Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/a5235f-62fb-4abb-8037-2ad195264c72/1/6Y_CnF8S17qrBh8r_fYzphbSZ9o.roa
File: 6Y_CnF8S17qrBh8r_fYzphbSZ9o.roa (raw, json)
Hash identifier: GueTGdHxaA1uDrIcSTOslvuI8tBKbMPnBEmXpeeqhdA=
Subject key identifier: E9:8F:C2:9C:5F:12:D7:BA:AB:06:1F:2B:FD:F6:33:A6:16:D2:67:DA
Certificate issuer: /CN=9145ead8d3f1284402b6f75614a87257503ce1bc
Certificate serial: 0185701522D611FE107C9542F5C68048ACCE
Authority key identifier: 91:45:EA:D8:D3:F1:28:44:02:B6:F7:56:14:A8:72:57:50:3C:E1:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kUXq2NPxKEQCtvdWFKhyV1A84bw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/a5235f-62fb-4abb-8037-2ad195264c72/1/6Y_CnF8S17qrBh8r_fYzphbSZ9o.roa
Signing time: Mon 02 Jan 2023 01:25:11 +0000
ROA not before: Mon 02 Jan 2023 01:25:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50244
IP address blocks: 89.41.25.0/24 maxlen: 24
188.212.129.0/24 maxlen: 24
89.47.244.0/23 maxlen: 24
94.177.80.0/21 maxlen: 24
89.36.77.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:22:d6:11:fe:10:7c:95:42:f5:c6:80:48:ac:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9145ead8d3f1284402b6f75614a87257503ce1bc
Validity
Not Before: Jan 2 01:25:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e98fc29c5f12d7baab061f2bfdf633a616d267da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:29:95:17:81:b9:0f:d9:31:02:c6:5e:7d:c1:
43:8b:46:e8:44:bb:fb:ab:bf:28:43:f2:fd:e2:a8:
f4:10:ba:87:90:d1:96:b4:05:47:12:da:89:8a:8b:
5a:81:33:26:c8:88:31:04:07:d7:4f:b9:0e:de:54:
ca:1a:ff:0e:37:9c:04:0d:bd:b1:37:a6:a9:9d:ba:
16:82:f2:68:5f:68:79:63:43:7b:b3:b2:0e:7b:e9:
6d:75:c5:83:1b:87:f4:0c:10:03:7d:51:ae:54:bb:
17:6f:3d:2a:7d:9a:d5:02:8d:e9:6c:bd:51:fa:af:
51:8e:4d:f1:f0:94:2d:31:48:32:60:1c:f1:51:bd:
88:3f:a3:84:ff:e6:a6:a6:a5:de:fb:15:ec:87:94:
6b:2f:c2:cf:11:1f:fb:51:1c:75:ed:f3:80:71:1f:
ba:45:58:30:73:80:64:96:b3:96:14:89:e3:02:bb:
b5:08:e0:41:21:bf:fb:f1:01:c2:18:08:0c:d1:2d:
8c:bf:99:74:7b:a8:e5:de:3d:3e:22:97:33:ee:ce:
81:3d:75:44:1f:e0:7e:82:a1:44:ee:c2:24:ef:5e:
45:06:ec:88:dc:a6:9c:e0:a7:b7:d6:68:0e:12:6f:
e0:22:b2:4d:9f:ca:13:30:d7:5d:51:6d:a5:0c:03:
4b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:8F:C2:9C:5F:12:D7:BA:AB:06:1F:2B:FD:F6:33:A6:16:D2:67:DA
X509v3 Authority Key Identifier:
keyid:91:45:EA:D8:D3:F1:28:44:02:B6:F7:56:14:A8:72:57:50:3C:E1:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUXq2NPxKEQCtvdWFKhyV1A84bw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/a5235f-62fb-4abb-8037-2ad195264c72/1/6Y_CnF8S17qrBh8r_fYzphbSZ9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/a5235f-62fb-4abb-8037-2ad195264c72/1/kUXq2NPxKEQCtvdWFKhyV1A84bw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.77.0/24
