Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/hW3O20TNysAvTZOpdM8vUVRdRHc.roa
File: hW3O20TNysAvTZOpdM8vUVRdRHc.roa (raw, json)
Hash identifier: LV+rnJf25qgC/8RVYSkHjybGpgqzd7r+0qatxwfG2OI=
Subject key identifier: 85:6D:CE:DB:44:CD:CA:C0:2F:4D:93:A9:74:CF:2F:51:54:5D:44:77
Certificate issuer: /CN=b32ee2b39712377b4bfec9e66ac7e6e908efceec
Certificate serial: 018E41873B4321083034048AD312727355DA
Authority key identifier: B3:2E:E2:B3:97:12:37:7B:4B:FE:C9:E6:6A:C7:E6:E9:08:EF:CE:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/hW3O20TNysAvTZOpdM8vUVRdRHc.roa
Signing time: Fri 15 Mar 2024 09:52:45 +0000
ROA not before: Fri 15 Mar 2024 09:52:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60175
IP address blocks: 89.63.0.0/16 maxlen: 24
185.35.12.0/22 maxlen: 22
2a00:dca0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 26 Apr 2024 06:56:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:41:87:3b:43:21:08:30:34:04:8a:d3:12:72:73:55:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32ee2b39712377b4bfec9e66ac7e6e908efceec
Validity
Not Before: Mar 15 09:52:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=856dcedb44cdcac02f4d93a974cf2f51545d4477
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1a:24:64:8b:7d:64:95:95:3c:d2:54:cd:6d:
64:4f:b4:0b:c3:47:8a:d0:35:3d:24:68:22:39:06:
66:2b:70:8f:e4:ed:5e:ee:25:44:cb:13:f2:77:58:
bc:5c:9f:c3:88:f1:75:f6:20:00:d0:45:a1:1a:f5:
5b:9e:35:39:35:01:ea:53:e0:4c:80:03:a2:c5:b0:
97:49:25:2d:ba:1b:d0:e6:47:06:33:4e:12:b6:da:
f4:27:68:d6:f7:3f:80:2e:c6:ae:c2:95:be:e1:b0:
f5:24:f4:eb:d7:9d:c5:1a:8d:ec:6e:d0:8d:41:17:
0d:9c:79:62:f1:d2:4a:58:6f:28:2c:4e:da:c1:3d:
40:72:0e:96:87:b9:86:05:23:29:a9:48:4a:ea:ea:
cf:06:24:bb:92:72:23:06:66:45:93:b3:e5:c2:56:
5d:f6:36:4b:32:41:9b:31:6b:8e:25:62:e5:e3:53:
50:60:a3:17:53:9f:4a:d5:cc:b8:c6:dc:85:4a:15:
a4:08:9e:05:8d:c3:31:c2:a5:75:2b:13:67:b4:d3:
d1:17:77:08:83:84:a2:b3:0c:52:77:d2:65:80:76:
1a:da:28:d8:9f:79:08:8f:0e:ed:1f:b5:18:76:bb:
d6:5c:ac:be:3b:b5:00:03:09:2f:7e:6a:00:ff:29:
c4:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:6D:CE:DB:44:CD:CA:C0:2F:4D:93:A9:74:CF:2F:51:54:5D:44:77
X509v3 Authority Key Identifier:
keyid:B3:2E:E2:B3:97:12:37:7B:4B:FE:C9:E6:6A:C7:E6:E9:08:EF:CE:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/hW3O20TNysAvTZOpdM8vUVRdRHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/sy7is5cSN3tL_snmasfm6Qjvzuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.63.0.0/16
185.35.12.0/22
IPv6:
2a00:dca0::/29
Signature Algorithm: sha256WithRSAEncryption
