Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/f621a7-e080-4255-926d-32ff31ceec8b/1/5HAVnTcVtqtGmix9FItEDRgiQxs.roa
File: 5HAVnTcVtqtGmix9FItEDRgiQxs.roa (raw, json)
Hash identifier: IlmKwdpBK1DC79abTpfdgA7D8cFnMuTMQ6cRwrVAjUQ=
Subject key identifier: E4:70:15:9D:37:15:B6:AB:46:9A:2C:7D:14:8B:44:0D:18:22:43:1B
Certificate issuer: /CN=8d4dd2d06d920e403933fdb2cd1984893552579c
Certificate serial: 018B8914FCDB6BA748566D154D92821A0D4C
Authority key identifier: 8D:4D:D2:D0:6D:92:0E:40:39:33:FD:B2:CD:19:84:89:35:52:57:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jU3S0G2SDkA5M_2yzRmEiTVSV5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/f621a7-e080-4255-926d-32ff31ceec8b/1/5HAVnTcVtqtGmix9FItEDRgiQxs.roa
Signing time: Wed 01 Nov 2023 04:12:15 +0000
ROA not before: Wed 01 Nov 2023 04:12:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39232
IP address blocks: 89.219.40.0/22 maxlen: 22
89.219.40.0/21 maxlen: 21
89.219.44.0/22 maxlen: 22
89.219.38.0/23 maxlen: 23
89.219.48.0/21 maxlen: 21
89.219.48.0/20 maxlen: 20
89.219.56.0/21 maxlen: 21
89.219.36.0/23 maxlen: 23
89.219.36.0/22 maxlen: 22
89.219.156.0/23 maxlen: 23
89.219.156.0/22 maxlen: 22
89.219.155.0/24 maxlen: 24
89.219.158.0/23 maxlen: 23
89.219.160.0/24 maxlen: 24
89.219.164.0/23 maxlen: 23
89.219.164.0/22 maxlen: 22
89.219.163.0/24 maxlen: 24
89.219.166.0/23 maxlen: 23
89.219.171.0/24 maxlen: 24
89.219.170.0/24 maxlen: 24
89.219.170.0/23 maxlen: 23
89.219.169.0/24 maxlen: 24
89.219.172.0/22 maxlen: 22
89.219.172.0/23 maxlen: 23
89.219.174.0/23 maxlen: 23
89.219.176.0/21 maxlen: 21
89.219.176.0/20 maxlen: 20
89.219.184.0/21 maxlen: 21
89.219.132.0/23 maxlen: 23
89.219.132.0/24 maxlen: 24
89.219.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:89:14:fc:db:6b:a7:48:56:6d:15:4d:92:82:1a:0d:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d4dd2d06d920e403933fdb2cd1984893552579c
Validity
Not Before: Nov 1 04:12:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e470159d3715b6ab469a2c7d148b440d1822431b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:25:17:03:00:cb:96:51:9d:4e:02:be:68:f0:
b3:c7:41:8e:c2:66:26:31:3b:3f:c7:53:5f:ba:79:
54:ab:fa:db:4a:c8:f0:23:19:16:79:90:9a:e0:5d:
0f:81:39:b0:af:dc:c3:bc:b4:76:74:96:fd:22:2e:
04:69:2f:96:ed:90:bc:83:47:49:40:ea:ae:3f:ce:
82:38:ee:71:51:63:81:34:bb:27:f8:f7:d2:9f:39:
38:e9:b0:51:05:c3:27:70:5e:7a:e9:18:54:eb:cc:
b1:78:0f:69:b7:4f:62:c8:c0:a9:fd:80:e4:ab:36:
b6:17:1a:62:af:19:86:b1:69:ad:65:12:25:c4:a1:
e5:f9:25:cc:bc:29:00:09:d2:7d:30:39:e2:a9:1c:
7d:fd:8a:a5:23:4a:50:cb:f6:1e:1c:1b:aa:31:52:
0f:18:17:67:e4:f4:33:15:2c:33:13:70:e4:44:04:
f6:9e:cc:33:eb:30:4d:34:0e:50:9f:0a:90:cc:f2:
e4:d5:0f:6f:91:13:96:bd:92:bf:34:b4:2e:db:dc:
e2:07:a7:76:f7:86:33:6d:b1:3c:71:8f:cd:b2:c7:
ae:85:92:88:7f:5f:4f:79:c9:8f:f3:39:83:2f:ca:
90:47:70:12:35:51:b6:c0:72:c6:0e:ec:4c:a9:7f:
88:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:70:15:9D:37:15:B6:AB:46:9A:2C:7D:14:8B:44:0D:18:22:43:1B
X509v3 Authority Key Identifier:
