Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mkYzDZdpfHid5UZSphK02cCq3js.roa
File: mkYzDZdpfHid5UZSphK02cCq3js.roa (raw, json)
Hash identifier: VNWGyLwcLDvhAjUQQrTZAIkGkydCzciwB4Oo+K/j7ag=
Subject key identifier: 9A:46:33:0D:97:69:7C:78:9D:E5:46:52:A6:12:B4:D9:C0:AA:DE:3B
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CC50110E8F115B60B42D9298DC89E1AAB
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mkYzDZdpfHid5UZSphK02cCq3js.roa
Signing time: Mon 01 Jan 2024 12:30:30 +0000
ROA not before: Mon 01 Jan 2024 12:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42926
IP address blocks: 89.40.76.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:10:e8:f1:15:b6:0b:42:d9:29:8d:c8:9e:1a:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 12:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a46330d97697c789de54652a612b4d9c0aade3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:56:5f:aa:5c:77:52:91:c0:72:d5:49:16:bf:
e4:08:bb:31:13:11:89:23:18:3f:30:ea:30:c5:56:
cb:af:5d:dd:5b:be:40:3a:a9:0b:a2:d3:2b:c1:0a:
c3:8f:0f:28:b3:d9:26:a0:47:09:bb:03:e7:d4:b9:
0d:ed:2a:66:90:ca:30:cd:6e:ea:b7:7c:c2:56:38:
a1:a9:7a:be:d9:f6:42:0e:ec:50:fa:31:27:26:f3:
96:31:76:a8:09:ae:d4:50:5a:0a:e6:21:2e:c1:61:
0e:7e:0a:1e:00:c9:89:00:b7:de:96:b5:a1:ee:ea:
10:c4:e7:02:a1:ab:76:67:a9:d2:c6:47:fa:9e:5e:
fd:11:41:5d:ab:70:05:bd:e8:83:62:8f:b8:23:52:
f7:13:60:56:ed:89:cc:13:af:0d:a4:65:d0:39:80:
a2:ca:2d:a4:0e:40:36:94:d8:1c:62:82:ff:86:d4:
53:9c:65:2c:42:2d:74:ac:40:3a:54:97:71:76:67:
11:a3:1d:21:68:f9:62:a5:10:57:fb:b3:c5:94:cf:
30:6b:da:28:ca:d9:89:54:8e:4d:62:8c:df:4c:9a:
94:a4:15:2d:ff:8f:02:2a:8f:6c:60:51:d2:6c:28:
0d:8f:ae:53:40:be:2f:8d:c2:ce:fc:1b:af:67:f9:
15:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:46:33:0D:97:69:7C:78:9D:E5:46:52:A6:12:B4:D9:C0:AA:DE:3B
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mkYzDZdpfHid5UZSphK02cCq3js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.76.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:a9:e0:d6:11:8f:00:07:4b:79:75:11:e5:35:fb:c0:68:9e:
7f:f8:3d:8c:21:4f:a4:45:41:7d:30:22:f6:6a:8e:72:ed:3b:
04:00:f8:f8:c0:8c:a0:d4:73:0e:38:41:cb:0e:10:e0:05:e3:
f5:81:f0:44:03:ab:6b:b1:4f:73:a6:c9:3c:7e:d7:a2:f2:53:
a4:90:de:d4:68:1d:4a:af:14:6d:71:2c:eb:d3:ee:a6:e8:bd:
18:a9:51:88:18:7c:97:2d:87:e0:77:9f:bf:b3:10:6e:54:11:
9e:6d:9e:cb:56:70:2e:e6:91:b9:2d:98:1f:f7:ff:23:34:7a:
65:80:93:76:3d:13:c4:75:f7:82:ce:58:07:94:92:29:4f:00:
e8:a6:18:58:1e:8f:c7:a3:ba:33:77:57:2f:e2:fa:9f:33:c3:
48:ab:af:db:d2:70:4b:96:fb:5a:2f:8f:91:f0:26:bf:64:2a:
7e:b3:9d:5e:3f:bb:30:42:d0:ee:80:ed:b2:df:14:5d:bd:bf:
fc:92:d3:a5:e1:8a:0b:e1:8c:2b:87:b4:27:35:7b:89:c8:fe:
05:74:d5:2e:de:72:4a:99:88:f9:40:df:9b:e9:c8:d8:dd:c1:
d2:e8:8c:33:bd:63:60:ac:99:1f:e2:83:42:e3:92:69:6a:1e:
da:65:4d:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFARDo8RW2C0LZKY3InhqrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTQ2MzMwZDk3Njk3Yzc4OWRlNTQ2NTJhNjEyYjRkOWMwYWFkZTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlZfqlx3UpHActVJFr/kCLsxExGJ
Ixg/MOowxVbLr13dW75AOqkLotMrwQrDjw8os9kmoEcJuwPn1LkN7SpmkMowzW7q
t3zCVjihqXq+2fZCDuxQ+jEnJvOWMXaoCa7UUFoK5iEuwWEOfgoeAMmJALfelrWh
7uoQxOcCoat2Z6nSxkf6nl79EUFdq3AFveiDYo+4I1L3E2BW7YnME68NpGXQOYCi
yi2kDkA2lNgcYoL/htRTnGUsQi10rEA6VJdxdmcRox0haPlipRBX+7PFlM8wa9oo
ytmJVI5NYozfTJqUpBUt/48CKo9sYFHSbCgNj65TQL4vjcLO/BuvZ/kVHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJpGMw2XaXx4neVGUqYStNnAqt47MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbWtZekRaZHBmSGlkNVVaU3BoSzAyY0NxM2pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWShMMA0G
CSqGSIb3DQEBCwUAA4IBAQB9qeDWEY8AB0t5dRHlNfvAaJ5/+D2MIU+kRUF9MCL2
ao5y7TsEAPj4wIyg1HMOOEHLDhDgBeP1gfBEA6trsU9zpsk8ftei8lOkkN7UaB1K
rxRtcSzr0+6m6L0YqVGIGHyXLYfgd5+/sxBuVBGebZ7LVnAu5pG5LZgf9/8jNHpl
gJN2PRPEdfeCzlgHlJIpTwDophhYHo/Ho7ozd1cv4vqfM8NIq6/b0nBLlvtaL4+R
8Ca/ZCp+s51eP7swQtDugO2y3xRdvb/8ktOl4YoL4Ywrh7QnNXuJyP4FdNUu3nJK
mYj5QN+b6cjY3cHS6IwzvWNgrJkf4oNC45Jpah7aZU2B
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:40 2024 by rpki-client on console-ams.rpki-client.org