Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/3f0f8b-af93-423b-bea5-d2e351609759/1/OdU3sQJygLE2Jws6M2z6bxp45_g.roa
File: OdU3sQJygLE2Jws6M2z6bxp45_g.roa (raw, json)
Hash identifier: ueE8tCS5NiN5PPXk5G/P4H9DDaVSlOgKh6X3oH28OJg=
Subject key identifier: 39:D5:37:B1:02:72:80:B1:36:27:0B:3A:33:6C:FA:6F:1A:78:E7:F8
Certificate issuer: /CN=c559d4693555b9f2ad6807bacedc4b5a2e701a48
Certificate serial: 018C588B7F5A5FAC87896E3CC6D02EE60E82
Authority key identifier: C5:59:D4:69:35:55:B9:F2:AD:68:07:BA:CE:DC:4B:5A:2E:70:1A:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xVnUaTVVufKtaAe6ztxLWi5wGkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/3f0f8b-af93-423b-bea5-d2e351609759/1/OdU3sQJygLE2Jws6M2z6bxp45_g.roa
Signing time: Mon 11 Dec 2023 11:03:06 +0000
ROA not before: Mon 11 Dec 2023 11:03:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56911
IP address blocks: 185.70.28.0/22 maxlen: 22
149.62.34.0/24 maxlen: 24
89.35.118.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:58:8b:7f:5a:5f:ac:87:89:6e:3c:c6:d0:2e:e6:0e:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c559d4693555b9f2ad6807bacedc4b5a2e701a48
Validity
Not Before: Dec 11 11:03:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39d537b1027280b136270b3a336cfa6f1a78e7f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:18:24:8e:06:58:c6:76:3b:d2:6d:3a:24:eb:
04:dd:5c:34:00:13:70:0e:71:93:f3:51:d3:f9:4c:
b0:25:60:df:89:9e:e1:13:64:14:ba:3d:bc:b4:a8:
da:40:cc:26:01:ee:79:b0:24:7c:e0:95:5c:23:a4:
4a:ed:9d:0a:43:30:b2:ea:ef:35:b1:2b:2e:55:50:
85:c1:11:a7:8a:3a:a4:fd:ce:02:b0:ca:0c:ce:46:
dc:5e:cd:fc:50:96:d0:ea:1e:c8:2d:b5:1f:89:ba:
98:44:5d:58:43:00:da:64:16:f7:7b:99:a7:d3:ae:
82:6b:60:51:b7:8f:90:c2:8b:84:87:ca:38:e1:e8:
dd:87:59:88:3f:11:e1:4f:fa:80:b8:87:da:c1:43:
ac:72:92:d1:f6:80:81:06:31:d4:fa:51:06:8b:4d:
d5:2d:5c:7b:50:21:55:86:1e:00:1e:9e:c8:68:e7:
27:83:93:50:89:51:ea:3b:1b:d1:65:fa:2c:27:fd:
9d:e3:82:c9:b8:8f:bc:04:bc:58:4c:f1:10:e0:07:
72:4b:1b:ad:4a:ef:3a:f6:89:94:87:7f:eb:ae:2c:
52:b4:c2:ab:71:9a:a0:77:81:0d:f6:83:a0:dd:a9:
82:77:13:d6:9c:86:48:58:6b:94:19:91:d6:8c:2f:
a3:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:D5:37:B1:02:72:80:B1:36:27:0B:3A:33:6C:FA:6F:1A:78:E7:F8
X509v3 Authority Key Identifier:
keyid:C5:59:D4:69:35:55:B9:F2:AD:68:07:BA:CE:DC:4B:5A:2E:70:1A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xVnUaTVVufKtaAe6ztxLWi5wGkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/3f0f8b-af93-423b-bea5-d2e351609759/1/OdU3sQJygLE2Jws6M2z6bxp45_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/3f0f8b-af93-423b-bea5-d2e351609759/1/xVnUaTVVufKtaAe6ztxLWi5wGkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.118.0/24
