Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/a5235f-62fb-4abb-8037-2ad195264c72/1/1-tOPLxNfBh4eNYfcFBojBazV1bw.roa
File: 1-tOPLxNfBh4eNYfcFBojBazV1bw.roa (raw, json)
Hash identifier: GMViiqMacrK8UoQwctDyRYvGqpWmW6Ib9noNxtoh2+E=
Subject key identifier: FA:D3:8F:2F:13:5F:06:1E:1E:35:87:DC:14:1A:23:05:AC:D5:D5:BC
Certificate issuer: /CN=9145ead8d3f1284402b6f75614a87257503ce1bc
Certificate serial: 0185701521D5A6CFCD6547CB107549E106B7
Authority key identifier: 91:45:EA:D8:D3:F1:28:44:02:B6:F7:56:14:A8:72:57:50:3C:E1:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kUXq2NPxKEQCtvdWFKhyV1A84bw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/a5235f-62fb-4abb-8037-2ad195264c72/1/1-tOPLxNfBh4eNYfcFBojBazV1bw.roa
Signing time: Mon 02 Jan 2023 01:25:11 +0000
ROA not before: Mon 02 Jan 2023 01:25:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43938
IP address blocks: 188.208.30.0/24 maxlen: 24
89.36.89.0/24 maxlen: 24
89.36.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:21:d5:a6:cf:cd:65:47:cb:10:75:49:e1:06:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9145ead8d3f1284402b6f75614a87257503ce1bc
Validity
Not Before: Jan 2 01:25:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fad38f2f135f061e1e3587dc141a2305acd5d5bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:f2:db:9f:fc:05:1b:95:6f:76:3f:b3:eb:2d:
7b:2b:5f:60:d1:c9:0e:34:50:1d:3d:b3:29:ac:9b:
d2:9f:af:7d:58:9a:e2:f2:9a:e6:7d:c0:c4:28:43:
99:61:49:77:30:4f:ce:3d:4b:01:fd:01:72:70:4a:
6c:bf:a7:79:72:00:fc:9c:b4:df:36:82:2c:4d:90:
77:2d:bd:5d:6a:8a:6f:5c:00:29:cb:63:e8:b0:6a:
a9:e5:7d:b3:8e:12:b5:b1:f8:e4:4e:1b:60:ab:43:
a9:20:3d:dd:1a:de:bc:e1:91:3c:2e:24:e7:ae:09:
6e:4f:16:b5:79:10:02:bf:88:00:e8:aa:e6:de:53:
d9:ff:d6:b6:c1:66:fb:40:bf:f7:ae:e1:cd:c9:4e:
0e:14:4c:82:72:b2:d4:98:9c:c4:95:52:eb:a3:4f:
a6:df:40:3c:ac:41:f9:2f:9d:af:56:e0:f3:cc:16:
fe:4e:94:d9:b7:3a:b9:bf:72:ba:9a:23:e5:eb:19:
b7:98:10:5d:91:cb:ef:50:ae:e0:43:aa:b1:3c:1f:
b4:f1:d5:5a:fb:42:ce:9c:39:cb:99:e6:dc:66:fe:
56:e8:90:bd:f8:8b:5a:ce:54:f0:0b:78:40:3c:68:
79:16:a2:b8:6f:2e:22:8b:57:e0:cf:38:51:c6:7b:
49:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:D3:8F:2F:13:5F:06:1E:1E:35:87:DC:14:1A:23:05:AC:D5:D5:BC
X509v3 Authority Key Identifier:
keyid:91:45:EA:D8:D3:F1:28:44:02:B6:F7:56:14:A8:72:57:50:3C:E1:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUXq2NPxKEQCtvdWFKhyV1A84bw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/a5235f-62fb-4abb-8037-2ad195264c72/1/1-tOPLxNfBh4eNYfcFBojBazV1bw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/a5235f-62fb-4abb-8037-2ad195264c72/1/kUXq2NPxKEQCtvdWFKhyV1A84bw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.89.0/24
