Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/81ef2d-ae66-4739-8deb-bdc248a6f565/1/pD8JWm9idloNS3H6B6UEdESMygs.roa
File: pD8JWm9idloNS3H6B6UEdESMygs.roa (raw, json)
Hash identifier: ANpNh9GTCKRS+f1ZaqoIOnZCojYc87lxfe9uYrzwc+k=
Subject key identifier: A4:3F:09:5A:6F:62:76:5A:0D:4B:71:FA:07:A5:04:74:44:8C:CA:0B
Certificate issuer: /CN=0afe9d66655b5fd27b2c17ca9685650d53f3bb0a
Certificate serial: 01856F670A064C0065461BC28C67227757BC
Authority key identifier: 0A:FE:9D:66:65:5B:5F:D2:7B:2C:17:CA:96:85:65:0D:53:F3:BB:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cv6dZmVbX9J7LBfKloVlDVPzuwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/81ef2d-ae66-4739-8deb-bdc248a6f565/1/pD8JWm9idloNS3H6B6UEdESMygs.roa
Signing time: Sun 01 Jan 2023 22:15:01 +0000
ROA not before: Sun 01 Jan 2023 22:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41419
IP address blocks: 89.250.82.0/24 maxlen: 24
89.250.83.0/24 maxlen: 24
89.250.81.0/24 maxlen: 24
89.250.80.0/20 maxlen: 24
89.250.84.0/24 maxlen: 24
89.250.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Jan 2023 06:49:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:67:0a:06:4c:00:65:46:1b:c2:8c:67:22:77:57:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0afe9d66655b5fd27b2c17ca9685650d53f3bb0a
Validity
Not Before: Jan 1 22:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a43f095a6f62765a0d4b71fa07a50474448cca0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:07:a9:64:69:26:4d:ee:ab:c9:4a:4e:e2:7d:
7d:46:a0:9d:77:be:cc:e8:d0:12:df:33:94:13:c0:
cc:29:63:a6:00:4a:29:1f:56:f0:34:cc:72:9c:4d:
f2:50:0b:1c:63:88:42:40:00:b7:77:e7:8a:cd:22:
27:55:b0:aa:ac:da:6a:5a:ca:ec:5d:b3:5c:0d:e0:
46:67:a8:22:e2:9e:ab:1d:67:de:3b:52:7a:f1:12:
87:7a:68:85:73:13:df:0b:24:fa:6f:f0:3f:0a:8d:
be:41:20:d7:44:e0:28:2f:2c:e5:ae:3f:3b:49:72:
b5:1c:cb:43:5f:a7:0f:a1:12:2b:fc:e7:a9:6f:3e:
d9:3e:43:19:4c:77:04:51:db:bd:a2:8e:c9:f8:03:
23:2b:6c:04:66:fd:bd:3b:71:59:76:63:51:94:62:
91:68:57:e2:35:76:7e:d8:1c:b9:81:10:40:76:b2:
f2:fd:67:d8:9b:f5:c1:fb:e4:a2:45:be:66:60:1f:
50:26:36:16:ba:5e:45:52:60:c3:04:02:a8:5f:2f:
b9:49:34:2a:e7:69:0d:81:18:05:eb:97:03:ce:a3:
1c:8f:9d:9f:1f:8c:6d:5e:71:6d:c2:69:f8:da:0e:
56:dc:5d:54:e9:34:c1:fc:a5:b4:1b:f1:e5:a0:d0:
cb:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:3F:09:5A:6F:62:76:5A:0D:4B:71:FA:07:A5:04:74:44:8C:CA:0B
X509v3 Authority Key Identifier:
keyid:0A:FE:9D:66:65:5B:5F:D2:7B:2C:17:CA:96:85:65:0D:53:F3:BB:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cv6dZmVbX9J7LBfKloVlDVPzuwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/81ef2d-ae66-4739-8deb-bdc248a6f565/1/pD8JWm9idloNS3H6B6UEdESMygs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/81ef2d-ae66-4739-8deb-bdc248a6f565/1/Cv6dZmVbX9J7LBfKloVlDVPzuwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.250.80.0/20
