Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/4tYs7vtmQAKA0kk6fqQTRdceM9c.roa
File: 4tYs7vtmQAKA0kk6fqQTRdceM9c.roa (raw, json)
Hash identifier: 2RMA2L2yLaRe0e/mtZrCuqGcdEHIdPv/vA2sJhbp5IU=
Subject key identifier: E2:D6:2C:EE:FB:66:40:02:80:D2:49:3A:7E:A4:13:45:D7:1E:33:D7
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 01895B386E7B290139E0B9875CD0E92AB9F7
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/4tYs7vtmQAKA0kk6fqQTRdceM9c.roa
Signing time: Sat 15 Jul 2023 20:22:52 +0000
ROA not before: Sat 15 Jul 2023 20:22:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.185.24.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
89.185.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 31 Jul 2023 19:56:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:5b:38:6e:7b:29:01:39:e0:b9:87:5c:d0:e9:2a:b9:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jul 15 20:22:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2d62ceefb66400280d2493a7ea41345d71e33d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:7f:6d:2d:c6:92:a5:0e:f6:90:dd:f7:36:11:
d4:97:a0:e8:d8:34:c1:78:2c:7a:87:52:7d:8e:7e:
84:f8:96:f8:cf:5b:04:d8:28:bd:9c:fb:f0:41:87:
cf:95:9a:8e:0d:88:5f:c2:44:67:6a:cf:61:77:a5:
e6:4e:29:f2:c2:f4:96:29:22:fc:ed:af:87:75:9c:
78:e0:ed:34:0c:22:14:ef:0a:8b:4e:6c:60:34:65:
37:fd:8b:29:7a:50:bc:00:57:00:6e:1b:2e:e7:be:
cc:ac:95:cd:f6:01:57:4a:32:5c:a2:29:8e:b0:e9:
83:32:6b:aa:33:e8:55:4c:e3:2d:31:78:9c:a1:d0:
34:8d:79:51:73:6c:d5:95:0c:f9:64:40:ae:ec:2f:
7d:bc:62:50:d2:a9:26:50:e3:83:04:49:13:c8:ad:
fb:a9:10:de:60:a8:5b:bf:8e:4b:26:07:ae:16:b6:
0e:4c:80:df:e4:1d:f9:ec:86:33:9a:f7:96:e9:24:
80:7e:f1:a8:4f:60:5f:c2:0a:38:2b:c6:e2:f5:f7:
6e:a2:f0:9e:57:4f:48:47:c4:36:c5:91:0e:dd:80:
fa:a2:a7:9d:45:54:56:9d:7f:0c:c4:ca:91:c4:07:
81:e2:b4:fe:b2:1e:db:53:cc:a8:ae:1a:b1:79:db:
13:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:D6:2C:EE:FB:66:40:02:80:D2:49:3A:7E:A4:13:45:D7:1E:33:D7
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/4tYs7vtmQAKA0kk6fqQTRdceM9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
89.185.24.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:77:a8:68:f6:5b:a6:94:4e:a9:3f:d0:47:fb:90:ce:c7:8b:
f8:f8:a7:29:e1:5a:8b:31:3c:f2:14:e2:70:51:8e:e0:ee:fd:
88:40:44:08:be:19:81:b0:3d:1a:90:10:af:5d:b1:4c:4e:a1:
36:46:2b:9f:fa:e4:d7:0f:23:06:49:23:f0:ae:e8:5c:19:8c:
5e:39:7f:4d:bb:61:42:72:36:c1:9c:1a:8d:5b:76:1d:d3:8e:
40:e5:ff:19:a7:4a:91:8e:4d:88:23:d0:f6:8a:8e:53:e7:58:
7f:34:57:47:e6:94:0c:38:f3:57:60:41:c8:aa:c3:15:bd:18:
7f:1e:d6:89:3c:6f:8a:71:9f:c6:a9:83:44:40:17:20:2b:5e:
e7:2f:fd:a4:2e:ae:d3:6c:e4:31:84:18:da:3d:b6:63:b9:5d:
78:a3:a7:85:e3:13:f7:e2:68:2e:f0:c0:1a:6f:c2:71:58:d9:
e1:e0:62:e2:86:e8:34:70:d5:f2:4d:88:80:db:b3:2a:1e:c5:
fb:14:54:9a:89:6e:69:1a:a7:6a:92:e7:02:85:58:2a:a3:08:
77:e5:4a:19:d6:e6:44:16:7f:00:fd:4e:27:72:4c:4e:02:83:
63:2e:b3:3b:fe:d9:48:a4:6e:03:25:14:1a:65:63:6c:c6:b3:
58:d4:10:8b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYlbOG57KQE54LmHXNDpKrn3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNzE1MjAyMjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmQ2MmNlZWZiNjY0MDAyODBkMjQ5M2E3ZWE0MTM0NWQ3MWUzM2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkH9tLcaSpQ72kN33NhHUl6Do2DTB
eCx6h1J9jn6E+Jb4z1sE2Ci9nPvwQYfPlZqODYhfwkRnas9hd6XmTinywvSWKSL8
7a+HdZx44O00DCIU7wqLTmxgNGU3/YspelC8AFcAbhsu577MrJXN9gFXSjJcoimO
sOmDMmuqM+hVTOMtMXicodA0jXlRc2zVlQz5ZECu7C99vGJQ0qkmUOODBEkTyK37
qRDeYKhbv45LJgeuFrYOTIDf5B357IYzmveW6SSAfvGoT2Bfwgo4K8bi9fduovCe
V09IR8Q2xZEO3YD6oqedRVRWnX8MxMqRxAeB4rT+sh7bU8yorhqxedsTuQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOLWLO77ZkACgNJJOn6kE0XXHjPXMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvNHRZczd2dG1RQUtBMGtrNmZxUVRSZGNlTTljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWbkAAwQC
WbkYAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQBed6ho9lumlE6pP9BH+5DOx4v4
+Kcp4VqLMTzyFOJwUY7g7v2IQEQIvhmBsD0akBCvXbFMTqE2Riuf+uTXDyMGSSPw
ruhcGYxeOX9Nu2FCcjbBnBqNW3Yd045A5f8Zp0qRjk2II9D2io5T51h/NFdH5pQM
OPNXYEHIqsMVvRh/HtaJPG+KcZ/GqYNEQBcgK17nL/2kLq7TbOQxhBjaPbZjuV14
o6eF4xP34mgu8MAab8JxWNnh4GLihug0cNXyTYiA27MqHsX7FFSaiW5pGqdqkucC
hVgqowh35UoZ1uZEFn8A/U4nckxOAoNjLrM7/tlIpG4DJRQaZWNsxrNY1BCL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org