3f:2a:fa:bf:87:33:65:49:20:f0:28:90:a6:71:0a:af:1f:60:
73:03:17:ca:8f:e8:f1:38:c3:7b:5f:4a:c6:a1:40:41:f8:93:
b3:fb:31:e2:aa:4a:e6:4b:05:11:52:f5:2a:3a:0b:88:f9:4c:
af:c7:7b:ef:21:17:bf:a0:eb:38:2b:a0:26:56:6e:b4:37:a7:
d2:c5:dc:48:29:da:46:cf:09:3c:e1:fd:f5:97:b4:a0:9d:de:
87:e6:73:b6:94:a8:9b:17:ba:2b:80:e5:1b:27:67:0b:1a:be:
d2:03:7a:e2:54:ac:8e:5b:18:24:59:9c:85:5e:04:bc:da:77:
68:7b:0e:4a:94:3c:45:1c:4a:07:57:07:c9:dd:7e:87:7f:a0:
15:f5:f2:af:0b:b8:4b:f7:10:50:51:32:f4:72:f2:f5:83:ef:
2a:40:a6:bb:ab:fa:dd:b9:af:40:25:37:fd:6c:6c:ba:6f:c0:
d3:bc:9d:72:28:17:1c:77:f7:d5:59:f8:01:03:0b:c6:d9:e5:
ca:d5:7f:0b:ab:4c:65:23:af:86:6b:55:0f:7a:21:20:26:c9:
37:6f:7f:38:67:1d:a0:70:19:2f:9f:bd:70:25:ec:6d:89:27:
6e:74:20:46:0b:9a:89:27:ba:a7:89:43:df:18:19:0c:cf:af:
0f:15:62:c3
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY5BhztDIQgwNASK0xJyc1XaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmVlMmIzOTcxMjM3N2I0YmZlYzllNjZhYzdlNmU5MDhl
ZmNlZWMwHhcNMjQwMzE1MDk1MjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTZkY2VkYjQ0Y2RjYWMwMmY0ZDkzYTk3NGNmMmY1MTU0NWQ0NDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhokZIt9ZJWVPNJUzW1kT7QLw0eK
0DU9JGgiOQZmK3CP5O1e7iVEyxPyd1i8XJ/DiPF19iAA0EWhGvVbnjU5NQHqU+BM
gAOixbCXSSUtuhvQ5kcGM04Sttr0J2jW9z+ALsauwpW+4bD1JPTr153FGo3sbtCN
QRcNnHli8dJKWG8oLE7awT1Acg6Wh7mGBSMpqUhK6urPBiS7knIjBmZFk7PlwlZd
9jZLMkGbMWuOJWLl41NQYKMXU59K1cy4xtyFShWkCJ4FjcMxwqV1KxNntNPRF3cI
g4SiswxSd9JlgHYa2ijYn3kIjw7tH7UYdrvWXKy+O7UAAwkvfmoA/ynEQQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIVtzttEzcrAL02TqXTPL1FUXUR3MB8GA1UdIwQY
MBaAFLMu4rOXEjd7S/7J5mrH5ukI787sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3k3aXM1Y1NOM3RMX3NubWFzZm02UWp2enV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9kZmE1MWItNDZhYS00MDg0LWEzNDMt
ZjAxNmNhNWRhMjE5LzEvaFczTzIwVE55c0F2VFpPcGRNOHZVVlJkUkhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9kZmE1MWItNDZhYS00MDg0LWEzNDMtZjAxNmNhNWRhMjE5
LzEvc3k3aXM1Y1NOM3RMX3NubWFzZm02UWp2enV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjARBAIAATALAwMAWT8DBAK5
IwwwDQQCAAIwBwMFAyoA3KAwDQYJKoZIhvcNAQELBQADggEBAD8q+r+HM2VJIPAo
kKZxCq8fYHMDF8qP6PE4w3tfSsahQEH4k7P7MeKqSuZLBRFS9So6C4j5TK/He+8h
F7+g6zgroCZWbrQ3p9LF3Egp2kbPCTzh/fWXtKCd3ofmc7aUqJsXuiuA5RsnZwsa
vtIDeuJUrI5bGCRZnIVeBLzad2h7DkqUPEUcSgdXB8ndfod/oBX18q8LuEv3EFBR
MvRy8vWD7ypAprur+t25r0AlN/1sbLpvwNO8nXIoFxx399VZ+AEDC8bZ5crVfwur
TGUjr4ZrVQ96ISAmyTdvfzhnHaBwGS+fvXAl7G2JJ250IEYLmoknuqeJQ98YGQzP
rw8VYsM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:14 2024 by rpki-client on console-ams.rpki-client.org