Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/onHyQbFVvE2kPwwmwzFGHu8UyWk.roa
File: onHyQbFVvE2kPwwmwzFGHu8UyWk.roa (raw, json)
Hash identifier: 1LrFbrvS9+XYWcmWwzjYct5ydyNl+NTwHYt6jIoUR/0=
Subject key identifier: A2:71:F2:41:B1:55:BC:4D:A4:3F:0C:26:C3:31:46:1E:EF:14:C9:69
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01872D0A68F45752961535E886A24E179540
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/onHyQbFVvE2kPwwmwzFGHu8UyWk.roa
Signing time: Wed 29 Mar 2023 11:04:29 +0000
ROA not before: Wed 29 Mar 2023 11:04:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 91.217.250.0/24 maxlen: 24
91.217.249.0/24 maxlen: 24
45.89.32.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2d:0a:68:f4:57:52:96:15:35:e8:86:a2:4e:17:95:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 29 11:04:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a271f241b155bc4da43f0c26c331461eef14c969
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:65:73:6b:76:5a:3f:de:b4:de:ac:a4:ca:eb:
10:c9:e6:a4:6b:70:90:e4:51:04:b6:f5:c4:9c:78:
cc:93:7d:ec:b2:f2:c0:d6:dc:38:16:11:95:d9:5d:
e6:81:3c:d3:15:98:98:28:68:82:47:19:ec:c8:82:
03:d3:16:83:a1:77:38:e6:00:7e:11:d9:52:13:14:
05:af:e4:8e:90:cc:20:be:95:38:07:67:e3:0f:d2:
f7:67:51:41:f8:0f:d9:12:05:51:57:37:21:8d:71:
a7:29:22:15:01:05:57:33:31:cd:c9:ae:f6:43:14:
0d:4f:bb:2b:9f:7f:eb:90:d6:4d:0e:b8:ed:bd:40:
d9:34:c1:29:1c:94:c9:a6:f8:fb:62:d6:b4:0d:6a:
6a:2a:ef:e0:81:81:32:b3:13:e0:bb:19:2d:b9:ac:
2b:c4:4e:ea:86:02:55:66:9b:e6:51:a8:47:b5:2d:
79:bd:4f:de:0a:ab:67:ca:fd:2a:b0:ce:41:d5:6f:
b2:17:5d:21:76:9c:02:b0:5f:8a:76:ca:b7:b4:47:
ee:e6:b8:4b:24:c3:40:03:1a:31:97:bc:84:62:a5:
1d:55:57:b1:52:07:0c:35:bb:7f:ab:c1:a9:aa:18:
69:80:c2:f3:b7:ba:b6:d9:cf:ac:c7:d5:7a:44:09:
99:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:71:F2:41:B1:55:BC:4D:A4:3F:0C:26:C3:31:46:1E:EF:14:C9:69
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/onHyQbFVvE2kPwwmwzFGHu8UyWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.32.0/22
91.217.249.0-91.217.250.255
Signature Algorithm: sha256WithRSAEncryption
1d:ee:da:63:78:d4:32:8c:f9:64:45:fa:85:88:9d:72:94:39:
48:ef:fe:0e:94:e0:ef:f3:8c:6e:44:3e:9b:49:90:3c:7b:24:
88:e8:0e:e2:1f:14:d3:98:c4:ef:6d:c7:f5:d9:e5:ac:5e:6a:
8c:e6:f7:77:2d:0b:96:3f:d8:4b:90:1e:14:b7:94:3e:5a:5c:
16:7f:06:cc:ba:09:d1:53:03:d5:9a:49:3b:ca:c1:95:d2:00:
d7:c5:e4:7c:2f:74:60:8c:23:d8:cc:c8:ae:c5:c8:87:12:4f:
a3:df:6a:f5:ac:19:7f:c0:8a:2e:fd:33:ce:4f:5c:90:66:1e:
e6:b9:4f:d0:73:ef:97:9f:64:7f:c3:b7:67:2e:a0:03:68:d7:
6f:a7:f4:ee:f5:b6:fa:93:c5:85:8d:f9:8c:9c:23:a4:f6:ba:
ac:fe:1a:98:26:60:2c:ad:0c:d4:b0:1c:f0:b7:f8:59:aa:48:
e0:b8:dc:d3:df:39:b2:92:b8:a3:eb:c5:f4:81:71:82:b6:18:
5d:9c:9b:ce:13:e7:91:f0:76:63:bd:e1:bf:70:9f:4f:ea:60:
2c:14:13:de:dd:6c:ef:f3:35:0c:17:c4:ea:fa:bd:c8:84:18:
4f:e2:76:74:2e:89:3f:de:91:79:b4:4c:06:01:1a:f3:f1:93:
d6:a1:b8:34
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYctCmj0V1KWFTXohqJOF5VAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzI5MTEwNDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjcxZjI0MWIxNTViYzRkYTQzZjBjMjZjMzMxNDYxZWVmMTRjOTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4mVza3ZaP9603qykyusQyeaka3CQ
5FEEtvXEnHjMk33ssvLA1tw4FhGV2V3mgTzTFZiYKGiCRxnsyIID0xaDoXc45gB+
EdlSExQFr+SOkMwgvpU4B2fjD9L3Z1FB+A/ZEgVRVzchjXGnKSIVAQVXMzHNya72
QxQNT7srn3/rkNZNDrjtvUDZNMEpHJTJpvj7Yta0DWpqKu/ggYEysxPguxktuawr
xE7qhgJVZpvmUahHtS15vU/eCqtnyv0qsM5B1W+yF10hdpwCsF+Kdsq3tEfu5rhL
JMNAAxoxl7yEYqUdVVexUgcMNbt/q8GpqhhpgMLzt7q22c+sx9V6RAmZ4QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKJx8kGxVbxNpD8MJsMxRh7vFMlpMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvb25IeVFiRlZ2RTJrUHd3bXd6RkdIdThVeVdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCLVkgMAwD
BABb2fkDBABb2fowDQYJKoZIhvcNAQELBQADggEBAB3u2mN41DKM+WRF+oWInXKU
OUjv/g6U4O/zjG5EPptJkDx7JIjoDuIfFNOYxO9tx/XZ5axeaozm93ctC5Y/2EuQ
HhS3lD5aXBZ/Bsy6CdFTA9WaSTvKwZXSANfF5HwvdGCMI9jMyK7FyIcST6PfavWs
GX/Aii79M85PXJBmHua5T9Bz75efZH/Dt2cuoANo12+n9O71tvqTxYWN+YycI6T2
uqz+GpgmYCytDNSwHPC3+FmqSOC43NPfObKSuKPrxfSBcYK2GF2cm84T55HwdmO9
4b9wn0/qYCwUE97dbO/zNQwXxOr6vciEGE/idnQuiT/ekXm0TAYBGvPxk9ahuDQ=
-----END CERTIFICATE-----
Generated at Thu Jul 27 08:34:13 2023 by rpki-client on console-ams.rpki-client.org