e:86:
96:3c:09:ea:86:93:6e:36:91:c0:4b:99:0b:ce:c4:
5e:cb:2d:52:90:57:8b:27:f4:f6:b8:79:5e:62:e8:
d3:92:5d:c9:8f:95:a2:31:a1:84:2e:df:b3:38:a1:
28:ed:46:d2:a6:67:0c:11:93:bb:43:e7:47:b8:3a:
a5:23:1c:a9:f6:c5:56:32:f7:da:9e:4d:22:af:90:
97:b5:24:c7:86:dd:d0:bf:c3:79:f6:11:39:dc:02:
b0:2b:27:98:7b:3b:b2:a3:95:4b:a8:6a:2b:71:ff:
74:98:53:2f:fb:ae:7c:08:90:0f:ab:7f:c2:be:47:
eb:77:1a:d1:b8:79:88:53:a5:47:37:d7:4a:96:10:
ef:f5:99:9c:d4:c4:fc:a8:ba:41:71:37:09:2d:2d:
28:ed:fa:7a:c0:fd:90:e0:bf:20:c4:47:12:7d:0f:
21:bb:5c:2a:e1:5c:7a:29:5c:8b:7c:07:a5:c4:e0:
4d:ae:16:c7:49:bd:65:dc:3f:ba:18:17:b1:41:f4:
99:d3:f6:25:52:78:9f:ef:1b:29:d0:cc:2c:04:ff:
1c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:81:BB:5D:CE:98:7B:D1:3D:78:2F:AB:11:9B:F3:39:F5:DA:40:20
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/lIG7Xc6Ye9E9eC-rEZvzOfXaQCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.159.0/24
89.33.84.0/24
89.35.155.0/24
Signature Algorithm: sha256WithRSAEncryption
90:9f:79:80:05:90:68:bb:1f:71:a6:0f:bf:22:7f:90:c8:3a:
14:ee:62:ba:f2:35:d1:90:fa:d5:05:6b:a4:24:94:43:d9:59:
13:85:91:14:38:12:ee:1a:03:79:e4:4d:a8:f8:36:66:9a:1d:
e0:4c:fe:0e:ea:3d:2f:be:ca:67:3c:d1:84:ba:46:9d:ac:ab:
09:29:da:48:ef:2e:c9:94:ce:fe:bb:8f:2b:93:47:fb:61:1c:
48:f8:16:c5:0c:df:1d:e0:95:68:37:70:8f:48:4b:2c:f5:9c:
00:9a:f9:09:0a:d7:1f:0d:2b:74:bc:e1:2e:18:e4:b6:c1:2d:
bf:8f:f2:96:86:61:2a:a0:69:f8:76:f2:d8:81:95:bf:d3:c5:
12:d2:0b:bd:ef:6c:fe:90:af:e8:d5:e4:43:ae:10:24:17:7e:
9b:80:3e:78:c7:47:d4:19:65:c0:32:26:f0:01:b7:a8:b9:c1:
33:33:c7:a9:33:41:8c:86:32:7b:35:79:58:66:f7:22:5a:7b:
83:67:42:7c:67:18:bb:9b:42:ba:18:11:f8:b1:7c:21:1f:62:
5a:20:73:be:fc:0b:41:aa:79:eb:44:8e:8c:da:ac:d4:23:c7:
35:47:33:de:34:45:99:db:1c:3a:3b:9c:1c:31:b7:e6:b3:2b:
e3:11:da:32
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYpmeqTvASWfpVb+mDvzFPnKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwOTA1MTc1MzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDgxYmI1ZGNlOTg3YmQxM2Q3ODJmYWIxMTliZjMzOWY1ZGE0MDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBYmb7t4q9mtSI6WuOkIo3qHhnHm
8C5Sx1aowuKFEnUZdC2BhXeFzp1SLoaWPAnqhpNuNpHAS5kLzsReyy1SkFeLJ/T2
uHleYujTkl3Jj5WiMaGELt+zOKEo7UbSpmcMEZO7Q+dHuDqlIxyp9sVWMvfank0i
r5CXtSTHht3Qv8N59hE53AKwKyeYezuyo5VLqGorcf90mFMv+658CJAPq3/Cvkfr
dxrRuHmIU6VHN9dKlhDv9Zmc1MT8qLpBcTcJLS0o7fp6wP2Q4L8gxEcSfQ8hu1wq
4Vx6KVyLfAelxOBNrhbHSb1l3D+6GBexQfSZ0/YlUnif7xsp0MwsBP8caQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJSBu13OmHvRPXgvqxGb8zn12kAgMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbElHN1hjNlllOUU5ZUMtckVadnpPZlhhUUNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZyfAwQA
WSFUAwQAWSObMA0GCSqGSIb3DQEBCwUAA4IBAQCQn3mABZBoux9xpg+/In+QyDoU
7mK68jXRkPrVBWukJJRD2VkThZEUOBLuGgN55E2o+DZmmh3gTP4O6j0vvspnPNGE
ukadrKsJKdpI7y7JlM7+u48rk0f7YRxI+BbFDN8d4JVoN3CPSEss9ZwAmvkJCtcf
DSt0vOEuGOS2wS2/j/KWhmEqoGn4dvLYgZW/08US0gu972z+kK/o1eRDrhAkF36b
gD54x0fUGWXAMibwAbeoucEzM8epM0GMhjJ7NXlYZvciWnuDZ0J8Zxi7m0K6GBH4
sXwhH2JaIHO+/AtBqnnrRI6M2qzUI8c1RzPeNEWZ2xw6O5wcMbfmsyvjEdoy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:13 2024 by rpki-client on console-ams.rpki-client.org