Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/W74TbbwbfMyCtQmiP2WQWifid2Q.roa
File: W74TbbwbfMyCtQmiP2WQWifid2Q.roa (raw, json)
Hash identifier: 980zrjnLVnv6fnpaDgke6F/4WpiXn8GGajy2252rD/8=
Subject key identifier: 5B:BE:13:6D:BC:1B:7C:CC:82:B5:09:A2:3F:65:90:5A:27:E2:77:64
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 01856D0ACCDEAEEF85C57CD9711D75986010
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/W74TbbwbfMyCtQmiP2WQWifid2Q.roa
Signing time: Sun 01 Jan 2023 11:15:02 +0000
ROA not before: Sun 01 Jan 2023 11:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20776
IP address blocks: 212.198.242.0/23 maxlen: 24
212.198.254.0/23 maxlen: 24
89.157.88.0/21 maxlen: 24
89.157.96.0/19 maxlen: 24
89.3.240.0/21 maxlen: 21
89.3.248.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:cc:de:ae:ef:85:c5:7c:d9:71:1d:75:98:60:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 1 11:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5bbe136dbc1b7ccc82b509a23f65905a27e27764
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:58:46:d0:fc:c9:2a:aa:31:d1:33:42:d4:7c:
af:b3:00:77:de:86:12:ba:98:7f:0c:2d:e8:b8:3d:
d3:c7:55:d5:22:48:33:ef:4d:88:28:c5:2d:11:be:
8c:f6:f9:18:84:af:2b:1b:87:89:42:05:90:7c:16:
08:73:49:52:92:23:43:34:c4:4f:72:7c:76:de:7e:
c5:c8:6c:f5:05:df:68:f3:2c:05:47:a4:b4:b7:b2:
3d:1b:de:7f:2b:9b:ff:ab:f5:b9:3a:a6:b8:ca:9d:
8d:57:11:29:83:1e:e6:95:75:4e:23:b7:e1:71:c3:
71:e5:a2:55:4c:aa:d7:ea:e7:95:b3:be:f2:cb:4b:
d7:e3:7b:ab:86:b5:af:45:6c:c4:1e:ba:da:6e:ba:
21:6c:f6:78:be:f9:37:fe:68:4b:e8:04:c1:34:4b:
b9:96:6b:36:3d:c7:53:81:61:5f:01:31:3c:b4:66:
b6:1e:af:35:63:57:f1:ea:0b:55:ba:a6:e0:f7:cf:
58:64:cc:38:60:2a:fd:d3:74:50:bd:45:82:67:4d:
d3:1c:24:9e:5b:fa:79:ee:88:f5:6a:24:9f:e6:37:
2f:ab:bb:6a:41:24:f8:e6:2b:e4:8d:4d:52:22:88:
7c:0f:91:03:a2:0a:9e:05:99:ae:a6:29:e3:36:21:
e9:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:BE:13:6D:BC:1B:7C:CC:82:B5:09:A2:3F:65:90:5A:27:E2:77:64
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/W74TbbwbfMyCtQmiP2WQWifid2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.3.240.0/20
89.157.88.0-89.157.127.255
212.198.242.0/23
212.198.254.0/23
Signature Algorithm: sha256WithRSAEncryption
14:c7:44:74:36:10:85:31:7d:c9:b3:c6:b8:27:35:ef:bd:0c:
e8:94:99:ea:ed:6b:e8:c6:ac:a1:38:4b:c7:25:fc:4d:fa:68:
6a:1b:dd:13:18:99:7f:76:12:20:d2:0e:95:6a:7c:6a:04:1d:
15:ff:c4:71:39:5a:8d:69:ce:7e:a9:76:40:22:21:71:e3:6b:
36:93:aa:e4:0d:20:1a:e4:be:f6:26:71:e8:ad:56:60:86:cf:
b8:8a:42:61:ef:f3:3f:c6:d8:4d:3d:4d:29:4d:85:62:ce:e2:
e1:58:87:f8:20:c6:fa:31:e4:97:a9:49:f4:3a:0c:bb:10:b5:
86:12:8b:bb:c4:b0:ba:0c:47:e8:b7:98:ac:78:fe:aa:79:43:
c1:e0:f2:2b:a2:32:0d:fe:8b:59:e3:69:71:16:42:ad:95:13:
84:c1:9e:f3:1c:73:12:51:21:e9:dd:8d:de:5d:d5:96:0d:04:
9f:ce:d6:2c:be:d7:8d:70:52:1f:59:d6:80:ac:e5:f7:48:0e:
05:a9:95:00:7f:f2:ae:fb:80:a7:97:a6:80:cf:81:49:79:4b:
d2:f7:34:ca:fa:04:2d:1e:0a:ad:fc:ce:1b:92:72:88:fe:37:
a9:4f:c4:2b:5c:b7:da:e5:8e:87:6b:3e:5a:38:e4:21:59:23:
b1:34:f0:60
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVtCszeru+FxXzZcR11mGAQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjMwMTAxMTExNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmJlMTM2ZGJjMWI3Y2NjODJiNTA5YTIzZjY1OTA1YTI3ZTI3NzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVhG0PzJKqox0TNC1HyvswB33oYS
uph/DC3ouD3Tx1XVIkgz702IKMUtEb6M9vkYhK8rG4eJQgWQfBYIc0lSkiNDNMRP
cnx23n7FyGz1Bd9o8ywFR6S0t7I9G95/K5v/q/W5Oqa4yp2NVxEpgx7mlXVOI7fh
ccNx5aJVTKrX6ueVs77yy0vX43urhrWvRWzEHrrabrohbPZ4vvk3/mhL6ATBNEu5
lms2PcdTgWFfATE8tGa2Hq81Y1fx6gtVuqbg989YZMw4YCr903RQvUWCZ03THCSe
W/p57oj1aiSf5jcvq7tqQST45ivkjU1SIoh8D5EDogqeBZmupinjNiHplQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFu+E228G3zMgrUJoj9lkFon4ndkMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvVzc0VGJid2JmTXlDdFFtaVAyV1FXaWZpZDJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQEWQPwMAwD
BANZnVgDBAdZnQADBAHUxvIDBAHUxv4wDQYJKoZIhvcNAQELBQADggEBABTHRHQ2
EIUxfcmzxrgnNe+9DOiUmerta+jGrKE4S8cl/E36aGob3RMYmX92EiDSDpVqfGoE
HRX/xHE5Wo1pzn6pdkAiIXHjazaTquQNIBrkvvYmceitVmCGz7iKQmHv8z/G2E09
TSlNhWLO4uFYh/ggxvox5JepSfQ6DLsQtYYSi7vEsLoMR+i3mKx4/qp5Q8Hg8iui
Mg3+i1njaXEWQq2VE4TBnvMccxJRIendjd5d1ZYNBJ/O1iy+141wUh9Z1oCs5fdI
DgWplQB/8q77gKeXpoDPgUl5S9L3NMr6BC0eCq38zhuScoj+N6lPxCtct9rljodr
Plo45CFZI7E08GA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:50 2024 by rpki-client on console-ams.rpki-client.org