Signature Algorithm: sha256WithRSAEncryption
37:75:3e:ca:7d:bc:05:ef:0c:96:b5:0e:38:b4:ef:07:bc:0d:
18:e0:81:a7:7d:0c:3b:e1:fc:04:97:1a:74:7b:05:10:73:39:
0e:c1:9b:32:a5:0f:5d:a3:5e:f8:ca:3d:17:c2:7c:21:43:84:
f8:e9:a5:df:8c:32:a0:91:d4:08:e5:81:64:71:b0:7b:c7:1e:
88:59:c4:bc:ab:9e:38:39:c8:cc:d1:80:9b:bf:bb:36:f1:07:
20:4b:bb:2a:7c:10:56:4a:2f:b3:8c:13:e6:6f:95:cb:13:55:
93:55:79:12:69:99:ea:cb:c6:41:f1:16:dc:45:ac:cc:68:9d:
6b:01:94:22:e5:a3:d8:a1:a5:5d:23:ab:e1:d3:42:a3:76:66:
08:b9:dd:fb:79:b5:a3:99:99:40:e4:9c:83:2b:8c:7c:50:39:
4b:00:7a:e8:73:a7:12:85:1f:75:74:ec:9b:45:3c:13:40:59:
b3:35:6e:84:62:05:77:7f:1a:68:a8:31:ab:c9:e7:cc:75:5f:
11:34:e3:a8:71:51:f3:cf:c1:fe:d3:74:b5:f2:87:ed:83:14:
43:b8:15:75:34:86:76:e0:e0:24:c8:ad:f2:29:f3:be:1d:a3:
1c:83:d0:cf:be:7c:d6:39:0b:a3:c9:11:8a:c8:c6:14:8b:4b:
d7:ca:32:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZwoGTABlRhvCjGcid1e8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZmU5ZDY2NjU1YjVmZDI3YjJjMTdjYTk2ODU2NTBkNTNm
M2JiMGEwHhcNMjMwMTAxMjIxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDNmMDk1YTZmNjI3NjVhMGQ0YjcxZmEwN2E1MDQ3NDQ0OGNjYTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQepZGkmTe6ryUpO4n19RqCdd77M
6NAS3zOUE8DMKWOmAEopH1bwNMxynE3yUAscY4hCQAC3d+eKzSInVbCqrNpqWsrs
XbNcDeBGZ6gi4p6rHWfeO1J68RKHemiFcxPfCyT6b/A/Co2+QSDXROAoLyzlrj87
SXK1HMtDX6cPoRIr/Oepbz7ZPkMZTHcEUdu9oo7J+AMjK2wEZv29O3FZdmNRlGKR
aFfiNXZ+2By5gRBAdrLy/WfYm/XB++SiRb5mYB9QJjYWul5FUmDDBAKoXy+5STQq
52kNgRgF65cDzqMcj52fH4xtXnFtwmn42g5W3F1U6TTB/KW0G/HloNDLiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKQ/CVpvYnZaDUtx+gelBHREjMoLMB8GA1UdIwQY
MBaAFAr+nWZlW1/SeywXypaFZQ1T87sKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3Y2ZFptVmJYOUo3TEJmS2xvVmxEVlB6dXdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS84MWVmMmQtYWU2Ni00NzM5LThkZWIt
YmRjMjQ4YTZmNTY1LzEvcEQ4SldtOWlkbG9OUzNINkI2VUVkRVNNeWdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS84MWVmMmQtYWU2Ni00NzM5LThkZWItYmRjMjQ4YTZmNTY1
LzEvQ3Y2ZFptVmJYOUo3TEJmS2xvVmxEVlB6dXdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEWfpQMA0G
CSqGSIb3DQEBCwUAA4IBAQA3dT7KfbwF7wyWtQ44tO8HvA0Y4IGnfQw74fwElxp0
ewUQczkOwZsypQ9do174yj0XwnwhQ4T46aXfjDKgkdQI5YFkcbB7xx6IWcS8q544
OcjM0YCbv7s28QcgS7sqfBBWSi+zjBPmb5XLE1WTVXkSaZnqy8ZB8RbcRazMaJ1r
AZQi5aPYoaVdI6vh00KjdmYIud37ebWjmZlA5JyDK4x8UDlLAHroc6cShR91dOyb
RTwTQFmzNW6EYgV3fxpoqDGryefMdV8RNOOocVHzz8H+03S18oftgxRDuBV1NIZ2
4OAkyK3yKfO+HaMcg9DPvnzWOQujyRGKyMYUi0vXyjLg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:53 2024 by rpki-client on console-fra.rpki-client.org