Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/UUiFXXT4PjyfwegeUTO8rgEOIE4.roa
File: UUiFXXT4PjyfwegeUTO8rgEOIE4.roa (raw, json)
Hash identifier: +fvuvGU80cQkw3+2eKpYMX3PU3DetDF0DaZGrSeEsgg=
Subject key identifier: 51:48:85:5D:74:F8:3E:3C:9F:C1:E8:1E:51:33:BC:AE:01:0E:20:4E
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0191D5EC5DAD4FFCCD511D3C980B98A7626C
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/UUiFXXT4PjyfwegeUTO8rgEOIE4.roa
Signing time: Mon 09 Sep 2024 08:35:22 +0000
ROA not before: Mon 09 Sep 2024 08:35:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 89.31.122.0/24 maxlen: 24
188.214.35.0/24 maxlen: 24
2a03:f80:420::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 21 Oct 2024 06:23:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d5:ec:5d:ad:4f:fc:cd:51:1d:3c:98:0b:98:a7:62:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Sep 9 08:35:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5148855d74f83e3c9fc1e81e5133bcae010e204e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:1d:de:1a:d5:48:23:47:c5:69:5d:83:49:9a:
16:f1:45:bd:fc:5f:ae:34:cc:0e:b4:9e:8a:31:e7:
2f:29:23:ba:32:eb:55:f5:fa:cc:9e:b0:c7:02:b5:
fd:bd:fb:7d:17:22:bd:ea:54:18:eb:e8:3a:01:50:
9c:6c:75:e9:ce:6a:fc:f7:58:ab:0e:a3:f0:52:4d:
60:c7:f2:fe:f5:18:4d:ef:fe:6b:43:78:01:0d:bd:
e3:36:a7:ae:57:40:a4:b9:b5:d9:60:7a:ac:11:d9:
c7:a4:cf:fd:12:6b:5e:4d:c6:ad:4b:63:40:cd:47:
2b:58:ab:df:b2:2e:d2:04:ea:7f:da:f1:21:60:aa:
c0:fc:e6:77:b8:c9:10:e6:64:9e:9e:1c:db:80:b9:
9c:e5:dd:20:9a:65:4d:f6:96:62:36:a2:93:ff:b9:
47:45:df:bb:0b:9a:95:1e:95:d1:ef:d3:17:f0:1f:
0f:dc:23:2f:62:b6:ff:2a:1a:d7:3d:ce:32:f3:54:
f7:71:36:f7:32:ec:d2:24:29:5f:9a:c1:51:9d:9e:
45:a0:08:74:55:f4:bf:89:9f:28:95:19:93:a8:cd:
64:9c:b4:90:de:3f:4c:aa:0f:b3:ce:52:60:0b:a0:
ed:ab:cc:99:24:fb:e1:d8:e5:48:35:68:48:fe:16:
04:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:48:85:5D:74:F8:3E:3C:9F:C1:E8:1E:51:33:BC:AE:01:0E:20:4E
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/UUiFXXT4PjyfwegeUTO8rgEOIE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.31.122.0/24
188.214.35.0/24
IPv6:
2a03:f80:420::/48
Signature Algorithm: sha256WithRSAEncryption
1e:90:7e:d8:88:7a:50:58:0b:8c:c5:33:d7:2f:5a:d5:27:05:
d1:a5:00:de:b7:38:45:3f:e2:8d:27:c2:4f:14:cd:65:93:f0:
46:bb:8a:04:fa:72:19:69:7a:8e:06:de:42:cd:e2:47:9e:d0:
fe:ce:6e:83:0e:cd:87:57:e4:ab:e7:cb:4b:66:8d:47:9e:4d:
57:c7:b3:42:0e:07:74:cc:25:7b:f3:25:38:41:43:0e:e3:ce:
93:86:05:9e:76:7f:c1:8b:ed:42:a0:ec:a5:dd:1a:f6:84:2a:
ca:73:0e:17:59:ac:6f:49:9d:6d:03:d5:92:cd:07:a2:6a:df:
9c:d8:0d:85:d7:41:1f:92:9e:46:a1:c7:cc:63:84:63:0c:2d:
72:77:03:b1:7c:1b:94:39:9b:ac:0e:7c:4e:eb:67:98:4c:5d:
de:6e:d3:2e:a2:0b:41:a7:25:ac:cd:15:90:bc:da:42:9f:ec:
18:c2:71:98:75:20:9f:74:ef:0a:fc:02:57:88:bc:dc:9e:e2:
55:1f:43:ea:5b:76:98:b8:e5:64:5a:16:df:ca:0e:01:37:03:
79:ae:94:3a:1d:78:a3:54:a7:8b:19:ff:b0:fb:bf:cf:e9:ca:
aa:4c:a8:9f:a0:51:da:4f:44:12:74:24:10:c0:93:87:b5:20:
f1:ab:17:8f
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZHV7F2tT/zNUR08mAuYp2JsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQwOTA5MDgzNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTQ4ODU1ZDc0ZjgzZTNjOWZjMWU4MWU1MTMzYmNhZTAxMGUyMDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1h3eGtVII0fFaV2DSZoW8UW9/F+u
NMwOtJ6KMecvKSO6MutV9frMnrDHArX9vft9FyK96lQY6+g6AVCcbHXpzmr891ir
DqPwUk1gx/L+9RhN7/5rQ3gBDb3jNqeuV0CkubXZYHqsEdnHpM/9EmteTcatS2NA
zUcrWKvfsi7SBOp/2vEhYKrA/OZ3uMkQ5mSenhzbgLmc5d0gmmVN9pZiNqKT/7lH
Rd+7C5qVHpXR79MX8B8P3CMvYrb/KhrXPc4y81T3cTb3MuzSJClfmsFRnZ5FoAh0
VfS/iZ8olRmTqM1knLSQ3j9Mqg+zzlJgC6Dtq8yZJPvh2OVINWhI/hYEGwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFFIhV10+D48n8HoHlEzvK4BDiBOMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvVVVpRlhYVDRQanlmd2VnZVVUTzhyZ0VPSUU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAWR96AwQA
vNYjMA8EAgACMAkDBwAqAw+ABCAwDQYJKoZIhvcNAQELBQADggEBAB6QftiIelBY
C4zFM9cvWtUnBdGlAN63OEU/4o0nwk8UzWWT8Ea7igT6chlpeo4G3kLN4kee0P7O
boMOzYdX5Kvny0tmjUeeTVfHs0IOB3TMJXvzJThBQw7jzpOGBZ52f8GL7UKg7KXd
GvaEKspzDhdZrG9JnW0D1ZLNB6Jq35zYDYXXQR+Snkahx8xjhGMMLXJ3A7F8G5Q5
m6wOfE7rZ5hMXd5u0y6iC0GnJazNFZC82kKf7BjCcZh1IJ907wr8AleIvNye4lUf
Q+pbdpi45WRaFt/KDgE3A3mulDodeKNUp4sZ/7D7v8/pyqpMqJ+gUdpPRBJ0JBDA
k4e1IPGrF48=
-----END CERTIFICATE-----
Generated at Mon Oct 21 08:35:26 2024 by rpki-client on console-ams.rpki-client.org