Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/NipQJTfDhCvEBeYRdvxruBwQW1g.roa
File: NipQJTfDhCvEBeYRdvxruBwQW1g.roa (raw, json)
Hash identifier: pnx2rs9wBIGrt+LYXO/fu2+mQ5VqIQSrsika+xvVjtE=
Subject key identifier: 36:2A:50:25:37:C3:84:2B:C4:05:E6:11:76:FC:6B:B8:1C:10:5B:58
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018595B31CD81C5ECC75A4A6EF8ED8EDFEB4
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/NipQJTfDhCvEBeYRdvxruBwQW1g.roa
Signing time: Mon 09 Jan 2023 08:43:41 +0000
ROA not before: Mon 09 Jan 2023 08:43:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211237
IP address blocks: 89.42.29.0/24 maxlen: 24
91.250.244.0/24 maxlen: 24
89.37.128.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:95:b3:1c:d8:1c:5e:cc:75:a4:a6:ef:8e:d8:ed:fe:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jan 9 08:43:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=362a502537c3842bc405e61176fc6bb81c105b58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c1:83:e8:e6:87:d7:ac:e3:08:d5:b4:6c:0f:
92:6d:a7:65:4d:3c:24:a9:f4:9a:2f:91:04:2d:f1:
ae:db:59:30:6f:2b:79:f3:fc:f0:43:30:fe:f0:88:
25:d0:94:f6:09:0b:d5:ec:06:6b:2e:88:70:29:61:
af:85:7a:c4:d0:ce:37:44:ef:01:1e:8e:89:bd:37:
6b:c1:ea:80:75:12:6b:f5:f8:7b:c4:3e:8f:64:33:
35:79:96:88:20:55:8e:a4:4a:e7:66:7a:b8:e7:b3:
b5:be:59:ce:f8:bc:1c:55:2d:9e:79:a9:a8:bc:c3:
5e:e4:de:e6:91:ea:59:57:96:d6:53:80:22:4a:1f:
c8:68:f0:34:a6:48:df:27:82:2d:5a:ac:4a:fa:b5:
2d:65:87:f2:dd:26:c5:dd:c4:60:7a:e0:aa:77:c8:
f2:9c:c6:93:7e:81:76:50:f3:59:82:5c:eb:17:24:
b7:ae:66:1a:8b:ae:d8:b1:d7:7a:48:17:4b:9f:35:
ca:6a:6a:ce:01:ce:71:9e:6f:19:7d:9a:3a:83:fe:
f2:28:14:e8:a6:eb:cc:7e:fb:b1:be:09:f6:ea:ea:
71:5e:22:54:97:ea:64:d5:f2:67:32:da:a5:ba:a8:
97:4c:51:5d:24:5c:7c:cd:4d:1b:b5:02:d9:40:e1:
57:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:2A:50:25:37:C3:84:2B:C4:05:E6:11:76:FC:6B:B8:1C:10:5B:58
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/NipQJTfDhCvEBeYRdvxruBwQW1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.128.0/24
89.42.29.0/24
91.250.244.0/24
Signature Algorithm: sha256WithRSAEncryption
94:a3:cd:72:3c:74:58:c1:c4:8f:67:f3:25:75:74:c3:a8:c0:
1b:37:64:75:4a:0f:a7:8d:91:79:a4:f3:27:d5:b9:f9:e1:f9:
4d:ba:69:74:31:47:4d:c8:d8:fc:ef:6a:6d:a3:10:74:b2:4d:
c1:e0:42:ce:2b:71:15:1e:7b:12:30:65:da:af:98:9b:e0:41:
b7:8d:71:08:52:a2:3b:ea:34:4b:c6:85:08:62:93:d5:c7:09:
85:53:81:80:32:25:03:cf:d1:88:cc:53:08:a7:96:2a:3f:c4:
67:41:0a:fa:f5:09:dd:b9:20:94:6a:5a:0a:74:d3:14:63:74:
13:e3:13:2b:81:ce:60:4c:7e:11:49:cb:62:0e:78:57:21:d3:
77:98:87:d8:3b:b6:bc:a7:71:8b:4e:30:4c:54:8e:91:72:5a:
22:1a:27:f2:5c:9a:5d:3a:f1:a2:20:d4:ae:db:4b:c3:88:2a:
e3:84:0a:d1:10:32:85:31:54:da:4f:72:fc:54:36:9a:a6:bb:
d6:b6:27:25:1b:d7:79:8a:b3:66:68:53:74:f0:8d:f5:df:02:
1e:cf:33:04:60:43:8c:7a:a7:3e:f2:2b:53:40:34:7f:cb:77:
e8:07:fe:67:35:83:d0:f5:9d:75:72:ea:0f:d3:52:12:30:de:
78:78:61:32
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYWVsxzYHF7MdaSm747Y7f60MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwMTA5MDg0MzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjJhNTAyNTM3YzM4NDJiYzQwNWU2MTE3NmZjNmJiODFjMTA1YjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMGD6OaH16zjCNW0bA+SbadlTTwk
qfSaL5EELfGu21kwbyt58/zwQzD+8Igl0JT2CQvV7AZrLohwKWGvhXrE0M43RO8B
Ho6JvTdrweqAdRJr9fh7xD6PZDM1eZaIIFWOpErnZnq457O1vlnO+LwcVS2eeamo
vMNe5N7mkepZV5bWU4AiSh/IaPA0pkjfJ4ItWqxK+rUtZYfy3SbF3cRgeuCqd8jy
nMaTfoF2UPNZglzrFyS3rmYai67Ysdd6SBdLnzXKamrOAc5xnm8ZfZo6g/7yKBTo
puvMfvuxvgn26upxXiJUl+pk1fJnMtqluqiXTFFdJFx8zU0btQLZQOFX0wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDYqUCU3w4QrxAXmEXb8a7gcEFtYMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvTmlwUUpUZkRoQ3ZFQmVZUmR2eHJ1QndRVzFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSWAAwQA
WSodAwQAW/r0MA0GCSqGSIb3DQEBCwUAA4IBAQCUo81yPHRYwcSPZ/MldXTDqMAb
N2R1Sg+njZF5pPMn1bn54flNuml0MUdNyNj872ptoxB0sk3B4ELOK3EVHnsSMGXa
r5ib4EG3jXEIUqI76jRLxoUIYpPVxwmFU4GAMiUDz9GIzFMIp5YqP8RnQQr69Qnd
uSCUaloKdNMUY3QT4xMrgc5gTH4RSctiDnhXIdN3mIfYO7a8p3GLTjBMVI6Rcloi
GifyXJpdOvGiINSu20vDiCrjhArREDKFMVTaT3L8VDaaprvWticlG9d5irNmaFN0
8I313wIezzMEYEOMeqc+8itTQDR/y3foB/5nNYPQ9Z11cuoP01ISMN54eGEy
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:04 2023 by rpki-client on console-fra.rpki-client.org