Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qwPp_DFwUn9ca62GkrA7CGGt_2g.roa
File: qwPp_DFwUn9ca62GkrA7CGGt_2g.roa (raw, json)
Hash identifier: J1w+G7UCDv0igq1JY0PIh94WVKFH526xeEeU1Z5p2sE=
Subject key identifier: AB:03:E9:FC:31:70:52:7F:5C:6B:AD:86:92:B0:3B:08:61:AD:FF:68
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0189EE29B7376499F709A3AD0B70ACDCDC89
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qwPp_DFwUn9ca62GkrA7CGGt_2g.roa
Signing time: Sun 13 Aug 2023 09:10:58 +0000
ROA not before: Sun 13 Aug 2023 09:10:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203394
IP address blocks: 89.35.154.0/24 maxlen: 24
188.241.243.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ee:29:b7:37:64:99:f7:09:a3:ad:0b:70:ac:dc:dc:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 13 09:10:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab03e9fc3170527f5c6bad8692b03b0861adff68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:bd:81:36:48:21:03:0f:44:c4:30:eb:07:14:
58:de:71:90:3a:f2:58:66:f2:2b:c3:ab:e0:42:97:
47:66:12:f2:47:0a:3c:a2:b2:8e:41:8f:25:e5:42:
af:bd:5d:bc:54:5d:43:4c:2f:28:b4:aa:9e:18:0f:
d3:3c:dc:36:a5:a3:ba:67:74:c0:d0:47:61:2f:f5:
73:d7:69:a6:50:84:11:e7:c2:ca:66:0b:4c:44:e3:
e6:24:20:9e:17:79:4a:59:e5:e8:a8:57:e2:ac:f0:
b7:e8:71:e7:0b:aa:af:aa:33:8d:c5:72:ad:e0:ef:
20:19:6f:4c:74:f7:16:2f:59:6a:f0:3b:88:84:65:
19:b3:9e:27:44:da:50:6c:54:58:8f:c8:57:1a:00:
1d:52:54:c2:f3:36:77:dc:ce:3d:cf:2e:78:13:36:
15:3c:3c:6c:ac:b3:7e:9a:61:81:b6:a8:4e:41:9d:
2d:e2:e7:81:b9:28:a2:8c:f4:6a:4f:89:74:b4:11:
b9:3a:ad:69:6b:9c:a3:c5:fa:41:3e:99:2f:38:da:
34:db:9c:89:d6:cb:7d:f0:18:76:97:c5:77:1e:f9:
4e:7d:25:ae:4d:4f:dc:ba:12:64:23:54:0d:29:24:
3c:42:a4:9e:f2:2e:11:45:b0:09:5f:3b:d4:cc:5f:
84:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:03:E9:FC:31:70:52:7F:5C:6B:AD:86:92:B0:3B:08:61:AD:FF:68
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qwPp_DFwUn9ca62GkrA7CGGt_2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.154.0/24
188.240.232.0/24
188.241.243.0/24
Signature Algorithm: sha256WithRSAEncryption
84:69:1a:65:bd:53:5f:c9:75:29:f8:b1:52:0d:79:cc:22:3c:
c1:f8:7b:45:4e:c9:88:cb:00:03:ad:24:c5:19:90:5d:44:b2:
1e:9a:76:b0:b5:7d:81:20:37:f7:e8:1d:48:10:9a:e8:04:2f:
f0:fb:ad:a9:22:d9:ff:0c:73:a0:47:fe:6d:14:85:21:1d:f4:
85:4d:c8:e3:62:5c:ac:e6:82:a1:27:45:22:55:a9:3c:7e:68:
99:59:d9:c9:12:f4:bc:c1:e7:b7:3e:c1:3f:24:02:97:d6:50:
f5:46:f1:4f:c3:00:28:07:79:d3:d1:27:3b:09:ce:e5:6b:04:
80:d1:55:68:51:ed:9b:64:29:83:f6:be:ef:47:42:8d:d6:fd:
ea:89:ad:c2:63:48:5d:17:36:4e:94:0e:61:e9:3d:ed:15:a2:
22:8a:a7:16:8c:d4:2b:b5:94:e6:c3:48:0e:33:dd:e2:63:66:
00:10:cf:00:75:60:74:ee:b4:3b:88:67:4c:a0:92:25:f1:d3:
ac:e0:aa:4c:e5:90:59:f5:15:c3:91:85:c8:10:b4:f6:a7:c1:
68:90:9f:e4:a0:b8:ae:94:e8:9c:da:96:b6:cd:54:78:01:17:
f5:34:7a:66:f8:4f:fd:0b:5a:d9:b3:cf:31:49:0e:35:b1:54:
5f:e8:0d:e2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYnuKbc3ZJn3CaOtC3Cs3NyJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwODEzMDkxMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjAzZTlmYzMxNzA1MjdmNWM2YmFkODY5MmIwM2IwODYxYWRmZjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgL2BNkghAw9ExDDrBxRY3nGQOvJY
ZvIrw6vgQpdHZhLyRwo8orKOQY8l5UKvvV28VF1DTC8otKqeGA/TPNw2paO6Z3TA
0EdhL/Vz12mmUIQR58LKZgtMROPmJCCeF3lKWeXoqFfirPC36HHnC6qvqjONxXKt
4O8gGW9MdPcWL1lq8DuIhGUZs54nRNpQbFRYj8hXGgAdUlTC8zZ33M49zy54EzYV
PDxsrLN+mmGBtqhOQZ0t4ueBuSiijPRqT4l0tBG5Oq1pa5yjxfpBPpkvONo025yJ
1st98Bh2l8V3HvlOfSWuTU/cuhJkI1QNKSQ8QqSe8i4RRbAJXzvUzF+EpwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKsD6fwxcFJ/XGuthpKwOwhhrf9oMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvcXdQcF9ERndVbjljYTYyR2tyQTdDR0d0XzJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSOaAwQA
vPDoAwQAvPHzMA0GCSqGSIb3DQEBCwUAA4IBAQCEaRplvVNfyXUp+LFSDXnMIjzB
+HtFTsmIywADrSTFGZBdRLIemnawtX2BIDf36B1IEJroBC/w+62pItn/DHOgR/5t
FIUhHfSFTcjjYlys5oKhJ0UiVak8fmiZWdnJEvS8wee3PsE/JAKX1lD1RvFPwwAo
B3nT0Sc7Cc7lawSA0VVoUe2bZCmD9r7vR0KN1v3qia3CY0hdFzZOlA5h6T3tFaIi
iqcWjNQrtZTmw0gOM93iY2YAEM8AdWB07rQ7iGdMoJIl8dOs4KpM5ZBZ9RXDkYXI
ELT2p8FokJ/koLiulOic2pa2zVR4ARf1NHpm+E/9C1rZs88xSQ41sVRf6A3i
-----END CERTIFICATE-----
Generated at Sat Aug 19 13:39:58 2023 by rpki-client on console-ams.rpki-client.org