89.41.25.0/24
89.47.244.0/23
94.177.80.0/21
188.212.129.0/24
Signature Algorithm: sha256WithRSAEncryption
67:fa:ad:1d:83:62:6e:32:de:92:89:fe:26:9b:d0:67:03:9e:
af:37:c4:ab:80:a1:62:0b:24:52:28:4d:df:62:8d:c7:22:51:
5e:f1:69:4d:b2:78:9c:ba:74:6d:89:40:b9:86:ea:58:cd:09:
b0:a1:96:57:55:37:c1:5a:3d:9d:d9:50:b6:12:d2:d8:c3:7d:
04:e8:8a:9e:e9:47:78:16:ca:e9:f0:2c:ed:7c:71:66:8a:06:
86:be:a1:6a:00:b3:84:05:4b:8d:b0:2b:82:db:43:88:b6:72:
d5:5d:10:8c:64:25:5f:85:9f:b6:99:e9:ae:e5:34:b2:5a:37:
a5:06:cc:2f:1e:b0:c1:82:00:34:b7:24:f9:7e:e1:7a:19:55:
73:51:d3:2f:5c:80:e3:42:6c:25:47:5f:74:6d:12:9f:ce:49:
00:be:cb:ae:2a:0c:b9:8e:bd:8f:04:23:f1:e5:d7:a5:0d:50:
c4:21:7b:0d:64:05:9d:79:9f:31:a9:a9:31:fe:d7:cc:c6:99:
37:d9:55:27:aa:eb:5f:31:9c:c9:a2:33:28:ff:40:b2:e3:f2:
4c:4c:ab:e3:5a:fc:97:d3:10:c0:64:9b:2b:d3:88:7f:6e:4c:
bb:7a:40:4f:20:b4:b3:28:09:fd:af:8c:8d:e0:c0:67:fc:c4:
81:78:96:c3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVwFSLWEf4QfJVC9caASKzOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNDVlYWQ4ZDNmMTI4NDQwMmI2Zjc1NjE0YTg3MjU3NTAz
Y2UxYmMwHhcNMjMwMTAyMDEyNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOThmYzI5YzVmMTJkN2JhYWIwNjFmMmJmZGY2MzNhNjE2ZDI2N2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7CmVF4G5D9kxAsZefcFDi0boRLv7
q78oQ/L94qj0ELqHkNGWtAVHEtqJiotagTMmyIgxBAfXT7kO3lTKGv8ON5wEDb2x
N6apnboWgvJoX2h5Y0N7s7IOe+ltdcWDG4f0DBADfVGuVLsXbz0qfZrVAo3pbL1R
+q9Rjk3x8JQtMUgyYBzxUb2IP6OE/+ampqXe+xXsh5RrL8LPER/7URx17fOAcR+6
RVgwc4BklrOWFInjAru1COBBIb/78QHCGAgM0S2Mv5l0e6jl3j0+Ipcz7s6BPXVE
H+B+gqFE7sIk715FBuyI3Kac4Ke31mgOEm/gIrJNn8oTMNddUW2lDANLTwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOmPwpxfEte6qwYfK/32M6YW0mfaMB8GA1UdIwQY
MBaAFJFF6tjT8ShEArb3VhSocldQPOG8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1VYcTJOUHhLRVFDdHZkV0ZLaHlWMUE4NGJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9hNTIzNWYtNjJmYi00YWJiLTgwMzct
MmFkMTk1MjY0YzcyLzEvNllfQ25GOFMxN3FyQmg4cl9mWXpwaGJTWjlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9hNTIzNWYtNjJmYi00YWJiLTgwMzctMmFkMTk1MjY0Yzcy
LzEva1VYcTJOUHhLRVFDdHZkV0ZLaHlWMUE4NGJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWSRNAwQA
WSkZAwQBWS/0AwQDXrFQAwQAvNSBMA0GCSqGSIb3DQEBCwUAA4IBAQBn+q0dg2Ju
Mt6Sif4mm9BnA56vN8SrgKFiCyRSKE3fYo3HIlFe8WlNsnicunRtiUC5hupYzQmw
oZZXVTfBWj2d2VC2EtLYw30E6Iqe6Ud4Fsrp8CztfHFmigaGvqFqALOEBUuNsCuC
20OItnLVXRCMZCVfhZ+2memu5TSyWjelBswvHrDBggA0tyT5fuF6GVVzUdMvXIDj
QmwlR190bRKfzkkAvsuuKgy5jr2PBCPx5delDVDEIXsNZAWdeZ8xqakx/tfMxpk3
2VUnqutfMZzJojMo/0Cy4/JMTKvjWvyX0xDAZJsr04h/bky7ekBPILSzKAn9r4yN
4MBn/MSBeJbD
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:16 2024 by rpki-client on console-fra.rpki-client.org