89.36.193.0/24
188.208.30.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:10:1f:63:2e:62:6a:10:9c:fb:19:5d:f5:83:a4:92:20:c3:
ec:dd:82:78:0b:57:ce:30:90:2e:2f:68:70:d6:b4:7a:8f:08:
a4:93:8a:ee:87:be:88:8d:ed:82:b1:a1:2e:a3:ac:58:2d:52:
ff:32:71:88:39:35:6f:1f:23:8f:e1:f6:2f:be:44:59:f8:bd:
c4:8d:07:16:e2:5e:79:f0:6b:e9:ae:04:2c:be:31:25:6c:a7:
a1:88:16:39:8e:eb:5f:c5:cd:59:76:b8:32:16:9e:29:d6:24:
f0:22:52:0a:92:58:a3:6c:e8:eb:d4:9c:d2:1b:cd:2c:96:7e:
99:3d:45:60:5c:33:d9:7b:f4:ac:c4:9f:22:a0:c6:97:1d:ed:
a8:af:6b:90:e2:41:bb:e6:3a:a5:f2:f3:bf:67:81:9b:03:f9:
a3:c2:a2:2e:63:39:49:55:a9:7d:00:76:2f:09:e6:d2:12:54:
bd:84:d9:6c:e3:a6:dc:be:ca:03:94:4b:d7:77:e9:1d:16:63:
42:eb:ee:b3:18:fe:78:4a:37:db:be:a9:af:03:94:54:d4:9b:
e7:30:ab:5f:fc:c0:55:3a:4e:25:d9:27:e9:a3:85:4d:11:37:
c4:cd:23:79:95:d1:79:67:da:d2:82:83:df:ca:d8:e3:83:c8:
83:6c:33:67
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYVwFSHVps/NZUfLEHVJ4Qa3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNDVlYWQ4ZDNmMTI4NDQwMmI2Zjc1NjE0YTg3MjU3NTAz
Y2UxYmMwHhcNMjMwMTAyMDEyNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWQzOGYyZjEzNWYwNjFlMWUzNTg3ZGMxNDFhMjMwNWFjZDVkNWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6/Lbn/wFG5Vvdj+z6y17K19g0ckO
NFAdPbMprJvSn699WJri8prmfcDEKEOZYUl3ME/OPUsB/QFycEpsv6d5cgD8nLTf
NoIsTZB3Lb1daopvXAApy2PosGqp5X2zjhK1sfjkThtgq0OpID3dGt684ZE8LiTn
rgluTxa1eRACv4gA6Krm3lPZ/9a2wWb7QL/3ruHNyU4OFEyCcrLUmJzElVLro0+m
30A8rEH5L52vVuDzzBb+TpTZtzq5v3K6miPl6xm3mBBdkcvvUK7gQ6qxPB+08dVa
+0LOnDnLmebcZv5W6JC9+ItazlTwC3hAPGh5FqK4by4ii1fgzzhRxntJhwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPrTjy8TXwYeHjWH3BQaIwWs1dW8MB8GA1UdIwQY
MBaAFJFF6tjT8ShEArb3VhSocldQPOG8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1VYcTJOUHhLRVFDdHZkV0ZLaHlWMUE4NGJ3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9hNTIzNWYtNjJmYi00YWJiLTgwMzct
MmFkMTk1MjY0YzcyLzEvMS10T1BMeE5mQmg0ZU5ZZmNGQm9qQmF6VjFidy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTEvYTUyMzVmLTYyZmItNGFiYi04MDM3LTJhZDE5NTI2NGM3
Mi8xL2tVWHEyTlB4S0VRQ3R2ZFdGS2h5VjFBODRidy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFkkWQME
AFkkwQMEALzQHjANBgkqhkiG9w0BAQsFAAOCAQEAqhAfYy5iahCc+xld9YOkkiDD
7N2CeAtXzjCQLi9ocNa0eo8IpJOK7oe+iI3tgrGhLqOsWC1S/zJxiDk1bx8jj+H2
L75EWfi9xI0HFuJeefBr6a4ELL4xJWynoYgWOY7rX8XNWXa4MhaeKdYk8CJSCpJY
o2zo69Sc0hvNLJZ+mT1FYFwz2Xv0rMSfIqDGlx3tqK9rkOJBu+Y6pfLzv2eBmwP5
o8KiLmM5SVWpfQB2Lwnm0hJUvYTZbOOm3L7KA5RL13fpHRZjQuvusxj+eEo3276p
rwOUVNSb5zCrX/zAVTpOJdkn6aOFTRE3xM0jeZXReWfa0oKD38rY44PIg2wzZw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:39 2024 by rpki-client on console-fra.rpki-client.org