Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/3dac73-d7c7-40bb-ab55-95135daf5147/1/OM0GzEt3NdGOE0rvKJJKniAly1Q.roa
File: OM0GzEt3NdGOE0rvKJJKniAly1Q.roa (raw, json)
Hash identifier: w9df7flB1we20UlwbgzdW4owaDO2oNkcl/9/dnJnWxE=
Subject key identifier: 38:CD:06:CC:4B:77:35:D1:8E:13:4A:EF:28:92:4A:9E:20:25:CB:54
Certificate issuer: /CN=5cb90fd62bcc0fe929dae53036fc55e511c54b45
Certificate serial: 01857246CDCA2AC4607BA876715E546ED81A
Authority key identifier: 5C:B9:0F:D6:2B:CC:0F:E9:29:DA:E5:30:36:FC:55:E5:11:C5:4B:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XLkP1ivMD-kp2uUwNvxV5RHFS0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/3dac73-d7c7-40bb-ab55-95135daf5147/1/OM0GzEt3NdGOE0rvKJJKniAly1Q.roa
Signing time: Mon 02 Jan 2023 11:38:40 +0000
ROA not before: Mon 02 Jan 2023 11:38:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50884
IP address blocks: 89.36.37.0/24 maxlen: 24
89.36.72.0/24 maxlen: 24
89.35.27.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:cd:ca:2a:c4:60:7b:a8:76:71:5e:54:6e:d8:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cb90fd62bcc0fe929dae53036fc55e511c54b45
Validity
Not Before: Jan 2 11:38:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38cd06cc4b7735d18e134aef28924a9e2025cb54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:46:ea:aa:e8:2f:59:56:88:ae:28:44:30:37:
67:9d:31:d1:65:78:ed:df:90:4f:92:2f:72:ca:d8:
6d:c4:b7:53:a2:5b:c2:4f:da:de:e9:3f:ee:81:1c:
47:31:b6:1d:38:96:2c:53:8b:90:59:e2:1b:fb:4f:
23:eb:f5:fc:e6:26:44:95:d7:56:80:0f:3e:4a:c2:
36:4e:d2:65:12:a6:46:12:4a:37:f5:b5:90:f3:d5:
48:d6:12:81:28:a6:35:f8:c9:1e:ba:64:67:d2:72:
db:d6:38:47:24:4c:c9:7b:3a:3c:ec:5d:60:f4:fe:
ab:69:e4:0b:d0:0e:d1:8d:0f:bf:1f:f0:7f:01:52:
3a:f1:7f:30:76:a9:87:59:8a:15:32:5e:c5:11:41:
63:b0:77:80:84:ce:9f:ab:e1:42:be:c5:b6:07:a5:
c4:9a:05:66:a2:ac:4b:58:be:f9:1b:6a:ab:31:fa:
0b:09:d5:f8:09:78:43:b6:2f:b8:96:fa:e6:2e:3d:
80:5e:24:fd:ad:36:2b:06:f1:30:9a:6e:08:f0:72:
6d:91:0c:d3:4c:ed:17:da:22:f8:c7:06:6f:77:74:
b5:46:6e:34:73:9c:1c:15:17:c2:f7:25:0e:13:94:
40:2a:1d:a8:8c:46:7a:85:5b:39:ac:0b:b6:9b:38:
19:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:CD:06:CC:4B:77:35:D1:8E:13:4A:EF:28:92:4A:9E:20:25:CB:54
X509v3 Authority Key Identifier:
keyid:5C:B9:0F:D6:2B:CC:0F:E9:29:DA:E5:30:36:FC:55:E5:11:C5:4B:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XLkP1ivMD-kp2uUwNvxV5RHFS0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/3dac73-d7c7-40bb-ab55-95135daf5147/1/OM0GzEt3NdGOE0rvKJJKniAly1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/3dac73-d7c7-40bb-ab55-95135daf5147/1/XLkP1ivMD-kp2uUwNvxV5RHFS0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.27.0/24
