Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/sPnQ0CmJq_4s--IrAH1XcU8s9yw.roa
File: sPnQ0CmJq_4s--IrAH1XcU8s9yw.roa (raw, json)
Hash identifier: gBpTK1J6scmFn3tAIAcs3/kj5ggcuG+gdCpS6MT+8nM=
Subject key identifier: B0:F9:D0:D0:29:89:AB:FE:2C:FB:E2:2B:00:7D:57:71:4F:2C:F7:2C
Certificate issuer: /CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
Certificate serial: 0186163AF4D638F92C8867EAAADB24ECCC04
Authority key identifier: A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/sPnQ0CmJq_4s--IrAH1XcU8s9yw.roa
Signing time: Fri 03 Feb 2023 07:43:27 +0000
ROA not before: Fri 03 Feb 2023 07:43:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207821
IP address blocks: 185.89.38.0/24 maxlen: 24
185.89.37.0/24 maxlen: 24
185.89.36.0/24 maxlen: 24
185.89.39.0/24 maxlen: 24
2.59.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:16:3a:f4:d6:38:f9:2c:88:67:ea:aa:db:24:ec:cc:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
Validity
Not Before: Feb 3 07:43:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0f9d0d02989abfe2cfbe22b007d57714f2cf72c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d2:9e:13:81:20:6d:cd:56:37:5b:5c:88:87:
e7:7a:b0:00:31:09:8b:09:40:bf:7a:ea:a2:81:d9:
e8:00:51:76:63:da:ce:d4:b8:00:af:f4:bf:d2:01:
cd:65:c5:0e:ea:b1:cf:ab:50:2d:b9:ce:60:42:e9:
9b:83:6c:47:e0:fb:26:5a:c9:c4:d1:fe:d1:ba:95:
f5:2e:63:b4:fb:44:51:53:86:91:8c:60:31:c4:57:
77:24:34:5f:11:2a:5e:b2:63:0e:8c:37:2f:fd:88:
33:ec:0d:dc:cb:4c:fb:46:c7:82:58:13:7a:cd:c3:
04:c2:ee:d3:8a:59:2a:41:ad:8b:fb:74:da:f7:f8:
f8:42:c8:f9:c1:7e:ee:b0:48:0e:67:a2:10:49:99:
fc:53:0c:f3:1f:21:0a:78:31:54:f9:67:33:42:4e:
e7:65:9b:34:d1:3f:42:19:a4:66:3a:e7:a4:41:aa:
81:e8:8f:82:84:42:0f:17:3e:5b:60:7d:90:f8:65:
32:4a:5f:03:5b:47:30:7d:ee:43:06:4f:5a:c7:6f:
10:eb:e9:a2:c3:48:b7:f2:1d:c7:38:a6:22:ca:e1:
fc:d3:a4:ef:8b:ac:98:a8:a0:3c:60:16:3c:bb:a4:
04:94:6b:d8:95:fc:2a:e8:58:df:b2:60:3d:65:ae:
42:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:F9:D0:D0:29:89:AB:FE:2C:FB:E2:2B:00:7D:57:71:4F:2C:F7:2C
X509v3 Authority Key Identifier:
keyid:A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/sPnQ0CmJq_4s--IrAH1XcU8s9yw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/qbdbZNXaF9cLur2BGjmmAt2vljo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.28.0/24
185.89.36.0/22
Signature Algorithm: sha256WithRSAEncryption
87:7f:92:16:af:7c:a5:1c:79:ab:8b:9a:0b:58:d2:6b:08:fa:
ec:f2:8e:42:3f:a7:ef:c1:67:3e:5b:5d:0d:32:c4:fc:e3:1f:
a4:f5:42:e5:5f:cf:0b:ca:92:5a:5e:e8:ac:cb:28:22:82:ce:
d8:83:08:81:b9:17:0b:a6:af:a6:ca:c5:4f:48:44:fa:6d:73:
ff:a9:3e:bf:76:00:5d:d2:ec:a9:6e:b5:d4:91:63:e1:15:0b:
88:db:bd:f3:e1:5c:53:68:6f:ce:2e:e1:c9:2f:1c:6c:0a:20:
be:82:4f:59:b5:37:34:15:20:07:15:a6:46:cb:a1:1e:39:44:
42:84:80:09:1d:12:de:1f:7e:18:40:a8:a8:75:5c:dc:1a:97:
31:9e:90:ea:52:b7:3d:04:e8:c0:2a:08:b6:28:30:4c:9e:4f:
d3:c6:8e:32:a4:11:aa:b6:79:1e:07:69:55:50:6c:f2:5f:62:
cb:23:dc:c9:34:9f:9a:23:95:fe:50:d6:cb:d1:10:76:d5:c7:
22:41:b3:32:05:b6:da:d1:29:75:ae:3e:47:a0:e5:71:46:8c:
da:c4:7f:e6:b7:2a:a5:8c:47:95:2e:6c:ba:e7:88:b2:ee:e4:
d6:f4:b2:d8:28:79:44:f4:0e:65:d7:f6:cf:5f:34:35:49:91:
10:c8:4e:bf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYYWOvTWOPksiGfqqtsk7MwEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5Yjc1YjY0ZDVkYTE3ZDcwYmJhYmQ4MTFhMzlhNjAyZGRh
Zjk2M2EwHhcNMjMwMjAzMDc0MzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGY5ZDBkMDI5ODlhYmZlMmNmYmUyMmIwMDdkNTc3MTRmMmNmNzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotKeE4Egbc1WN1tciIfnerAAMQmL
CUC/euqigdnoAFF2Y9rO1LgAr/S/0gHNZcUO6rHPq1Atuc5gQumbg2xH4PsmWsnE
0f7RupX1LmO0+0RRU4aRjGAxxFd3JDRfESpesmMOjDcv/Ygz7A3cy0z7RseCWBN6
zcMEwu7TilkqQa2L+3Ta9/j4Qsj5wX7usEgOZ6IQSZn8UwzzHyEKeDFU+WczQk7n
ZZs00T9CGaRmOuekQaqB6I+ChEIPFz5bYH2Q+GUySl8DW0cwfe5DBk9ax28Q6+mi
w0i38h3HOKYiyuH806Tvi6yYqKA8YBY8u6QElGvYlfwq6FjfsmA9Za5CzQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLD50NApiav+LPviKwB9V3FPLPcsMB8GA1UdIwQY
MBaAFKm3W2TV2hfXC7q9gRo5pgLdr5Y6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWJkYlpOWGFGOWNMdXIyQkdqbW1BdDJ2bGpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9kYTg1ZTctYTQ1Mi00YjFkLWI1YWUt
OWIxMTgwNGVjZDM5LzEvc1BuUTBDbUpxXzRzLS1JckFIMVhjVThzOXl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9kYTg1ZTctYTQ1Mi00YjFkLWI1YWUtOWIxMTgwNGVjZDM5
LzEvcWJkYlpOWGFGOWNMdXIyQkdqbW1BdDJ2bGpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjscAwQC
uVkkMA0GCSqGSIb3DQEBCwUAA4IBAQCHf5IWr3ylHHmri5oLWNJrCPrs8o5CP6fv
wWc+W10NMsT84x+k9ULlX88LypJaXuisyygigs7YgwiBuRcLpq+mysVPSET6bXP/
qT6/dgBd0uypbrXUkWPhFQuI273z4VxTaG/OLuHJLxxsCiC+gk9ZtTc0FSAHFaZG
y6EeOURChIAJHRLeH34YQKiodVzcGpcxnpDqUrc9BOjAKgi2KDBMnk/Txo4ypBGq
tnkeB2lVUGzyX2LLI9zJNJ+aI5X+UNbL0RB21cciQbMyBbba0Sl1rj5HoOVxRoza
xH/mtyqljEeVLmy654iy7uTW9LLYKHlE9A5l1/bPXzQ1SZEQyE6/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:44 2024 by rpki-client on console-fra.rpki-client.org