Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/YqIHmyAXY0WqEcae65b6O2ySVOQ.roa
File: YqIHmyAXY0WqEcae65b6O2ySVOQ.roa (raw, json)
Hash identifier: SYOpcEHcNKb1txfR2VeMtLVyjqwGVqdfRbT02xjR/Ps=
Subject key identifier: 62:A2:07:9B:20:17:63:45:AA:11:C6:9E:EB:96:FA:3B:6C:92:54:E4
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018B47847BDA42754AE31CAA5953A8CB674E
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/YqIHmyAXY0WqEcae65b6O2ySVOQ.roa
Signing time: Thu 19 Oct 2023 10:39:06 +0000
ROA not before: Thu 19 Oct 2023 10:39:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.185.24.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
109.72.117.0/24 maxlen: 24
109.72.118.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 19 Oct 2023 16:04:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:47:84:7b:da:42:75:4a:e3:1c:aa:59:53:a8:cb:67:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Oct 19 10:39:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=62a2079b20176345aa11c69eeb96fa3b6c9254e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:06:e5:01:be:ae:d8:25:ee:88:43:a5:40:4c:
45:c4:f6:65:49:d4:31:35:4f:b7:d5:44:ce:2a:a9:
c7:47:5f:1d:94:08:04:6f:45:30:56:bc:f9:f8:d9:
c4:80:c9:00:ed:0f:16:d8:70:fb:6d:eb:14:f2:44:
bd:05:d6:40:55:c3:ab:05:ac:92:8c:71:8a:06:cd:
8e:0e:9a:bc:07:fb:94:be:da:ee:34:ce:cf:2a:8d:
03:e1:e1:dd:2b:b2:83:a0:8b:78:d6:89:dd:d4:cf:
4d:d6:da:41:cf:d3:4a:17:b6:86:29:35:b7:6d:75:
48:ed:d2:bf:6c:9b:6a:09:95:8b:d3:2e:bc:d3:93:
0b:f1:f9:e8:97:ec:25:1c:5a:65:bc:b1:aa:e2:86:
2a:f4:74:68:6a:e9:68:43:4c:01:10:61:6b:0c:0e:
34:97:ca:9e:9b:4c:b3:bc:81:58:ba:ed:dc:b3:ae:
4b:54:cd:5c:24:21:b4:0f:ac:ef:a2:1f:7b:b1:7f:
74:ce:07:f8:fb:08:a5:f8:c7:8c:19:81:0a:70:1d:
8b:8d:85:df:6b:12:ea:2c:cd:ae:bf:74:48:e2:f7:
7e:94:c4:12:e7:0c:79:36:12:93:6c:bb:0e:65:cf:
5e:ec:88:85:e3:0f:61:17:0e:60:48:bd:24:02:1b:
85:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:A2:07:9B:20:17:63:45:AA:11:C6:9E:EB:96:FA:3B:6C:92:54:E4
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/YqIHmyAXY0WqEcae65b6O2ySVOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
89.185.24.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
30:3a:c8:2e:ab:bd:c0:74:1b:e0:54:ef:57:a4:4b:d3:ae:af:
46:22:6b:1b:4f:5d:f2:e2:04:98:97:bc:dd:a8:c4:91:51:1e:
64:1a:04:5f:07:d7:ec:00:f4:f2:ab:52:be:5a:ec:95:9a:69:
a1:44:30:43:8e:ef:ad:d8:70:f6:61:ee:da:f7:ca:3f:fb:c3:
fe:57:66:62:89:5c:9a:41:6b:bc:d7:af:8e:6d:a1:8e:ad:37:
71:0e:04:3e:dd:e8:fe:50:05:3d:73:36:73:58:f9:72:2b:57:
ac:c2:96:84:0d:f4:af:4e:00:d2:3b:39:4a:c1:2a:d9:ea:8f:
1f:15:66:60:cd:b1:6c:8a:e8:a8:14:48:0b:1c:23:4f:9d:b3:
90:c3:65:d1:86:94:36:44:25:c3:98:94:f6:e5:57:68:07:ff:
e6:4c:f1:ba:d2:cc:3e:f4:a5:77:e2:3f:93:cf:b5:05:76:4d:
73:e6:e4:a5:da:e5:0a:70:ac:2e:d5:9f:84:3f:5d:e1:51:38:
9c:26:2a:85:9e:19:72:28:3a:10:18:b7:d8:1a:3d:ec:cd:b4:
5b:cf:d8:cc:2a:65:f6:12:4d:b6:7b:fd:c5:0b:0f:94:1e:09:
55:79:7e:6b:b9:71:60:87:22:94:43:2c:98:7a:01:3b:fd:0b:
1e:b4:eb:df
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYtHhHvaQnVK4xyqWVOoy2dOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMDE5MTAzOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmEyMDc5YjIwMTc2MzQ1YWExMWM2OWVlYjk2ZmEzYjZjOTI1NGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQblAb6u2CXuiEOlQExFxPZlSdQx
NU+31UTOKqnHR18dlAgEb0UwVrz5+NnEgMkA7Q8W2HD7besU8kS9BdZAVcOrBayS
jHGKBs2ODpq8B/uUvtruNM7PKo0D4eHdK7KDoIt41ond1M9N1tpBz9NKF7aGKTW3
bXVI7dK/bJtqCZWL0y6805ML8fnol+wlHFplvLGq4oYq9HRoauloQ0wBEGFrDA40
l8qem0yzvIFYuu3cs65LVM1cJCG0D6zvoh97sX90zgf4+wil+MeMGYEKcB2LjYXf
axLqLM2uv3RI4vd+lMQS5wx5NhKTbLsOZc9e7IiF4w9hFw5gSL0kAhuF7wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGKiB5sgF2NFqhHGnuuW+jtsklTkMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvWXFJSG15QVhZMFdxRWNhZTY1YjZPMnlTVk9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWbkAAwQC
WbkYAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQAwOsguq73AdBvgVO9XpEvTrq9G
ImsbT13y4gSYl7zdqMSRUR5kGgRfB9fsAPTyq1K+WuyVmmmhRDBDju+t2HD2Ye7a
98o/+8P+V2ZiiVyaQWu816+ObaGOrTdxDgQ+3ej+UAU9czZzWPlyK1eswpaEDfSv
TgDSOzlKwSrZ6o8fFWZgzbFsiuioFEgLHCNPnbOQw2XRhpQ2RCXDmJT25VdoB//m
TPG60sw+9KV34j+Tz7UFdk1z5uSl2uUKcKwu1Z+EP13hUTicJiqFnhlyKDoQGLfY
Gj3szbRbz9jMKmX2Ek22e/3FCw+UHglVeX5ruXFghyKUQyyYegE7/QsetOvf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org