Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/B49Hm5HoGD6YsHj8Tum8gwM02_4.roa
File: B49Hm5HoGD6YsHj8Tum8gwM02_4.roa (raw, json)
Hash identifier: vdV6uyUFKa0XLbZ/nNq4N7W8N/RdX1JSnTSsGbjnxM4=
Subject key identifier: 07:8F:47:9B:91:E8:18:3E:98:B0:78:FC:4E:E9:BC:83:03:34:DB:FE
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0189F3183A58B894EE2F79F037763F65547B
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/B49Hm5HoGD6YsHj8Tum8gwM02_4.roa
Signing time: Mon 14 Aug 2023 08:09:58 +0000
ROA not before: Mon 14 Aug 2023 08:09:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.185.24.0/22 maxlen: 24
109.72.116.0/24 maxlen: 24
109.72.116.0/22 maxlen: 24
109.72.117.0/24 maxlen: 24
109.72.118.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 15 Aug 2023 08:35:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f3:18:3a:58:b8:94:ee:2f:79:f0:37:76:3f:65:54:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Aug 14 08:09:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=078f479b91e8183e98b078fc4ee9bc830334dbfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d7:44:f9:f7:d3:09:5d:ae:9e:d3:52:b7:a9:
76:05:78:6d:52:95:78:0f:b3:ab:f9:0a:1d:50:91:
f0:52:26:f3:5d:bc:b5:d2:9e:0b:c4:8b:f7:be:0f:
0a:da:52:ee:0c:d8:f5:6b:64:7f:5a:78:9b:cb:e3:
b1:a4:da:e2:4f:e3:48:6c:35:61:2b:33:c0:7a:47:
9a:64:66:37:8d:83:6c:87:bc:bf:48:c3:83:91:70:
f8:b3:7a:f2:be:ea:48:6c:09:84:a7:0f:6e:a6:37:
9c:8b:72:40:36:90:a0:8f:ac:0d:6c:ed:b7:96:15:
e4:ff:f8:a1:67:8c:32:5c:bb:12:0f:80:12:84:8a:
2e:e1:fc:53:78:3f:7c:f9:f0:5a:0e:0d:4e:ff:48:
22:b0:d3:8f:6e:75:a2:93:22:62:a1:a1:79:82:1e:
fb:f3:8f:04:14:84:8f:ab:8a:82:b2:d3:ee:e1:d1:
f9:fb:79:37:0d:84:32:21:f2:54:bc:cb:1f:b6:e2:
98:c7:0e:ef:90:6f:fa:bb:21:fc:44:07:d2:80:70:
2d:4b:46:44:f8:ff:ce:35:9a:ed:f5:0d:47:44:d2:
58:68:b2:80:cb:83:4e:8e:e5:bd:e8:8a:64:1b:a3:
24:0f:da:b0:12:a0:88:8b:3b:8c:d0:17:5d:55:31:
24:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:8F:47:9B:91:E8:18:3E:98:B0:78:FC:4E:E9:BC:83:03:34:DB:FE
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/B49Hm5HoGD6YsHj8Tum8gwM02_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
89.185.24.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:1f:54:3b:c8:57:75:c6:ed:35:15:86:5a:52:64:6b:60:ee:
53:a8:8e:6e:09:39:2a:e5:df:75:bd:9e:e1:53:19:a6:89:08:
bd:25:6c:e3:e6:77:ee:db:a7:86:eb:f0:1e:42:1a:48:db:68:
fc:2e:75:7b:42:c3:80:30:46:29:3f:f6:60:6b:84:ec:da:47:
0c:d6:92:ed:44:5c:d7:5e:4c:b4:e6:37:40:78:49:83:67:7f:
19:9e:19:14:55:80:5e:e6:8f:d1:cf:73:61:2b:d4:5a:12:89:
91:79:92:40:4d:9a:68:ce:be:19:67:50:36:c1:6d:f7:32:87:
94:4c:da:4b:69:68:8e:4a:5f:89:38:69:d0:b7:eb:ee:14:f3:
5b:66:da:d2:f1:87:a2:fe:51:d8:70:79:ed:a8:ed:e9:fc:9b:
d1:3c:42:02:a6:6e:d5:66:17:cd:a1:cf:c3:58:75:06:0a:43:
e3:c0:04:e7:47:76:f6:9d:2d:db:c4:e7:16:87:e2:fd:25:cb:
02:7d:90:36:be:f8:cf:21:75:13:f4:8e:12:d5:3b:c5:85:ce:
8b:1d:b6:f1:e5:1f:5f:5c:66:d8:76:d3:a4:31:a4:63:73:2b:
5a:68:bd:53:f0:d3:9c:b8:d0:89:1a:e8:47:d1:54:22:d4:ae:
ed:d3:d3:6d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYnzGDpYuJTuL3nwN3Y/ZVR7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwODE0MDgwOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzhmNDc5YjkxZTgxODNlOThiMDc4ZmM0ZWU5YmM4MzAzMzRkYmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuddE+ffTCV2untNSt6l2BXhtUpV4
D7Or+QodUJHwUibzXby10p4LxIv3vg8K2lLuDNj1a2R/Wniby+OxpNriT+NIbDVh
KzPAekeaZGY3jYNsh7y/SMODkXD4s3ryvupIbAmEpw9upjeci3JANpCgj6wNbO23
lhXk//ihZ4wyXLsSD4AShIou4fxTeD98+fBaDg1O/0gisNOPbnWikyJioaF5gh77
848EFISPq4qCstPu4dH5+3k3DYQyIfJUvMsftuKYxw7vkG/6uyH8RAfSgHAtS0ZE
+P/ONZrt9Q1HRNJYaLKAy4NOjuW96IpkG6MkD9qwEqCIizuM0BddVTEkJQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAePR5uR6Bg+mLB4/E7pvIMDNNv+MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvQjQ5SG01SG9HRDZZc0hqOFR1bThnd00wMl80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWbkAAwQC
WbkYAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQAeH1Q7yFd1xu01FYZaUmRrYO5T
qI5uCTkq5d91vZ7hUxmmiQi9JWzj5nfu26eG6/AeQhpI22j8LnV7QsOAMEYpP/Zg
a4Ts2kcM1pLtRFzXXky05jdAeEmDZ38ZnhkUVYBe5o/Rz3NhK9RaEomReZJATZpo
zr4ZZ1A2wW33MoeUTNpLaWiOSl+JOGnQt+vuFPNbZtrS8Yei/lHYcHntqO3p/JvR
PEICpm7VZhfNoc/DWHUGCkPjwATnR3b2nS3bxOcWh+L9JcsCfZA2vvjPIXUT9I4S
1TvFhc6LHbbx5R9fXGbYdtOkMaRjcytaaL1T8NOcuNCJGuhH0VQi1K7t09Nt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org