Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/DTJYQVvusAEIqcc-EzPuqetfIBQ.roa
File: DTJYQVvusAEIqcc-EzPuqetfIBQ.roa (raw, json)
Hash identifier: EfoNt7GS32BrhOC5T2LRscNUeun8INKzzp9JvysTCt4=
Subject key identifier: 0D:32:58:41:5B:EE:B0:01:08:A9:C7:3E:13:33:EE:A9:EB:5F:20:14
Certificate issuer: /CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
Certificate serial: 0189DB792B45F9D06725DEFC7E0003428EA3
Authority key identifier: 05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/DTJYQVvusAEIqcc-EzPuqetfIBQ.roa
Signing time: Wed 09 Aug 2023 18:04:58 +0000
ROA not before: Wed 09 Aug 2023 18:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209984
IP address blocks: 89.43.72.0/24 maxlen: 24
109.205.136.0/22 maxlen: 24
185.237.136.0/22 maxlen: 24
185.249.232.0/24 maxlen: 24
193.39.95.0/24 maxlen: 24
194.15.219.0/24 maxlen: 24
194.15.232.0/24 maxlen: 24
194.26.1.0/24 maxlen: 24
194.15.236.0/24 maxlen: 24
89.44.145.0/24 maxlen: 24
89.43.198.0/24 maxlen: 24
89.40.238.0/24 maxlen: 24
2a06:ce00::/29 maxlen: 29
2a0c:1380::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:db:79:2b:45:f9:d0:67:25:de:fc:7e:00:03:42:8e:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
Validity
Not Before: Aug 9 18:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d3258415beeb00108a9c73e1333eea9eb5f2014
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:05:9e:a4:05:a6:24:ac:be:ec:ea:a1:0b:d7:
73:3a:9f:9f:3f:2f:a4:c6:55:9b:50:53:72:8b:85:
13:a4:4b:ad:d7:c0:6a:a6:76:dd:11:b5:79:d9:78:
34:ef:93:29:0a:53:1e:6b:62:8c:fc:78:a7:2f:c3:
41:56:4b:07:1e:21:1c:17:7d:47:39:e4:5c:cc:91:
a0:5f:af:b8:14:5e:dd:65:b6:81:88:c1:d7:cc:7d:
01:3b:ce:ad:36:e6:0f:b5:a8:42:e5:51:91:56:b3:
12:07:d5:45:98:08:03:4f:14:4e:f7:03:e2:c2:ca:
59:bc:ba:5b:be:cd:51:5f:5a:d8:77:8b:eb:3f:22:
a2:62:d3:7d:5d:9f:b1:1b:06:80:23:c1:5f:23:a0:
f2:12:a0:3f:65:80:14:6c:c6:4d:39:c9:ce:c7:75:
00:db:90:e6:34:f3:7c:60:b6:fd:f7:2a:7b:de:1b:
8d:3f:f1:ce:ac:08:7a:9b:85:24:fe:5e:cc:02:17:
cf:c0:8d:42:68:ec:40:82:54:d0:7a:b1:e3:03:72:
c6:af:7c:9b:cc:55:f0:18:b0:4d:b5:a8:90:cf:ae:
ca:89:d8:cb:c5:22:d0:2f:09:fe:e5:63:b7:ca:dd:
3f:3f:36:ed:df:fc:29:02:67:7a:b0:60:b5:db:1a:
d8:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:32:58:41:5B:EE:B0:01:08:A9:C7:3E:13:33:EE:A9:EB:5F:20:14
X509v3 Authority Key Identifier:
keyid:05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/DTJYQVvusAEIqcc-EzPuqetfIBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/BZuG-Z4ta94U-oeZ3nHOQbmAILk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.238.0/24
89.43.72.0/24
89.43.198.0/24
89.44.145.0/24
109.205.136.0/22
185.237.136.0/22
185.249.232.0/24
193.39.95.0/24
194.15.219.0/24
194.15.232.0/24
194.15.236.0/24
194.26.1.0/24
IPv6:
