Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/iR2NJtbKXIkhwZtxbG0QsdQK11c.roa
File: iR2NJtbKXIkhwZtxbG0QsdQK11c.roa (raw, json)
Hash identifier: nmWYdWEOKp3OT7e01nWc62dlv9WOky9igSErmdxNuA4=
Subject key identifier: 89:1D:8D:26:D6:CA:5C:89:21:C1:9B:71:6C:6D:10:B1:D4:0A:D7:57
Certificate issuer: /CN=87be093097097c4457ff5aa3e5893c8c15432612
Certificate serial: 018A93E25EDA1A3EF510CE86ADCE6C2C6474
Authority key identifier: 87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/iR2NJtbKXIkhwZtxbG0QsdQK11c.roa
Signing time: Thu 14 Sep 2023 13:30:00 +0000
ROA not before: Thu 14 Sep 2023 13:30:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39409
IP address blocks: 37.153.156.0/24 maxlen: 24
185.216.8.0/24 maxlen: 24
2001:678:d58::/48 maxlen: 48
2001:678:20c::/48 maxlen: 48
2a10:9906::/36 maxlen: 36
Validation: Failed, certificate revoked on Thu 14 Sep 2023 20:24:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:93:e2:5e:da:1a:3e:f5:10:ce:86:ad:ce:6c:2c:64:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87be093097097c4457ff5aa3e5893c8c15432612
Validity
Not Before: Sep 14 13:30:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=891d8d26d6ca5c8921c19b716c6d10b1d40ad757
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ab:99:09:55:4f:ee:9a:33:72:bf:0d:5f:7a:
3f:f1:b8:b9:fb:d2:4e:58:c8:b3:6d:f8:6c:6f:7d:
2f:d1:46:60:5d:f7:6d:bf:f0:74:4e:5f:f3:3a:6f:
9e:ec:25:ea:b1:ea:42:30:c5:7f:e7:47:d6:92:7a:
9f:2f:e7:ba:13:e1:18:8f:e6:3e:4e:11:f4:7e:49:
a7:9a:e2:cb:d4:7f:62:ea:b2:f6:39:62:68:55:58:
2f:f0:08:1f:37:2b:97:80:71:68:33:94:22:8f:73:
a4:be:0e:34:e1:35:8f:b6:1b:fe:aa:63:2c:1d:63:
61:8a:51:72:58:6e:ef:61:0e:12:0f:f5:93:a6:0b:
3a:f9:7f:d3:15:50:c3:17:7b:69:9f:c7:ea:7b:bf:
99:15:50:0f:75:54:7f:61:41:d7:18:62:e5:9b:2d:
70:45:a7:2c:d7:f2:10:71:48:19:ef:37:c5:be:36:
d9:be:70:42:ee:23:ad:d8:45:e4:a4:1b:d0:08:2f:
df:ed:49:cf:12:7d:6a:38:ae:50:cf:2f:f8:3c:f2:
74:1d:db:e6:1c:a9:3e:33:88:65:9d:d3:46:08:bd:
9e:87:44:4a:c4:07:5a:5b:19:06:46:17:6c:7f:82:
d3:1e:f0:b6:04:9a:e7:09:35:89:45:ba:86:8a:00:
6a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:1D:8D:26:D6:CA:5C:89:21:C1:9B:71:6C:6D:10:B1:D4:0A:D7:57
X509v3 Authority Key Identifier:
keyid:87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/iR2NJtbKXIkhwZtxbG0QsdQK11c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.156.0/24
185.216.8.0/24
IPv6:
2001:678:20c::/48
2001:678:d58::/48
2a10:9906::/36
Signature Algorithm: sha256WithRSAEncryption
