Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/7RMS5FlvEWaieCppZ4tFFp9IM4I.roa
File: 7RMS5FlvEWaieCppZ4tFFp9IM4I.roa (raw, json)
Hash identifier: LIbK8X4WomVC1ldwBMNi7H6FeT7vs4gA2/yxx7rWyuE=
Subject key identifier: ED:13:12:E4:59:6F:11:66:A2:78:2A:69:67:8B:45:16:9F:48:33:82
Certificate issuer: /CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Certificate serial: 018CC26D36C17E01D1947C6883F4B4F8A204
Authority key identifier: 5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/7RMS5FlvEWaieCppZ4tFFp9IM4I.roa
Signing time: Mon 01 Jan 2024 00:29:46 +0000
ROA not before: Mon 01 Jan 2024 00:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31216
IP address blocks: 89.30.68.0/22 maxlen: 24
89.30.0.0/17 maxlen: 24
83.243.16.0/21 maxlen: 24
194.126.217.0/24 maxlen: 24
2a01:8200::/32 maxlen: 64
Validation: Failed, certificate revoked on Wed 15 May 2024 10:36:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:36:c1:7e:01:d1:94:7c:68:83:f4:b4:f8:a2:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Validity
Not Before: Jan 1 00:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed1312e4596f1166a2782a69678b45169f483382
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3f:98:3d:98:37:09:ee:3c:6e:d8:05:e4:e5:
c7:a6:5e:6d:d2:3c:1c:ae:c6:a3:31:79:db:14:1f:
a0:9b:74:58:b1:be:b6:04:d3:92:ed:d6:16:b8:27:
ca:5f:cd:d3:5b:ea:03:29:5b:34:8f:63:42:82:30:
cd:79:09:51:68:3c:0b:b8:f1:6b:fc:e2:44:13:30:
d5:f2:71:f8:d2:85:89:fe:dd:5c:c5:15:20:3f:25:
b2:c2:fb:b4:e7:1a:a6:3f:57:17:a6:4a:c9:fb:99:
ee:42:65:a8:73:12:3e:27:f6:f8:8f:60:83:55:0d:
af:91:b1:50:59:bf:25:ad:57:48:48:88:97:7f:b2:
53:39:bd:ef:d4:c4:31:96:f0:f7:9c:58:f7:12:31:
c2:b2:bd:9b:e4:f4:91:53:7e:c1:91:8f:4d:8e:c1:
9e:10:b6:19:6a:82:1b:93:a6:37:38:0c:c1:d1:d7:
4c:1d:c6:8d:b9:9d:39:bd:0f:3c:42:44:01:e0:a0:
cf:35:c0:e3:46:22:a2:92:7f:14:32:fc:61:99:ce:
50:6c:3d:11:e4:f9:6f:aa:fb:f8:25:4a:23:9e:90:
7e:7e:ba:81:4e:a7:b1:ea:52:bf:b9:20:ae:e6:5b:
59:40:60:fc:f9:51:80:e0:15:6f:2b:de:ab:65:9c:
1f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:13:12:E4:59:6F:11:66:A2:78:2A:69:67:8B:45:16:9F:48:33:82
X509v3 Authority Key Identifier:
keyid:5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/7RMS5FlvEWaieCppZ4tFFp9IM4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.243.16.0/21
89.30.0.0/17
194.126.217.0/24
IPv6:
2a01:8200::/32
Signature Algorithm: sha256WithRSAEncryption
