Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/2a55f5-3cdc-43ea-9803-74ee83736e97/1/FbJfXMZmyn4LQeQMFHWTu-237ds.roa
File: FbJfXMZmyn4LQeQMFHWTu-237ds.roa (raw, json)
Hash identifier: UdkwSd2zeGSqhQ2VSRLCiX3cLHedHTMjIORr/pnypLI=
Subject key identifier: 15:B2:5F:5C:C6:66:CA:7E:0B:41:E4:0C:14:75:93:BB:ED:B7:ED:DB
Certificate issuer: /CN=6c895335ba98f7c626f0c819e9e2894c61d44754
Certificate serial: 018CC726F5843D3C4735EE6C5BDDF6CD1992
Authority key identifier: 6C:89:53:35:BA:98:F7:C6:26:F0:C8:19:E9:E2:89:4C:61:D4:47:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bIlTNbqY98Ym8MgZ6eKJTGHUR1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/2a55f5-3cdc-43ea-9803-74ee83736e97/1/FbJfXMZmyn4LQeQMFHWTu-237ds.roa
Signing time: Mon 01 Jan 2024 22:31:08 +0000
ROA not before: Mon 01 Jan 2024 22:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41088
IP address blocks: 89.190.64.0/19 maxlen: 19
89.190.85.0/24 maxlen: 24
2a00:bfe0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:f5:84:3d:3c:47:35:ee:6c:5b:dd:f6:cd:19:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c895335ba98f7c626f0c819e9e2894c61d44754
Validity
Not Before: Jan 1 22:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15b25f5cc666ca7e0b41e40c147593bbedb7eddb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:92:1a:a2:c1:1b:d8:10:e3:1f:e4:05:3e:35:
17:9f:ef:35:4f:e4:d9:c2:7e:39:36:30:66:1d:2b:
09:b7:31:29:77:71:56:54:e1:f7:be:97:68:c3:3b:
51:41:f4:a1:14:c5:85:f7:a4:56:6c:41:54:e2:63:
05:11:37:e4:b2:c1:49:ba:de:a6:da:c8:50:21:99:
44:cc:f7:27:f1:94:d2:98:48:b6:d0:6d:12:5e:60:
ba:5f:90:71:bf:59:0b:23:47:20:ee:be:b8:0a:29:
f3:f5:d4:1f:30:30:de:00:3c:1d:f9:0d:ca:b0:01:
a9:ee:74:9a:3b:42:3b:93:c2:eb:d7:cd:da:63:3f:
89:e0:73:b5:3a:88:c6:82:70:1e:25:92:60:06:73:
a0:27:98:e5:b2:13:db:2b:9e:ac:b3:9e:14:2e:1e:
1e:a7:f7:b3:28:7f:ba:2d:4d:24:eb:75:ef:8f:9a:
58:10:b8:e7:75:ed:00:74:13:93:8e:56:3c:94:95:
9e:d7:39:e6:92:ce:f2:4d:27:89:bf:cf:23:ea:3f:
d4:56:3f:2e:b0:20:02:90:69:9b:4a:98:ec:a9:1f:
3a:80:df:4a:5b:45:6e:f5:6c:97:70:30:d9:8d:74:
bb:93:d8:1c:9a:07:69:ea:ae:8d:d5:28:e1:af:d5:
c1:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:B2:5F:5C:C6:66:CA:7E:0B:41:E4:0C:14:75:93:BB:ED:B7:ED:DB
X509v3 Authority Key Identifier:
keyid:6C:89:53:35:BA:98:F7:C6:26:F0:C8:19:E9:E2:89:4C:61:D4:47:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bIlTNbqY98Ym8MgZ6eKJTGHUR1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/2a55f5-3cdc-43ea-9803-74ee83736e97/1/FbJfXMZmyn4LQeQMFHWTu-237ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/2a55f5-3cdc-43ea-9803-74ee83736e97/1/bIlTNbqY98Ym8MgZ6eKJTGHUR1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.190.64.0/19