149.62.34.0/24
185.70.28.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:d2:25:b3:31:d9:e7:35:9c:24:ee:fb:9d:4d:ef:c0:2b:14:
98:25:39:4e:02:7d:46:7f:c8:55:15:8c:3b:7d:9d:18:e5:6f:
28:a1:13:26:8d:da:ce:ee:25:5d:82:80:40:1c:85:dc:68:ed:
40:6c:4c:d8:f1:f8:55:a3:7a:ff:25:37:25:ee:86:d7:82:ff:
52:b1:31:be:70:09:4b:10:10:e8:02:b0:5e:3a:56:dc:de:73:
b4:3a:fd:c2:c1:92:04:8e:d7:23:fd:92:75:bf:15:df:4d:9a:
e0:c1:29:78:06:95:0a:e3:b1:0f:f7:6a:ae:02:e7:58:3b:6a:
16:79:d6:f6:5f:d8:d1:6e:88:05:ce:04:06:8e:ae:8a:05:c0:
36:60:9d:45:ad:35:d7:b5:8e:fc:ab:d4:04:61:ed:59:92:eb:
6d:46:80:da:47:fc:b6:fc:b3:b8:2e:3d:d2:e9:cd:00:b0:65:
f5:b6:13:59:c0:e0:c0:ea:9e:e9:8d:c5:d4:39:df:eb:f7:2b:
76:ce:0a:c7:d8:93:bb:b1:c0:28:d1:7e:43:f9:74:8f:b8:3c:
64:e2:e8:18:b9:ca:af:9f:52:14:8c:7f:a8:30:e6:aa:14:b8:
26:81:22:7b:22:74:a5:35:91:69:d9:ec:cd:3e:0b:fa:c6:02:
7a:a6:44:65
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYxYi39aX6yHiW48xtAu5g6CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1NTlkNDY5MzU1NWI5ZjJhZDY4MDdiYWNlZGM0YjVhMmU3
MDFhNDgwHhcNMjMxMjExMTEwMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWQ1MzdiMTAyNzI4MGIxMzYyNzBiM2EzMzZjZmE2ZjFhNzhlN2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBgkjgZYxnY70m06JOsE3Vw0ABNw
DnGT81HT+UywJWDfiZ7hE2QUuj28tKjaQMwmAe55sCR84JVcI6RK7Z0KQzCy6u81
sSsuVVCFwRGnijqk/c4CsMoMzkbcXs38UJbQ6h7ILbUfibqYRF1YQwDaZBb3e5mn
066Ca2BRt4+QwouEh8o44ejdh1mIPxHhT/qAuIfawUOscpLR9oCBBjHU+lEGi03V
LVx7UCFVhh4AHp7IaOcng5NQiVHqOxvRZfosJ/2d44LJuI+8BLxYTPEQ4AdySxut
Su869omUh3/rrixStMKrcZqgd4EN9oOg3amCdxPWnIZIWGuUGZHWjC+jRQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDnVN7ECcoCxNicLOjNs+m8aeOf4MB8GA1UdIwQY
MBaAFMVZ1Gk1VbnyrWgHus7cS1oucBpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFZuVWFUVlZ1Zkt0YUFlNnp0eExXaTV3R2tnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8zZjBmOGItYWY5My00MjNiLWJlYTUt
ZDJlMzUxNjA5NzU5LzEvT2RVM3NRSnlnTEUySndzNk0yejZieHA0NV9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8zZjBmOGItYWY5My00MjNiLWJlYTUtZDJlMzUxNjA5NzU5
LzEveFZuVWFUVlZ1Zkt0YUFlNnp0eExXaTV3R2tnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSN2AwQA
lT4iAwQCuUYcMA0GCSqGSIb3DQEBCwUAA4IBAQAe0iWzMdnnNZwk7vudTe/AKxSY
JTlOAn1Gf8hVFYw7fZ0Y5W8ooRMmjdrO7iVdgoBAHIXcaO1AbEzY8fhVo3r/JTcl
7obXgv9SsTG+cAlLEBDoArBeOlbc3nO0Ov3CwZIEjtcj/ZJ1vxXfTZrgwSl4BpUK
47EP92quAudYO2oWedb2X9jRbogFzgQGjq6KBcA2YJ1FrTXXtY78q9QEYe1Zkutt
RoDaR/y2/LO4Lj3S6c0AsGX1thNZwODA6p7pjcXUOd/r9yt2zgrH2JO7scAo0X5D
+XSPuDxk4ugYucqvn1IUjH+oMOaqFLgmgSJ7InSlNZFp2ezNPgv6xgJ6pkRl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:03 2024 by rpki-client on console-fra.rpki-client.org