Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/_WJ26hiKabIvFldPI0_GX50Sikc.roa
File: _WJ26hiKabIvFldPI0_GX50Sikc.roa (raw, json)
Hash identifier: N5d84RgG14d+NDevpcQipjeJey5E0dKLcNw8jbrHuJY=
Subject key identifier: FD:62:76:EA:18:8A:69:B2:2F:16:57:4F:23:4F:C6:5F:9D:12:8A:47
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018CC425620F0C594196F53228D41C5D883C
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/_WJ26hiKabIvFldPI0_GX50Sikc.roa
Signing time: Mon 01 Jan 2024 08:30:33 +0000
ROA not before: Mon 01 Jan 2024 08:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62068
IP address blocks: 89.190.159.0/24 maxlen: 24
185.242.226.0/24 maxlen: 24
194.50.16.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 12:47:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:62:0f:0c:59:41:96:f5:32:28:d4:1c:5d:88:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 08:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd6276ea188a69b22f16574f234fc65f9d128a47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:aa:d9:88:31:3d:a6:55:b6:33:49:de:dc:ec:
75:a5:f8:0f:3d:09:30:05:93:a6:fc:9d:90:a6:35:
a6:ec:ce:d7:20:0d:be:8a:2c:da:37:0a:7d:72:e1:
13:f4:fa:fa:04:fa:09:81:68:98:0e:5d:29:ac:37:
79:74:9b:a4:50:69:a0:ec:43:a6:3a:a4:0a:bb:4a:
44:b4:f1:a3:4e:9d:bc:14:73:63:15:6a:ff:ec:73:
37:b3:a6:6c:a6:8c:a3:8a:fe:78:28:77:be:de:64:
a8:16:a1:b5:17:8d:45:5a:2f:e9:62:01:14:b8:f3:
17:d0:8b:e7:a8:6b:8b:3f:15:c2:e2:78:d9:4f:6a:
e9:0e:5b:58:97:fb:5c:12:bd:f0:39:31:63:e2:86:
e9:c1:fd:84:4f:eb:34:6b:9c:db:b5:54:8d:bb:bc:
50:0a:fd:5b:db:ab:ee:ad:d7:87:7e:46:b7:85:46:
a2:43:6b:bf:e2:f9:bf:98:37:92:6c:fb:02:4d:9d:
c2:e7:0a:3d:97:5b:6d:08:84:aa:d9:47:5d:d3:6f:
04:40:84:90:43:ba:2e:3e:9d:e1:8b:90:1c:15:02:
70:0e:0c:23:bc:12:ef:5e:0c:68:e9:b1:ff:e1:b4:
78:f8:fd:96:94:da:64:06:a5:b7:7e:18:af:97:01:
25:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:62:76:EA:18:8A:69:B2:2F:16:57:4F:23:4F:C6:5F:9D:12:8A:47
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/_WJ26hiKabIvFldPI0_GX50Sikc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.190.159.0/24
185.242.226.0/24
194.50.16.0/24
Signature Algorithm: sha256WithRSAEncryption
59:8a:65:7c:b6:4f:e4:c8:f0:23:be:5e:18:ae:59:79:6d:bc:
a3:f4:7e:29:71:8f:5d:ab:81:9f:ed:f4:fc:34:b3:d2:b3:d7:
32:9b:3c:61:ed:43:cc:75:15:e5:51:32:31:90:07:a6:4b:d3:
9b:43:4b:a4:e4:f0:06:41:eb:f6:3e:2d:92:cd:25:88:20:7e:
3b:ab:9c:e2:5d:3b:a6:85:1c:77:43:ce:66:45:58:08:06:ff:
da:0d:eb:a2:5e:12:0c:62:88:a0:6b:c5:c1:1d:2e:fc:c6:bd:
b2:e7:cd:d9:b1:b6:4e:d1:46:aa:0f:55:c1:95:25:9a:71:06:
5a:43:e8:b2:3f:71:d2:00:d7:69:db:e2:db:0b:4f:4a:0c:7c:
81:95:1d:a8:58:99:6f:da:59:82:8f:b5:20:fe:5d:68:f5:64:
34:33:2c:93:ce:e8:ad:bc:5f:28:fb:c1:c1:39:27:4e:59:35:
ed:65:c5:ea:bc:2d:8b:90:e9:aa:3c:f9:3b:4f:63:bc:de:5d:
5c:5a:b7:ff:3b:6e:76:f8:e7:52:9f:86:bb:81:84:e1:46:a2:
f6:b7:0b:db:d3:0e:b0:b9:ab:8f:11:24:78:12:f8:93:97:3f:
f4:cf:60:e6:85:28:d2:f8:93:b7:c5:e7:6d:78:91:10:41:5b:
96:1a:50:d1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzEJWIPDFlBlvUyKNQcXYg8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwMTAxMDgzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDYyNzZlYTE4OGE2OWIyMmYxNjU3NGYyMzRmYzY1ZjlkMTI4YTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6rZiDE9plW2M0ne3Ox1pfgPPQkw
BZOm/J2QpjWm7M7XIA2+iizaNwp9cuET9Pr6BPoJgWiYDl0prDd5dJukUGmg7EOm
OqQKu0pEtPGjTp28FHNjFWr/7HM3s6Zspoyjiv54KHe+3mSoFqG1F41FWi/pYgEU
uPMX0IvnqGuLPxXC4njZT2rpDltYl/tcEr3wOTFj4obpwf2ET+s0a5zbtVSNu7xQ
Cv1b26vurdeHfka3hUaiQ2u/4vm/mDeSbPsCTZ3C5wo9l1ttCISq2Udd028EQISQ
Q7ouPp3hi5AcFQJwDgwjvBLvXgxo6bH/4bR4+P2WlNpkBqW3fhivlwEl9wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP1iduoYimmyLxZXTyNPxl+dEopHMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvX1dKMjZoaUthYkl2RmxkUEkwX0dYNTBTaWtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWb6fAwQA
ufLiAwQAwjIQMA0GCSqGSIb3DQEBCwUAA4IBAQBZimV8tk/kyPAjvl4Yrll5bbyj
9H4pcY9dq4Gf7fT8NLPSs9cymzxh7UPMdRXlUTIxkAemS9ObQ0uk5PAGQev2Pi2S
zSWIIH47q5ziXTumhRx3Q85mRVgIBv/aDeuiXhIMYoiga8XBHS78xr2y583ZsbZO
0UaqD1XBlSWacQZaQ+iyP3HSANdp2+LbC09KDHyBlR2oWJlv2lmCj7Ug/l1o9WQ0
MyyTzuitvF8o+8HBOSdOWTXtZcXqvC2LkOmqPPk7T2O83l1cWrf/O252+OdSn4a7
gYThRqL2twvb0w6wuauPESR4EviTlz/0z2DmhSjS+JO3xedteJEQQVuWGlDR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:49 2024 by rpki-client on console-fra.rpki-client.org