Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/vMsPmVYA8bUazje2BFhhSRX8rew.roa
File: vMsPmVYA8bUazje2BFhhSRX8rew.roa (raw, json)
Hash identifier: Ft5NraYk8K0EiaDyzzvIDoaf+7yIzU6qAyPbEssGnB4=
Subject key identifier: BC:CB:0F:99:56:00:F1:B5:1A:CE:37:B6:04:58:61:49:15:FC:AD:EC
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018A936034F581B854DEF67013CEE27832F9
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/vMsPmVYA8bUazje2BFhhSRX8rew.roa
Signing time: Thu 14 Sep 2023 11:07:50 +0000
ROA not before: Thu 14 Sep 2023 11:07:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 89.35.155.0/24 maxlen: 24
188.240.68.0/24 maxlen: 24
45.156.159.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:93:60:34:f5:81:b8:54:de:f6:70:13:ce:e2:78:32:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Sep 14 11:07:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bccb0f995600f1b51ace37b60458614915fcadec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7f:38:7f:b6:cc:46:4f:b2:d0:ed:a7:9e:3c:
4e:5d:3e:da:d7:e3:39:13:c1:e0:6b:d7:dd:30:1b:
8c:d8:40:f6:88:4f:79:42:c0:66:4c:63:e2:fc:9a:
da:65:40:3e:18:c3:fc:2c:e5:eb:cb:33:e0:3a:19:
8b:30:b3:6d:70:67:65:ef:38:4b:bc:d6:5c:5d:e8:
3f:c3:29:3e:a4:8f:cb:c7:9c:c9:8e:99:d6:b6:a1:
30:e2:1e:a6:49:bb:ac:91:6e:43:17:25:93:35:19:
15:70:db:05:bc:c8:f3:e9:a9:f1:bb:f6:7c:e1:d8:
3b:48:7c:0d:ee:c9:70:08:91:c5:40:a1:eb:21:82:
23:6a:e9:b5:5a:cf:44:85:46:e1:67:c7:65:52:6e:
c0:b8:e1:23:d3:5f:19:19:0c:d1:22:ce:e4:2e:67:
a5:41:06:3b:0a:10:72:54:38:e9:0f:b2:a1:50:fd:
bf:6c:0b:a2:ec:07:01:5d:9a:35:95:d7:99:b3:aa:
a1:b2:06:02:c9:ca:aa:47:84:e2:ee:bc:40:77:b2:
dc:3b:f3:62:f8:cf:a6:18:37:79:a7:b5:82:43:d2:
1e:48:86:ec:be:aa:19:c6:79:63:63:93:05:9f:9a:
43:74:d6:d7:24:a2:d9:67:62:fd:ef:df:8a:64:f3:
60:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:CB:0F:99:56:00:F1:B5:1A:CE:37:B6:04:58:61:49:15:FC:AD:EC
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/vMsPmVYA8bUazje2BFhhSRX8rew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.159.0/24
89.33.84.0/24
89.35.155.0/24
188.240.68.0/24
Signature Algorithm: sha256WithRSAEncryption
47:19:16:45:d7:2b:a3:ed:a2:42:31:27:f8:ae:00:1b:a9:57:
7a:2d:6e:1c:1d:1b:f4:19:61:08:97:34:48:97:a6:a5:b0:01:
96:0e:28:91:fd:bc:5c:8f:6d:0e:f3:a7:74:b5:8c:df:7d:4d:
28:a6:74:c3:de:12:5b:c5:f1:78:cd:cb:14:10:de:0a:c7:14:
f4:67:77:7c:39:3a:61:b7:e7:61:9b:76:57:fa:d0:78:2d:2c:
85:d8:98:67:8e:40:54:99:0f:19:3e:d4:0f:dd:57:4b:58:4c:
75:62:59:a8:67:7b:9f:8e:1c:42:f8:72:01:4a:d3:66:e3:4e:
31:c8:5f:b1:8e:b7:ec:a2:5a:c1:5e:09:4b:45:1b:c9:70:4c:
14:5a:9b:6d:0b:33:f1:08:c6:36:58:13:86:60:66:41:57:9a:
12:54:5d:e3:0d:1d:f5:f3:42:00:8a:50:3d:87:56:92:41:1e:
0e:42:fc:1a:9a:c9:d7:0e:e6:75:8b:aa:06:72:ee:cf:96:a6:
55:57:39:21:5d:43:81:d5:a2:04:f0:e3:64:02:48:d8:b3:0f:
93:f3:7f:41:42:cb:ac:c8:75:64:94:ab:04:c1:46:24:33:a2:
b6:25:13:1c:13:1a:12:5d:9d:32:ce:c7:aa:32:0e:88:9e:29:
96:1a:cf:ca
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYqTYDT1gbhU3vZwE87ieDL5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwOTE0MTEwNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2NiMGY5OTU2MDBmMWI1MWFjZTM3YjYwNDU4NjE0OTE1ZmNhZGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo384f7bMRk+y0O2nnjxOXT7a1+M5
E8Hga9fdMBuM2ED2iE95QsBmTGPi/JraZUA+GMP8LOXryzPgOhmLMLNtcGdl7zhL
vNZcXeg/wyk+pI/Lx5zJjpnWtqEw4h6mSbuskW5DFyWTNRkVcNsFvMjz6anxu/Z8
4dg7SHwN7slwCJHFQKHrIYIjaum1Ws9EhUbhZ8dlUm7AuOEj018ZGQzRIs7kLmel
QQY7ChByVDjpD7KhUP2/bAui7AcBXZo1ldeZs6qhsgYCycqqR4Ti7rxAd7LcO/Ni
+M+mGDd5p7WCQ9IeSIbsvqoZxnljY5MFn5pDdNbXJKLZZ2L979+KZPNgfwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLzLD5lWAPG1Gs43tgRYYUkV/K3sMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdk1zUG1WWUE4YlVhemplMkJGaGhTUlg4cmV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZyfAwQA
WSFUAwQAWSObAwQAvPBEMA0GCSqGSIb3DQEBCwUAA4IBAQBHGRZF1yuj7aJCMSf4
rgAbqVd6LW4cHRv0GWEIlzRIl6alsAGWDiiR/bxcj20O86d0tYzffU0opnTD3hJb
xfF4zcsUEN4KxxT0Z3d8OTpht+dhm3ZX+tB4LSyF2JhnjkBUmQ8ZPtQP3VdLWEx1
YlmoZ3ufjhxC+HIBStNm404xyF+xjrfsolrBXglLRRvJcEwUWpttCzPxCMY2WBOG
YGZBV5oSVF3jDR3180IAilA9h1aSQR4OQvwamsnXDuZ1i6oGcu7PlqZVVzkhXUOB
1aIE8ONkAkjYsw+T839BQsusyHVklKsEwUYkM6K2JRMcExoSXZ0yzseqMg6InimW
Gs/K
-----END CERTIFICATE-----
Generated at Mon Oct 2 18:54:24 2023 by rpki-client on console-ams.rpki-client.org