keyid:8D:4D:D2:D0:6D:92:0E:40:39:33:FD:B2:CD:19:84:89:35:52:57:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jU3S0G2SDkA5M_2yzRmEiTVSV5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f621a7-e080-4255-926d-32ff31ceec8b/1/5HAVnTcVtqtGmix9FItEDRgiQxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f621a7-e080-4255-926d-32ff31ceec8b/1/jU3S0G2SDkA5M_2yzRmEiTVSV5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.219.36.0-89.219.63.255
89.219.132.0/23
89.219.155.0-89.219.160.255
89.219.163.0-89.219.167.255
89.219.169.0-89.219.191.255
Signature Algorithm: sha256WithRSAEncryption
6a:37:4d:d5:3e:f1:49:86:36:7a:c2:53:41:ac:a8:ce:e3:43:
b4:a0:f5:da:35:66:6b:0d:21:0a:95:4b:2f:ae:d5:cc:ba:77:
cc:89:0f:03:f3:d0:b2:cd:55:e4:b0:56:4c:67:3b:a4:ee:46:
ec:a7:ca:51:b2:c1:47:24:d4:6e:96:d1:17:23:7f:19:bb:a5:
89:6a:c8:db:93:a5:37:fe:aa:39:2d:31:5b:8c:61:85:da:a9:
ec:ed:6f:0b:40:e5:4d:c8:60:d9:9d:80:62:42:d8:a9:fe:02:
f7:2b:14:d9:53:a5:c7:30:78:94:bc:ca:51:f6:b0:e0:8c:92:
e0:09:86:98:41:ae:e5:69:ba:02:36:67:e8:aa:53:e8:fe:40:
da:83:22:16:ef:9a:bb:d5:95:6f:36:b2:1e:2a:d9:50:34:f2:
6a:97:f5:9a:3e:25:8f:66:d7:fa:6a:50:62:f1:25:ba:71:8c:
d7:24:e0:8b:e4:74:24:f6:c5:73:a4:1d:45:a8:e6:03:73:b2:
c3:5c:f5:30:c9:d9:1b:9f:4e:4f:95:08:48:88:8f:bf:aa:8e:
47:96:f8:2f:b7:78:f1:71:b9:63:b9:7a:f9:67:dc:a5:bd:aa:
d5:78:9b:78:65:b7:6c:bf:12:1d:d0:a3:94:25:3f:e8:9f:ed:
5e:0a:6b:43
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYuJFPzba6dIVm0VTZKCGg1MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNGRkMmQwNmQ5MjBlNDAzOTMzZmRiMmNkMTk4NDg5MzU1
MjU3OWMwHhcNMjMxMTAxMDQxMjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDcwMTU5ZDM3MTViNmFiNDY5YTJjN2QxNDhiNDQwZDE4MjI0MzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyUXAwDLllGdTgK+aPCzx0GOwmYm
MTs/x1NfunlUq/rbSsjwIxkWeZCa4F0PgTmwr9zDvLR2dJb9Ii4EaS+W7ZC8g0dJ
QOquP86COO5xUWOBNLsn+PfSnzk46bBRBcMncF566RhU68yxeA9pt09iyMCp/YDk
qza2FxpirxmGsWmtZRIlxKHl+SXMvCkACdJ9MDniqRx9/YqlI0pQy/YeHBuqMVIP
GBdn5PQzFSwzE3DkRAT2nswz6zBNNA5QnwqQzPLk1Q9vkROWvZK/NLQu29ziB6d2
94YzbbE8cY/NsseuhZKIf19PecmP8zmDL8qQR3ASNVG2wHLGDuxMqX+IpwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFORwFZ03FbarRposfRSLRA0YIkMbMB8GA1UdIwQY
MBaAFI1N0tBtkg5AOTP9ss0ZhIk1UlecMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalUzUzBHMlNEa0E1TV8yeXpSbUVpVFZTVjV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9mNjIxYTctZTA4MC00MjU1LTkyNmQt
MzJmZjMxY2VlYzhiLzEvNUhBVm5UY1Z0cXRHbWl4OUZJdEVEUmdpUXhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9mNjIxYTctZTA4MC00MjU1LTkyNmQtMzJmZjMxY2VlYzhi
LzEvalUzUzBHMlNEa0E1TV8yeXpSbUVpVFZTVjV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+MAwDBAJZ2yQD
BAZZ2wADBAFZ24QwDAMEAFnbmwMEAFnboDAMAwQAWdujAwQDWdugMAwDBABZ26kD
BAZZ24AwDQYJKoZIhvcNAQELBQADggEBAGo3TdU+8UmGNnrCU0GsqM7jQ7Sg9do1
ZmsNIQqVSy+u1cy6d8yJDwPz0LLNVeSwVkxnO6TuRuynylGywUck1G6W0Rcjfxm7
pYlqyNuTpTf+qjktMVuMYYXaqeztbwtA5U3IYNmdgGJC2Kn+AvcrFNlTpccweJS8
ylH2sOCMkuAJhphBruVpugI2Z+iqU+j+QNqDIhbvmrvVlW82sh4q2VA08mqX9Zo+
JY9m1/pqUGLxJbpxjNck4IvkdCT2xXOkHUWo5gNzssNc9TDJ2RufTk+VCEiIj7+q
jkeW+C+3ePFxuWO5evln3KW9qtV4m3hlt2y/Eh3Qo5QlP+if7V4Ka0M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:24 2024 by rpki-client on console-ams.rpki-client.org