2a06:ce00::/29
2a0c:1380::/29
Signature Algorithm: sha256WithRSAEncryption
1e:4c:5d:52:5e:40:d3:a8:75:30:b2:19:75:aa:88:d0:d8:28:
ac:fb:82:fb:72:28:6b:2d:39:a8:40:14:59:1c:ae:f4:0b:eb:
c5:d8:e3:3e:a6:9f:70:0a:e5:2a:01:8c:62:d5:e3:54:df:36:
45:a1:cf:8a:27:70:69:51:4a:85:9a:b6:58:8a:e5:bb:e4:78:
da:21:d4:a5:18:99:07:68:da:b4:e6:78:f8:95:93:7f:5d:d6:
dd:b9:77:66:1d:ca:e8:47:01:e8:63:0b:6b:bd:23:0e:d9:82:
db:98:55:0a:cd:f2:6c:40:57:ed:fe:06:07:ac:12:49:1c:75:
86:cd:0b:10:73:8c:63:f1:0f:15:2a:99:4e:a3:ce:c8:0f:cb:
ff:92:be:fa:4c:a9:ab:e1:c4:73:bf:55:5d:d9:5a:eb:a9:94:
54:c8:98:31:0a:45:52:06:4d:dd:24:d7:95:b9:b4:c7:53:e8:
53:a4:e8:05:f8:d0:38:be:d6:1f:1a:a9:36:ae:f8:e3:04:b3:
69:25:1f:69:3a:d9:8e:79:01:1a:af:ef:0e:2d:11:8f:d4:bb:
03:29:d8:28:7e:7b:dc:b3:33:f2:bc:73:2f:2c:eb:59:0a:b0:
97:b4:c3:27:c8:be:ac:5f:9a:fb:33:01:b5:ac:f8:df:8c:83:
54:e6:8f:49
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYnbeStF+dBnJd78fgADQo6jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWI4NmY5OWUyZDZiZGUxNGZhODc5OWRlNzFjZTQxYjk4
MDIwYjkwHhcNMjMwODA5MTgwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDMyNTg0MTViZWViMDAxMDhhOWM3M2UxMzMzZWVhOWViNWYyMDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwWepAWmJKy+7OqhC9dzOp+fPy+k
xlWbUFNyi4UTpEut18BqpnbdEbV52Xg075MpClMea2KM/HinL8NBVksHHiEcF31H
OeRczJGgX6+4FF7dZbaBiMHXzH0BO86tNuYPtahC5VGRVrMSB9VFmAgDTxRO9wPi
wspZvLpbvs1RX1rYd4vrPyKiYtN9XZ+xGwaAI8FfI6DyEqA/ZYAUbMZNOcnOx3UA
25DmNPN8YLb99yp73huNP/HOrAh6m4Uk/l7MAhfPwI1CaOxAglTQerHjA3LGr3yb
zFXwGLBNtaiQz67KidjLxSLQLwn+5WO3yt0/Pzbt3/wpAmd6sGC12xrYcwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFA0yWEFb7rABCKnHPhMz7qnrXyAUMB8GA1UdIwQY
MBaAFAWbhvmeLWveFPqHmd5xzkG5gCC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlp1Ry1aNHRhOTRVLW9lWjNuSE9RYm1BSUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zNTg0MTYtMjc1Mi00MTU5LWFkZDYt
Y2MzZmIzNTFlMzM2LzEvRFRKWVFWdnVzQUVJcWNjLUV6UHVxZXRmSUJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8zNTg0MTYtMjc1Mi00MTU5LWFkZDYtY2MzZmIzNTFlMzM2
LzEvQlp1Ry1aNHRhOTRVLW9lWjNuSE9RYm1BSUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBOBAIAATBIAwQAWSjuAwQA
WStIAwQAWSvGAwQAWSyRAwQCbc2IAwQCue2IAwQAufnoAwQAwSdfAwQAwg/bAwQA
wg/oAwQAwg/sAwQAwhoBMBQEAgACMA4DBQMqBs4AAwUDKgwTgDANBgkqhkiG9w0B
AQsFAAOCAQEAHkxdUl5A06h1MLIZdaqI0NgorPuC+3Ioay05qEAUWRyu9Avrxdjj
PqafcArlKgGMYtXjVN82RaHPiidwaVFKhZq2WIrlu+R42iHUpRiZB2jatOZ4+JWT
f13W3bl3Zh3K6EcB6GMLa70jDtmC25hVCs3ybEBX7f4GB6wSSRx1hs0LEHOMY/EP
FSqZTqPOyA/L/5K++kypq+HEc79VXdla66mUVMiYMQpFUgZN3STXlbm0x1PoU6To
BfjQOL7WHxqpNq744wSzaSUfaTrZjnkBGq/vDi0Rj9S7AynYKH573LMz8rxzLyzr
WQqwl7TDJ8i+rF+a+zMBtaz434yDVOaPSQ==
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:21 2024 by rpki-client on console-fra.rpki-client.org