Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/7Ba89F2--zQVHJyWzCh9IRRwaJY.roa
File: 7Ba89F2--zQVHJyWzCh9IRRwaJY.roa (raw, json)
Hash identifier: pcR7qV+WAv7atPL/xuKbhIl4tt3DtZMvMSNSMWaQeRc=
Subject key identifier: EC:16:BC:F4:5D:BE:FB:34:15:1C:9C:96:CC:28:7D:21:14:70:68:96
Certificate issuer: /CN=87be093097097c4457ff5aa3e5893c8c15432612
Certificate serial: 01856E2FB01DD85D4D8A553B2677C7AAE51C
Authority key identifier: 87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/7Ba89F2--zQVHJyWzCh9IRRwaJY.roa
Signing time: Sun 01 Jan 2023 16:34:57 +0000
ROA not before: Sun 01 Jan 2023 16:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39409
IP address blocks: 89.37.98.0/24 maxlen: 24
37.153.156.0/24 maxlen: 24
185.216.8.0/24 maxlen: 24
2a10:9906::/36 maxlen: 36
Validation: Failed, certificate revoked on Sun 12 Mar 2023 21:04:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:b0:1d:d8:5d:4d:8a:55:3b:26:77:c7:aa:e5:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87be093097097c4457ff5aa3e5893c8c15432612
Validity
Not Before: Jan 1 16:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec16bcf45dbefb34151c9c96cc287d2114706896
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:b5:e9:bd:f9:18:a8:97:bb:5a:cb:0e:1b:f0:
b1:fe:43:e2:d8:4c:d2:fc:f4:d9:1b:dc:3b:cb:f6:
47:32:20:c9:2e:00:9c:36:6b:d1:57:fb:75:12:0e:
84:c2:b4:92:57:2a:c2:14:1d:b0:f8:90:41:f2:c0:
63:c4:81:7e:ac:f5:bb:5c:af:67:b1:fa:3d:5b:f9:
bc:9c:d0:3e:e8:a4:33:76:b3:3d:bd:50:a8:7b:08:
d4:22:3f:58:4b:f4:c6:99:78:ee:5a:a5:b4:fc:e1:
cb:d0:aa:af:9b:8d:c2:2c:27:cf:d6:85:27:94:82:
44:c3:73:48:5e:9c:0e:e9:28:1f:f4:4d:13:dd:57:
b2:67:7d:ab:11:0a:85:d2:56:8a:00:38:50:c5:10:
6f:37:2f:49:35:09:ab:7b:e5:04:84:07:4d:cf:bb:
f3:0d:8b:f2:ed:4d:e2:f2:d9:1a:ab:0f:85:e1:8f:
1e:70:20:95:73:9b:29:19:45:fd:1d:a6:93:00:41:
35:55:69:13:d8:a7:75:3b:07:86:5a:59:91:a4:57:
d3:75:0c:ee:4f:6b:7e:af:8b:2b:15:8f:15:79:0a:
42:0b:20:9f:1f:2b:c5:c4:2e:c3:1d:9a:b0:a6:5b:
e6:af:b0:d4:ce:53:70:02:dd:29:00:67:b7:0b:ad:
21:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:16:BC:F4:5D:BE:FB:34:15:1C:9C:96:CC:28:7D:21:14:70:68:96
X509v3 Authority Key Identifier:
keyid:87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/7Ba89F2--zQVHJyWzCh9IRRwaJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.156.0/24
89.37.98.0/24
185.216.8.0/24
IPv6:
2a10:9906::/36
Signature Algorithm: sha256WithRSAEncryption
