Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/fSzEaezsaH9t7fi9yVLZwFBgz9w.roa
File: fSzEaezsaH9t7fi9yVLZwFBgz9w.roa (raw, json)
Hash identifier: 3EIDbwboyZ8rky5d7C3bCmv31kR/tTvXvfm1kmLxH+k=
Subject key identifier: 7D:2C:C4:69:EC:EC:68:7F:6D:ED:F8:BD:C9:52:D9:C0:50:60:CF:DC
Certificate issuer: /CN=ca290db2f72905f0db626b005bacf08878d17bac
Certificate serial: 01856EA6A7714D0FDA485F876E92897DF7F8
Authority key identifier: CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/fSzEaezsaH9t7fi9yVLZwFBgz9w.roa
Signing time: Sun 01 Jan 2023 18:44:53 +0000
ROA not before: Sun 01 Jan 2023 18:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34549
IP address blocks: 185.131.52.0/24 maxlen: 24
89.37.101.0/24 maxlen: 24
89.47.58.0/24 maxlen: 24
188.241.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:a7:71:4d:0f:da:48:5f:87:6e:92:89:7d:f7:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca290db2f72905f0db626b005bacf08878d17bac
Validity
Not Before: Jan 1 18:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d2cc469ecec687f6dedf8bdc952d9c05060cfdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:1c:0b:a8:82:b8:bf:52:a8:c0:b4:ca:1c:14:
71:f3:24:64:75:77:34:ca:7f:83:9a:55:a6:64:f1:
67:93:d9:e7:04:9b:42:ee:49:b5:63:7e:42:8f:fc:
99:e6:4a:ce:04:ba:30:68:e4:0d:ea:7c:92:36:9a:
f5:b6:b8:5a:43:ac:c4:23:82:f5:cc:55:74:3f:5e:
77:ac:6f:e7:1e:d3:84:14:1c:32:e9:f7:5d:02:69:
90:68:c6:12:bd:f8:56:a8:b1:e9:d0:1f:e0:94:fd:
e4:97:d0:83:83:c7:63:ea:3e:ed:d0:8f:82:b1:f5:
31:d3:d7:04:f4:de:93:bf:3a:09:8d:16:4d:22:ac:
b9:bf:06:b3:d1:80:27:88:c3:d0:b0:a5:79:96:c1:
40:f3:84:a7:7c:2e:24:19:10:5e:40:fd:6b:e1:c3:
8c:40:0d:57:51:b2:2f:79:8f:81:2b:dd:39:6e:70:
3f:a5:6f:45:ee:36:42:c4:ea:7e:3d:d3:fb:9a:54:
74:57:6a:0d:ac:9e:78:7b:c2:24:3a:5b:b1:6a:ab:
dd:69:33:f4:3f:f2:28:3d:cf:92:88:f7:3d:fe:74:
e7:5a:f6:97:2d:89:04:30:7a:94:43:0c:51:8a:d6:
18:e2:aa:a3:89:00:76:d1:de:47:e7:89:a4:3b:44:
2e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:2C:C4:69:EC:EC:68:7F:6D:ED:F8:BD:C9:52:D9:C0:50:60:CF:DC
X509v3 Authority Key Identifier:
keyid:CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/fSzEaezsaH9t7fi9yVLZwFBgz9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/yikNsvcpBfDbYmsAW6zwiHjRe6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.101.0/24
89.47.58.0/24
185.131.52.0/24
188.241.187.0/24
Signature Algorithm: sha256WithRSAEncryption
38:a7:5b:4a:77:43:1f:e3:fc:5b:1d:59:44:2c:35:93:2a:88:
2f:b5:ba:5a:f5:6d:f0:ce:5e:11:b8:32:1a:33:e4:15:6f:9e:
e1:7b:8b:d6:d4:0c:86:6d:09:4e:4f:99:ae:65:cb:20:da:5b:
f6:ad:53:1d:20:6f:2a:41:ea:bd:91:8b:34:f3:3a:ca:d6:20:
1b:41:4a:eb:61:8c:b8:91:68:96:58:1c:95:29:07:bf:a3:7e:
34:10:16:7e:0d:16:b0:92:87:1b:8a:a2:0e:ce:ce:79:83:80:
05:64:ee:ad:4c:eb:bc:5d:fe:ab:b6:a6:b2:58:d0:fc:15:52:
5b:34:50:ef:85:87:bb:29:67:82:3b:94:a1:44:b3:ea:5a:72:
0d:00:f0:d6:84:a2:f2:be:83:e6:4a:8a:0a:2f:9f:09:75:d6:
23:c4:bd:a9:d8:78:fe:99:51:1d:5d:05:03:d3:79:84:32:6f:
3b:3c:26:e1:a0:d6:7d:f8:10:39:10:52:00:ec:9b:6f:16:42:
5f:9b:ef:ed:5d:37:8c:f7:05:b1:93:70:a7:d7:83:b2:36:9f:
ad:19:e8:b7:97:3f:44:6f:9d:b0:e8:77:ac:90:d9:00:42:84:
66:ae:9b:24:81:1a:28:41:a1:e6:4d:46:af:f3:0d:1f:4f:89:
61:04:66:76
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVupqdxTQ/aSF+HbpKJfff4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMjkwZGIyZjcyOTA1ZjBkYjYyNmIwMDViYWNmMDg4Nzhk
MTdiYWMwHhcNMjMwMTAxMTg0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDJjYzQ2OWVjZWM2ODdmNmRlZGY4YmRjOTUyZDljMDUwNjBjZmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhwLqIK4v1KowLTKHBRx8yRkdXc0
yn+DmlWmZPFnk9nnBJtC7km1Y35Cj/yZ5krOBLowaOQN6nySNpr1trhaQ6zEI4L1
zFV0P153rG/nHtOEFBwy6fddAmmQaMYSvfhWqLHp0B/glP3kl9CDg8dj6j7t0I+C
sfUx09cE9N6TvzoJjRZNIqy5vwaz0YAniMPQsKV5lsFA84SnfC4kGRBeQP1r4cOM
QA1XUbIveY+BK905bnA/pW9F7jZCxOp+PdP7mlR0V2oNrJ54e8IkOluxaqvdaTP0
P/IoPc+SiPc9/nTnWvaXLYkEMHqUQwxRitYY4qqjiQB20d5H54mkO0QuvQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH0sxGns7Gh/be34vclS2cBQYM/cMB8GA1UdIwQY
MBaAFMopDbL3KQXw22JrAFus8Ih40XusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWlrTnN2Y3BCZkRiWW1zQVc2endpSGpSZTZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yMTY5NzMtNTE2Zi00NTAxLTkxNjQt
N2Y0MzViZjU1MDFjLzEvZlN6RWFlenNhSDl0N2ZpOXlWTFp3RkJnejl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yMTY5NzMtNTE2Zi00NTAxLTkxNjQtN2Y0MzViZjU1MDFj
LzEveWlrTnN2Y3BCZkRiWW1zQVc2endpSGpSZTZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWSVlAwQA
WS86AwQAuYM0AwQAvPG7MA0GCSqGSIb3DQEBCwUAA4IBAQA4p1tKd0Mf4/xbHVlE
LDWTKogvtbpa9W3wzl4RuDIaM+QVb57he4vW1AyGbQlOT5muZcsg2lv2rVMdIG8q
Qeq9kYs08zrK1iAbQUrrYYy4kWiWWByVKQe/o340EBZ+DRawkocbiqIOzs55g4AF
ZO6tTOu8Xf6rtqayWND8FVJbNFDvhYe7KWeCO5ShRLPqWnINAPDWhKLyvoPmSooK
L58JddYjxL2p2Hj+mVEdXQUD03mEMm87PCbhoNZ9+BA5EFIA7JtvFkJfm+/tXTeM
9wWxk3Cn14OyNp+tGei3lz9Eb52w6HeskNkAQoRmrpskgRooQaHmTUav8w0fT4lh
BGZ2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:32 2024 by rpki-client on console-ams.rpki-client.org