IPv6:
2a00:bfe0::/32
Signature Algorithm: sha256WithRSAEncryption
99:69:78:d1:47:34:51:34:30:b9:38:23:c0:0c:72:d6:1a:d9:
e8:24:75:59:8d:58:0e:45:28:63:39:a4:1b:46:66:9b:38:1f:
e7:b2:4b:d7:21:1b:b7:67:b7:37:63:c8:ea:f7:55:6d:c8:b4:
d9:a2:c4:a5:2c:dc:c9:f1:d4:7d:3a:d2:ee:95:35:28:d8:b0:
a9:fb:41:c2:de:23:4d:b6:96:f8:fe:7b:57:1c:10:36:61:be:
ce:2a:d0:de:5c:61:4e:c5:74:b2:c0:24:96:2c:a0:f2:d3:f5:
f9:76:80:ee:8e:4a:0e:cf:03:f6:0c:ea:40:4a:0d:e9:c4:23:
bd:40:da:7f:b1:58:83:f8:2c:10:19:7e:e6:f0:39:f7:6b:94:
5c:d1:96:67:9e:f8:cf:8a:5d:02:24:ac:95:74:d3:3f:72:cb:
a5:a9:c0:b8:c5:fe:2e:a6:13:3f:a3:c4:12:0e:1c:bd:0e:79:
2a:ff:fe:bb:6d:00:a4:c8:f2:d4:23:df:65:4d:42:ac:21:bf:
b2:d8:9b:5a:20:5c:f6:61:7c:99:39:f2:6b:5d:c6:17:d2:b3:
c5:b0:34:4c:5c:5c:44:66:25:46:db:a0:37:21:d0:5a:b4:9c:
00:69:5f:64:b0:bd:a0:1a:67:86:6b:6a:0e:22:0d:62:b8:e3:
10:4b:3c:b2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJvWEPTxHNe5sW932zRmSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjODk1MzM1YmE5OGY3YzYyNmYwYzgxOWU5ZTI4OTRjNjFk
NDQ3NTQwHhcNMjQwMTAxMjIzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWIyNWY1Y2M2NjZjYTdlMGI0MWU0MGMxNDc1OTNiYmVkYjdlZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5IaosEb2BDjH+QFPjUXn+81T+TZ
wn45NjBmHSsJtzEpd3FWVOH3vpdowztRQfShFMWF96RWbEFU4mMFETfkssFJut6m
2shQIZlEzPcn8ZTSmEi20G0SXmC6X5Bxv1kLI0cg7r64Cinz9dQfMDDeADwd+Q3K
sAGp7nSaO0I7k8Lr183aYz+J4HO1OojGgnAeJZJgBnOgJ5jlshPbK56ss54ULh4e
p/ezKH+6LU0k63Xvj5pYELjnde0AdBOTjlY8lJWe1znmks7yTSeJv88j6j/UVj8u
sCACkGmbSpjsqR86gN9KW0Vu9WyXcDDZjXS7k9gcmgdp6q6N1Sjhr9XBlwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBWyX1zGZsp+C0HkDBR1k7vtt+3bMB8GA1UdIwQY
MBaAFGyJUzW6mPfGJvDIGeniiUxh1EdUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklsVE5icVk5OFltOE1nWjZlS0pUR0hVUjFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8yYTU1ZjUtM2NkYy00M2VhLTk4MDMt
NzRlZTgzNzM2ZTk3LzEvRmJKZlhNWm15bjRMUWVRTUZIV1R1LTIzN2RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8yYTU1ZjUtM2NkYy00M2VhLTk4MDMtNzRlZTgzNzM2ZTk3
LzEvYklsVE5icVk5OFltOE1nWjZlS0pUR0hVUjFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFWb5AMA0E
AgACMAcDBQAqAL/gMA0GCSqGSIb3DQEBCwUAA4IBAQCZaXjRRzRRNDC5OCPADHLW
GtnoJHVZjVgORShjOaQbRmabOB/nskvXIRu3Z7c3Y8jq91VtyLTZosSlLNzJ8dR9
OtLulTUo2LCp+0HC3iNNtpb4/ntXHBA2Yb7OKtDeXGFOxXSywCSWLKDy0/X5doDu
jkoOzwP2DOpASg3pxCO9QNp/sViD+CwQGX7m8Dn3a5Rc0ZZnnvjPil0CJKyVdNM/
csulqcC4xf4uphM/o8QSDhy9Dnkq//67bQCkyPLUI99lTUKsIb+y2JtaIFz2YXyZ
OfJrXcYX0rPFsDRMXFxEZiVG26A3IdBatJwAaV9ksL2gGmeGa2oOIg1iuOMQSzyy
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:10 2025 by rpki-client