Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qOmSCsEg7amC1CBWARoJfWDWClo.roa
File: qOmSCsEg7amC1CBWARoJfWDWClo.roa (raw, json)
Hash identifier: fKgjH4lw9buSYt4ncpWPqojwV3RGbt2hd90t7V6I+KQ=
Subject key identifier: A8:E9:92:0A:C1:20:ED:A9:82:D4:20:56:01:1A:09:7D:60:D6:0A:5A
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0192FAFA050C5D49E82BB01CE2F8D41D60E5
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qOmSCsEg7amC1CBWARoJfWDWClo.roa
Signing time: Tue 05 Nov 2024 06:19:02 +0000
ROA not before: Tue 05 Nov 2024 06:19:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38195
IP address blocks: 91.217.236.0/24 maxlen: 24
193.84.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Nov 2024 06:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fa:fa:05:0c:5d:49:e8:2b:b0:1c:e2:f8:d4:1d:60:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 5 06:19:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8e9920ac120eda982d42056011a097d60d60a5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e4:e3:c5:21:eb:36:98:da:72:95:21:ef:6b:
86:e9:2b:69:99:81:c9:65:ff:06:dd:7b:7d:25:be:
6b:11:d4:0c:52:f8:be:8f:19:d5:5f:95:9e:07:58:
4f:9f:7e:e6:dc:11:9c:63:66:f4:bb:c7:17:14:82:
6a:40:07:ba:53:47:ab:ad:4c:23:ef:7a:9e:0d:61:
e1:31:e6:a0:6c:db:8c:58:80:62:a9:5d:84:45:90:
17:f5:4b:07:ae:a8:4c:7b:26:19:a7:e1:a4:5c:08:
60:04:b6:2b:1c:f8:b2:00:dc:65:83:2a:22:95:a6:
19:94:46:97:d4:45:d0:55:6d:c0:e0:6d:eb:52:0b:
74:33:8c:e7:22:b0:b0:66:78:45:84:97:43:f3:c6:
a9:a4:d2:9d:64:0f:fd:21:3e:3c:fb:3e:3d:5e:e7:
f7:77:aa:3d:05:77:08:0a:83:90:0c:a5:52:31:84:
22:8e:18:eb:0a:43:fa:41:00:14:21:aa:bf:01:e4:
b6:85:7e:17:00:23:e3:a0:88:38:8f:20:b3:53:54:
21:ea:85:49:3d:47:29:3a:db:99:b2:45:09:2d:5f:
00:1d:a4:57:74:af:29:9f:46:30:50:61:67:89:a8:
a4:7d:5c:f8:da:e4:9a:a2:f5:eb:32:7c:f1:59:09:
13:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:E9:92:0A:C1:20:ED:A9:82:D4:20:56:01:1A:09:7D:60:D6:0A:5A
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qOmSCsEg7amC1CBWARoJfWDWClo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.236.0/24
193.84.132.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:b6:2e:26:2a:81:66:9f:3f:6f:c8:2e:27:d6:eb:a3:d7:fa:
ca:38:00:cd:ac:c7:c3:08:57:33:ce:29:fe:bb:4d:ef:3e:ee:
7c:48:bd:e3:ab:27:99:c1:9e:61:dd:74:6b:72:49:f5:d0:8f:
35:65:ef:3a:97:31:6b:29:82:69:c6:75:2f:10:07:1b:91:63:
11:d1:25:58:51:c9:bf:8c:98:98:6f:d0:e5:61:6c:4f:c6:75:
09:5b:55:17:cd:aa:ad:79:be:18:34:08:8d:b2:a2:19:2f:63:
96:32:dd:3e:e5:03:e0:0a:b3:d3:fe:9b:4a:78:44:b3:56:34:
cd:e2:ff:15:f5:58:84:99:b7:5b:00:12:8e:bb:cc:95:98:fc:
22:22:a4:38:97:9e:27:e2:a7:96:16:65:9e:07:d9:dd:c2:6a:
d3:64:0d:42:9f:d0:0f:10:38:39:71:d2:a8:93:41:04:f1:75:
db:88:07:bb:e6:db:70:34:5b:77:63:aa:60:c3:a4:21:36:47:
04:b7:33:b9:8b:e7:29:a3:48:e4:e0:61:71:a3:20:72:b5:74:
1e:4a:b6:49:94:fe:64:60:94:11:36:74:5f:f5:01:ff:5a:3b:
19:51:a2:1a:94:71:c3:66:5d:ba:62:74:04:b3:a7:b0:7c:1b:
ca:57:26:36
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZL6+gUMXUnoK7Ac4vjUHWDlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQxMTA1MDYxOTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGU5OTIwYWMxMjBlZGE5ODJkNDIwNTYwMTFhMDk3ZDYwZDYwYTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuTjxSHrNpjacpUh72uG6StpmYHJ
Zf8G3Xt9Jb5rEdQMUvi+jxnVX5WeB1hPn37m3BGcY2b0u8cXFIJqQAe6U0errUwj
73qeDWHhMeagbNuMWIBiqV2ERZAX9UsHrqhMeyYZp+GkXAhgBLYrHPiyANxlgyoi
laYZlEaX1EXQVW3A4G3rUgt0M4znIrCwZnhFhJdD88appNKdZA/9IT48+z49Xuf3
d6o9BXcICoOQDKVSMYQijhjrCkP6QQAUIaq/AeS2hX4XACPjoIg4jyCzU1Qh6oVJ
PUcpOtuZskUJLV8AHaRXdK8pn0YwUGFniaikfVz42uSaovXrMnzxWQkT9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKjpkgrBIO2pgtQgVgEaCX1g1gpaMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvcU9tU0NzRWc3YW1DMUNCV0FSb0pmV0RXQ2xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9nsAwQA
wVSEMA0GCSqGSIb3DQEBCwUAA4IBAQAuti4mKoFmnz9vyC4n1uuj1/rKOADNrMfD
CFczzin+u03vPu58SL3jqyeZwZ5h3XRrckn10I81Ze86lzFrKYJpxnUvEAcbkWMR
0SVYUcm/jJiYb9DlYWxPxnUJW1UXzaqteb4YNAiNsqIZL2OWMt0+5QPgCrPT/ptK
eESzVjTN4v8V9ViEmbdbABKOu8yVmPwiIqQ4l54n4qeWFmWeB9ndwmrTZA1Cn9AP
EDg5cdKok0EE8XXbiAe75ttwNFt3Y6pgw6QhNkcEtzO5i+cpo0jk4GFxoyBytXQe
SrZJlP5kYJQRNnRf9QH/WjsZUaIalHHDZl26YnQEs6ewfBvKVyY2
-----END CERTIFICATE-----
Generated at Tue Nov 12 08:27:09 2024 by rpki-client on console-ams.rpki-client.org