9f:3a:93:47:7a:64:85:2f:9f:af:fe:4d:04:ca:34:83:b9:73:
e6:6b:e3:4a:99:0b:a6:3f:30:84:31:68:01:bb:03:1f:d9:df:
e5:8c:34:6a:81:1e:2d:31:dc:a6:5b:37:66:20:53:96:77:d9:
21:00:d2:9f:1e:34:aa:72:77:e5:d1:cb:de:58:e1:00:d8:64:
6e:00:59:29:21:91:2c:5b:ae:51:7b:0d:ef:ca:64:77:0e:77:
d6:f8:df:54:16:07:c0:2a:74:a9:ff:6c:cb:0f:19:8d:6c:d8:
bf:ef:95:f5:b6:25:b0:eb:ea:d4:53:30:c9:92:1e:20:0d:bc:
3f:88:f6:12:bc:33:4b:e5:c1:5e:09:12:b6:db:87:dd:c8:11:
b6:66:6b:61:0a:7f:3d:ed:69:1f:d3:a6:1a:cd:72:00:9e:67:
37:0d:9d:b2:f2:07:6a:5b:78:c3:62:1b:89:2b:86:d5:dd:3b:
56:55:61:13:32:2a:51:ec:3f:6e:66:38:f1:0c:22:5b:95:a1:
20:8f:a1:17:95:6d:d8:47:3d:91:8e:18:32:1a:06:7f:fa:09:
71:fa:99:34:aa:5b:62:86:8a:87:21:4b:81:c8:33:ce:98:dd:
9a:9a:b7:ea:8b:21:3d:4d:54:14:d1:96:1d:c3:29:cc:e3:45:
b0:a5:62:80
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYqT4l7aGj71EM6Grc5sLGR0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YmUwOTMwOTcwOTdjNDQ1N2ZmNWFhM2U1ODkzYzhjMTU0
MzI2MTIwHhcNMjMwOTE0MTMzMDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTFkOGQyNmQ2Y2E1Yzg5MjFjMTliNzE2YzZkMTBiMWQ0MGFkNzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6uZCVVP7pozcr8NX3o/8bi5+9JO
WMizbfhsb30v0UZgXfdtv/B0Tl/zOm+e7CXqsepCMMV/50fWknqfL+e6E+EYj+Y+
ThH0fkmnmuLL1H9i6rL2OWJoVVgv8AgfNyuXgHFoM5Qij3Okvg404TWPthv+qmMs
HWNhilFyWG7vYQ4SD/WTpgs6+X/TFVDDF3tpn8fqe7+ZFVAPdVR/YUHXGGLlmy1w
Racs1/IQcUgZ7zfFvjbZvnBC7iOt2EXkpBvQCC/f7UnPEn1qOK5Qzy/4PPJ0Hdvm
HKk+M4hlndNGCL2eh0RKxAdaWxkGRhdsf4LTHvC2BJrnCTWJRbqGigBqCQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFIkdjSbWylyJIcGbcWxtELHUCtdXMB8GA1UdIwQY
MBaAFIe+CTCXCXxEV/9ao+WJPIwVQyYSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMt
MmNkZTY1ZjMxMTJhLzEvaVIyTkp0YktYSWtod1p0eGJHMFFzZFFLMTFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMtMmNkZTY1ZjMxMTJh
LzEvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjASBAIAATAMAwQAJZmcAwQA
udgIMCAEAgACMBoDBwAgAQZ4AgwDBwAgAQZ4DVgDBgQqEJkGADANBgkqhkiG9w0B
AQsFAAOCAQEAnzqTR3pkhS+fr/5NBMo0g7lz5mvjSpkLpj8whDFoAbsDH9nf5Yw0
aoEeLTHcpls3ZiBTlnfZIQDSnx40qnJ35dHL3ljhANhkbgBZKSGRLFuuUXsN78pk
dw531vjfVBYHwCp0qf9syw8ZjWzYv++V9bYlsOvq1FMwyZIeIA28P4j2ErwzS+XB
XgkSttuH3cgRtmZrYQp/Pe1pH9OmGs1yAJ5nNw2dsvIHalt4w2IbiSuG1d07VlVh
EzIqUew/bmY48QwiW5WhII+hF5Vt2Ec9kY4YMhoGf/oJcfqZNKpbYoaKhyFLgcgz
zpjdmpq36oshPU1UFNGWHcMpzONFsKVigA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:20 2024 by rpki-client on console-fra.rpki-client.org