89.36.37.0/24
89.36.72.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:34:82:10:46:9a:9c:ba:3c:53:f6:73:b8:b8:4a:49:79:40:
4c:31:63:be:fb:29:74:8f:db:df:59:cd:22:17:77:3f:9d:a7:
15:71:32:48:1b:7e:83:89:9b:c5:98:83:85:07:c8:eb:41:68:
18:d3:9e:93:4a:00:c8:5c:62:18:f5:82:d6:e2:9b:0a:bd:a3:
2d:10:2f:5e:2a:ec:dd:50:33:84:92:80:58:43:02:0b:a5:c1:
e6:ad:27:ba:08:f8:c9:37:b2:4d:f2:7f:fb:41:22:8f:90:84:
72:58:50:9b:3d:2d:10:6e:9e:77:73:fd:7a:9b:f1:64:9a:3b:
59:b0:dc:18:5a:9d:73:ce:31:87:40:e5:66:5a:a6:ec:1a:f6:
b1:f5:96:c2:b2:11:24:9a:cc:d8:7a:5e:16:70:52:a0:61:b6:
74:83:91:be:6b:f1:f2:43:b3:98:b1:08:c7:dc:fc:76:a6:79:
9a:8e:bc:a3:c3:31:6d:24:c6:60:d3:a0:96:4a:14:ee:54:f0:
12:a3:d2:2f:2d:ed:04:e2:f9:b2:97:da:8d:8d:07:19:27:10:
99:32:8d:66:63:1c:ad:ee:ab:a1:d0:44:81:31:18:ae:08:16:
17:71:28:fc:ae:43:2d:d9:ce:9a:61:ea:6e:bd:7f:fa:95:5e:
34:78:ea:1c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyRs3KKsRge6h2cV5UbtgaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYjkwZmQ2MmJjYzBmZTkyOWRhZTUzMDM2ZmM1NWU1MTFj
NTRiNDUwHhcNMjMwMTAyMTEzODQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGNkMDZjYzRiNzczNWQxOGUxMzRhZWYyODkyNGE5ZTIwMjVjYjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUbqqugvWVaIrihEMDdnnTHRZXjt
35BPki9yythtxLdTolvCT9re6T/ugRxHMbYdOJYsU4uQWeIb+08j6/X85iZElddW
gA8+SsI2TtJlEqZGEko39bWQ89VI1hKBKKY1+MkeumRn0nLb1jhHJEzJezo87F1g
9P6raeQL0A7RjQ+/H/B/AVI68X8wdqmHWYoVMl7FEUFjsHeAhM6fq+FCvsW2B6XE
mgVmoqxLWL75G2qrMfoLCdX4CXhDti+4lvrmLj2AXiT9rTYrBvEwmm4I8HJtkQzT
TO0X2iL4xwZvd3S1Rm40c5wcFRfC9yUOE5RAKh2ojEZ6hVs5rAu2mzgZQQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDjNBsxLdzXRjhNK7yiSSp4gJctUMB8GA1UdIwQY
MBaAFFy5D9YrzA/pKdrlMDb8VeURxUtFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWExrUDFpdk1ELWtwMnVVd052eFY1UkhGUzBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8zZGFjNzMtZDdjNy00MGJiLWFiNTUt
OTUxMzVkYWY1MTQ3LzEvT00wR3pFdDNOZEdPRTBydktKSktuaUFseTFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8zZGFjNzMtZDdjNy00MGJiLWFiNTUtOTUxMzVkYWY1MTQ3
LzEvWExrUDFpdk1ELWtwMnVVd052eFY1UkhGUzBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSMbAwQA
WSQlAwQAWSRIMA0GCSqGSIb3DQEBCwUAA4IBAQBONIIQRpqcujxT9nO4uEpJeUBM
MWO++yl0j9vfWc0iF3c/nacVcTJIG36DiZvFmIOFB8jrQWgY056TSgDIXGIY9YLW
4psKvaMtEC9eKuzdUDOEkoBYQwILpcHmrSe6CPjJN7JN8n/7QSKPkIRyWFCbPS0Q
bp53c/16m/FkmjtZsNwYWp1zzjGHQOVmWqbsGvax9ZbCshEkmszYel4WcFKgYbZ0
g5G+a/HyQ7OYsQjH3Px2pnmajryjwzFtJMZg06CWShTuVPASo9IvLe0E4vmyl9qN
jQcZJxCZMo1mYxyt7quh0ESBMRiuCBYXcSj8rkMt2c6aYepuvX/6lV40eOoc
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:09:39 2024 by rpki-client on console.sobornost.net