Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/nnKWVe6IbccMwMHdZH6-5iFe1o8.roa
File: nnKWVe6IbccMwMHdZH6-5iFe1o8.roa (raw, json)
Hash identifier: soNUzZ8W6XIU4DjB34kFOAn2gwspEz/XdqIg2I3sImY=
Subject key identifier: 9E:72:96:55:EE:88:6D:C7:0C:C0:C1:DD:64:7E:BE:E6:21:5E:D6:8F
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018F77FAF2DA53D047026ABB0E3964C92E02
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/nnKWVe6IbccMwMHdZH6-5iFe1o8.roa
Signing time: Tue 14 May 2024 16:41:25 +0000
ROA not before: Tue 14 May 2024 16:41:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216229
IP address blocks: 89.33.84.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Aug 2024 09:04:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:77:fa:f2:da:53:d0:47:02:6a:bb:0e:39:64:c9:2e:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 14 16:41:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e729655ee886dc70cc0c1dd647ebee6215ed68f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:3d:0e:28:1e:ba:d0:49:7a:ef:d7:bf:30:dd:
41:43:0e:dd:bb:e2:bc:ae:f8:a8:94:d6:41:59:75:
b5:5e:e5:c9:ec:a8:7c:3a:fd:65:c9:30:06:23:09:
2b:29:35:bf:3f:fa:26:b2:2f:2b:bc:9b:41:f2:46:
f7:49:67:46:6f:c0:27:f6:f6:fb:31:20:b4:bf:5e:
40:88:be:9d:af:cb:0f:4b:36:3a:6a:53:7f:8e:59:
ca:e5:13:42:ea:d7:da:af:09:70:0f:93:6c:4b:19:
b9:04:44:dd:54:ee:7f:dd:70:d1:6d:19:14:d6:e2:
29:d3:57:5b:12:58:e3:8e:8a:1f:57:68:f8:ea:d5:
0a:45:a4:bb:cc:61:20:9b:2b:9b:8a:81:7d:c3:fb:
ed:b6:d4:68:57:f8:08:27:1f:c0:99:2b:44:3e:0a:
fd:c9:a0:af:d2:ff:fd:ef:00:b1:bc:21:ca:2a:b9:
d0:54:d3:30:fd:7c:58:d6:ab:40:1c:83:e8:c7:52:
2a:9b:16:43:fb:8c:9d:1c:20:81:c7:ba:bf:ce:c4:
8e:cc:b3:4d:3c:68:c9:a1:11:b4:ef:a2:21:47:1e:
3a:41:05:c3:27:d4:93:c8:e1:62:ee:2b:be:84:7f:
51:fd:ab:3f:9a:50:58:11:26:4e:5f:42:31:9e:12:
55:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:72:96:55:EE:88:6D:C7:0C:C0:C1:DD:64:7E:BE:E6:21:5E:D6:8F
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/nnKWVe6IbccMwMHdZH6-5iFe1o8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.84.0/24
89.37.62.0/24
Signature Algorithm: sha256WithRSAEncryption
10:ff:94:c0:b0:66:68:ab:b4:a6:5c:70:e1:02:05:bb:6d:60:
ff:72:96:a0:7b:01:8a:5d:c3:3e:2e:6f:9c:b0:37:e5:83:3d:
97:9b:20:aa:62:b2:44:d4:00:49:07:a2:2b:31:7d:7a:94:24:
24:46:6a:13:69:ce:4f:cc:ab:02:aa:a8:cc:3a:46:b3:fc:26:
19:53:b1:7f:ef:11:2c:6d:31:08:4d:4d:66:9d:9f:cd:bb:b3:
8b:6f:bc:57:a3:74:ec:30:ef:09:92:64:a6:83:ac:70:9f:fd:
88:35:9f:d3:c2:dd:93:89:c9:b4:fe:9b:58:d0:92:56:b0:17:
7b:a6:66:c8:19:2c:a0:e6:0b:f6:64:90:d7:8d:fc:94:01:de:
e2:e8:22:d1:0e:10:8d:32:9e:cb:1e:d0:60:e6:29:dd:5f:43:
d4:f6:d9:6b:0e:b6:ba:7e:13:09:a9:91:ea:30:f3:0a:85:2c:
91:4f:7e:86:69:3b:29:dc:83:9c:82:b8:01:4c:a0:62:da:43:
4d:fe:ae:31:f5:af:af:b3:72:31:af:6f:1a:45:40:70:94:56:
4e:1f:5e:5b:af:70:6e:ea:1f:a1:ff:19:58:95:33:45:d9:44:
09:0d:55:2d:d3:b9:17:75:8f:1b:59:6b:af:da:13:a9:34:b2:
e8:ad:e4:f9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY93+vLaU9BHAmq7DjlkyS4CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwNTE0MTY0MTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTcyOTY1NWVlODg2ZGM3MGNjMGMxZGQ2NDdlYmVlNjIxNWVkNjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxT0OKB660El679e/MN1BQw7du+K8
rviolNZBWXW1XuXJ7Kh8Ov1lyTAGIwkrKTW/P/omsi8rvJtB8kb3SWdGb8An9vb7
MSC0v15AiL6dr8sPSzY6alN/jlnK5RNC6tfarwlwD5NsSxm5BETdVO5/3XDRbRkU
1uIp01dbEljjjoofV2j46tUKRaS7zGEgmyubioF9w/vtttRoV/gIJx/AmStEPgr9
yaCv0v/97wCxvCHKKrnQVNMw/XxY1qtAHIPox1IqmxZD+4ydHCCBx7q/zsSOzLNN
PGjJoRG076IhRx46QQXDJ9STyOFi7iu+hH9R/as/mlBYESZOX0IxnhJVwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ5yllXuiG3HDMDB3WR+vuYhXtaPMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbm5LV1ZlNkliY2NNd01IZFpINi01aUZlMW84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSFUAwQA
WSU+MA0GCSqGSIb3DQEBCwUAA4IBAQAQ/5TAsGZoq7SmXHDhAgW7bWD/cpagewGK
XcM+Lm+csDflgz2XmyCqYrJE1ABJB6IrMX16lCQkRmoTac5PzKsCqqjMOkaz/CYZ
U7F/7xEsbTEITU1mnZ/Nu7OLb7xXo3TsMO8JkmSmg6xwn/2INZ/Twt2Ticm0/ptY
0JJWsBd7pmbIGSyg5gv2ZJDXjfyUAd7i6CLRDhCNMp7LHtBg5indX0PU9tlrDra6
fhMJqZHqMPMKhSyRT36GaTsp3IOcgrgBTKBi2kNN/q4x9a+vs3Ixr28aRUBwlFZO
H15br3Bu6h+h/xlYlTNF2UQJDVUt07kXdY8bWWuv2hOpNLLoreT5
-----END CERTIFICATE-----
Generated at Thu Aug 15 12:59:25 2024 by rpki-client on console-fra.rpki-client.org