28:58:c1:8f:17:d3:05:85:f6:49:cb:98:d0:87:5d:7c:9b:de:
75:fb:c8:99:e8:d4:ba:8f:34:14:f3:98:ba:8a:d4:68:6f:0a:
b0:66:f2:2a:a2:da:43:b9:35:ca:0b:2e:35:76:9e:0e:84:49:
34:cb:ab:0d:f2:a6:49:e4:6c:61:99:ce:e7:48:5a:d5:d8:1b:
10:b8:ce:b4:64:92:2c:a0:14:aa:68:7a:49:69:e8:04:42:a1:
bc:91:71:0c:cf:40:ef:a7:db:cf:be:31:52:91:80:8f:60:cd:
54:6a:29:03:69:14:16:c0:1e:d8:6a:49:a0:6b:ef:c9:b1:f8:
30:e2:9b:3f:40:b2:95:e2:0d:43:06:02:02:e2:3b:46:53:3c:
ba:a0:1c:b0:4a:a7:75:f6:7a:cd:52:c0:1d:84:c7:2e:55:74:
35:ca:98:12:42:3e:da:e4:1f:10:21:bd:a0:ab:13:0f:28:fa:
21:57:cb:64:22:7a:c5:85:ef:01:51:84:f3:f2:fb:b3:4e:45:
eb:bc:4e:7d:04:a6:08:6e:ae:6c:3f:d4:2c:ad:0c:a4:25:b4:
c3:1a:2c:78:66:36:98:fc:8c:57:5b:4f:ab:e2:84:cb:0a:0a:
cb:07:ce:48:fd:2e:28:56:44:3c:d1:31:cd:38:f1:a5:75:1b:
b2:42:35:f6
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzCbTbBfgHRlHxog/S0+KIEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNDAwYWMyMzk2YWUyMjhkMmIyZTU2ZjRiMDY3Mzk5Njkz
NzllNDQwHhcNMjQwMTAxMDAyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDEzMTJlNDU5NmYxMTY2YTI3ODJhNjk2NzhiNDUxNjlmNDgzMzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzT+YPZg3Ce48btgF5OXHpl5t0jwc
rsajMXnbFB+gm3RYsb62BNOS7dYWuCfKX83TW+oDKVs0j2NCgjDNeQlRaDwLuPFr
/OJEEzDV8nH40oWJ/t1cxRUgPyWywvu05xqmP1cXpkrJ+5nuQmWocxI+J/b4j2CD
VQ2vkbFQWb8lrVdISIiXf7JTOb3v1MQxlvD3nFj3EjHCsr2b5PSRU37BkY9NjsGe
ELYZaoIbk6Y3OAzB0ddMHcaNuZ05vQ88QkQB4KDPNcDjRiKikn8UMvxhmc5QbD0R
5Plvqvv4JUojnpB+frqBTqex6lK/uSCu5ltZQGD8+VGA4BVvK96rZZwfiQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFO0TEuRZbxFmongqaWeLRRafSDOCMB8GA1UdIwQY
MBaAFF5ACsI5auIo0rLlb0sGc5lpN55EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYt
ZGZlZDEyZjFhMDFlLzEvN1JNUzVGbHZFV2FpZUNwcFo0dEZGcDlJTTRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYtZGZlZDEyZjFhMDFl
LzEvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDU/MQAwQH
WR4AAwQAwn7ZMA0EAgACMAcDBQAqAYIAMA0GCSqGSIb3DQEBCwUAA4IBAQAoWMGP
F9MFhfZJy5jQh118m951+8iZ6NS6jzQU85i6itRobwqwZvIqotpDuTXKCy41dp4O
hEk0y6sN8qZJ5Gxhmc7nSFrV2BsQuM60ZJIsoBSqaHpJaegEQqG8kXEMz0Dvp9vP
vjFSkYCPYM1UaikDaRQWwB7Yakmga+/Jsfgw4ps/QLKV4g1DBgIC4jtGUzy6oByw
Sqd19nrNUsAdhMcuVXQ1ypgSQj7a5B8QIb2gqxMPKPohV8tkInrFhe8BUYTz8vuz
TkXrvE59BKYIbq5sP9QsrQykJbTDGix4ZjaY/IxXW0+r4oTLCgrLB85I/S4oVkQ8
0THNOPGldRuyQjX2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:02 2024 by rpki-client on console-fra.rpki-client.org