30:8c:1c:cc:3f:42:6c:c3:e3:00:b0:ea:4a:41:be:1d:bb:87:
76:df:a2:36:b5:67:fc:f5:e2:ae:03:d3:8f:5e:5b:3c:1a:79:
49:93:e1:22:96:ce:4d:01:50:13:d7:c3:47:5b:3a:3c:1e:0d:
f7:2a:7d:8b:f2:8e:af:c0:98:21:61:96:91:f5:ca:d7:27:9c:
59:02:af:0e:00:e1:ef:4a:5d:7b:71:40:21:63:9a:b8:3c:4b:
35:32:df:e2:6c:b8:0c:0a:11:5c:88:cf:94:23:64:4f:a6:07:
2e:da:b8:ec:8e:ac:74:a0:d3:86:be:41:bb:05:9e:6a:0c:50:
e1:b3:ea:1a:63:f3:f7:42:a9:26:f8:1b:cb:a1:0d:31:58:2b:
02:02:8b:57:ea:82:b6:9d:8d:26:b7:98:fa:12:17:56:d0:9b:
89:32:61:a6:24:00:dc:03:8f:97:1a:45:2a:28:2a:9f:4b:6d:
f4:2c:a8:76:a7:46:25:9c:06:46:0e:32:99:9d:a9:08:47:2e:
b7:20:eb:12:fb:ec:d4:94:0c:5d:1e:91:05:f6:a4:dc:b0:07:
38:8e:b5:d1:8c:3f:13:73:e8:ef:f2:e9:17:41:b6:e3:55:f9:
de:1f:e3:f1:19:c6:61:1c:10:b1:6e:7c:27:3a:4e:03:21:dd:
14:6f:4e:5f
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVuL7Ad2F1NilU7JnfHquUcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YmUwOTMwOTcwOTdjNDQ1N2ZmNWFhM2U1ODkzYzhjMTU0
MzI2MTIwHhcNMjMwMTAxMTYzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzE2YmNmNDVkYmVmYjM0MTUxYzljOTZjYzI4N2QyMTE0NzA2ODk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLXpvfkYqJe7WssOG/Cx/kPi2EzS
/PTZG9w7y/ZHMiDJLgCcNmvRV/t1Eg6EwrSSVyrCFB2w+JBB8sBjxIF+rPW7XK9n
sfo9W/m8nNA+6KQzdrM9vVCoewjUIj9YS/TGmXjuWqW0/OHL0Kqvm43CLCfP1oUn
lIJEw3NIXpwO6Sgf9E0T3VeyZ32rEQqF0laKADhQxRBvNy9JNQmre+UEhAdNz7vz
DYvy7U3i8tkaqw+F4Y8ecCCVc5spGUX9HaaTAEE1VWkT2Kd1OweGWlmRpFfTdQzu
T2t+r4srFY8VeQpCCyCfHyvFxC7DHZqwplvmr7DUzlNwAt0pAGe3C60hQwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFOwWvPRdvvs0FRyclswofSEUcGiWMB8GA1UdIwQY
MBaAFIe+CTCXCXxEV/9ao+WJPIwVQyYSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMt
MmNkZTY1ZjMxMTJhLzEvN0JhODlGMi0telFWSEp5V3pDaDlJUlJ3YUpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMtMmNkZTY1ZjMxMTJh
LzEvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQAJZmcAwQA
WSViAwQAudgIMA4EAgACMAgDBgQqEJkGADANBgkqhkiG9w0BAQsFAAOCAQEAMIwc
zD9CbMPjALDqSkG+HbuHdt+iNrVn/PXirgPTj15bPBp5SZPhIpbOTQFQE9fDR1s6
PB4N9yp9i/KOr8CYIWGWkfXK1yecWQKvDgDh70pde3FAIWOauDxLNTLf4my4DAoR
XIjPlCNkT6YHLtq47I6sdKDThr5BuwWeagxQ4bPqGmPz90KpJvgby6ENMVgrAgKL
V+qCtp2NJreY+hIXVtCbiTJhpiQA3AOPlxpFKigqn0tt9CyodqdGJZwGRg4ymZ2p
CEcutyDrEvvs1JQMXR6RBfak3LAHOI610Yw/E3Po7/LpF0G241X53h/j8RnGYRwQ
sW58JzpOAyHdFG9OXw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:45 2024 by rpki-client on console-ams.rpki-client.org