Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/DT89p17POj6mf-WGrq-o79MEOt4.roa
File: DT89p17POj6mf-WGrq-o79MEOt4.roa (raw, json)
Hash identifier: kkKY/SYF+U32hBPr2Igs5Y+GQxD/KOJoR6n2cn3riRE=
Subject key identifier: 0D:3F:3D:A7:5E:CF:3A:3E:A6:7F:E5:86:AE:AF:A8:EF:D3:04:3A:DE
Certificate issuer: /CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Certificate serial: 01857C71AAA2399249ACC06798A1BFF5EA9C
Authority key identifier: C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/DT89p17POj6mf-WGrq-o79MEOt4.roa
Signing time: Wed 04 Jan 2023 11:01:42 +0000
ROA not before: Wed 04 Jan 2023 11:01:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48011
IP address blocks: 185.217.143.0/24 maxlen: 24
213.232.203.0/24 maxlen: 24
185.227.139.0/24 maxlen: 24
185.227.137.0/24 maxlen: 24
185.227.138.0/24 maxlen: 24
185.227.136.0/24 maxlen: 24
45.89.236.0/22 maxlen: 24
193.163.72.0/24 maxlen: 24
2a0c:6600:1::/48 maxlen: 48
2a0c:6600::/48 maxlen: 48
2a0c:6600:3::/48 maxlen: 48
2a0c:6600:4::/48 maxlen: 48
2a0c:6600:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Mar 2023 08:24:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7c:71:aa:a2:39:92:49:ac:c0:67:98:a1:bf:f5:ea:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Validity
Not Before: Jan 4 11:01:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d3f3da75ecf3a3ea67fe586aeafa8efd3043ade
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:38:97:d6:26:8e:f8:2e:be:e6:01:a9:5e:49:
c9:91:a2:09:1f:85:aa:92:ea:01:65:fe:af:0b:28:
fe:59:8e:4e:ab:6e:9e:4f:c6:08:da:64:2c:f7:de:
70:9c:02:b0:a1:c4:99:81:53:2b:fa:6e:e3:3f:68:
e5:62:fd:7b:4c:06:f5:93:85:33:dc:72:2d:88:f5:
16:c0:cd:c7:df:52:da:23:a9:c4:53:50:5e:21:a3:
4a:5f:1d:a8:93:b6:8f:9b:0e:f5:b3:a3:6a:36:a3:
09:a3:57:72:c0:c5:5d:9d:1c:58:ab:55:8a:c2:ea:
b7:56:cf:af:26:38:50:2e:f2:14:84:f7:85:9d:9d:
17:77:f2:a0:fd:bc:f6:d3:3a:d1:6a:0b:78:34:b7:
86:aa:a4:c7:5c:c1:5e:c5:f8:52:d5:3b:f4:f4:27:
1f:61:78:60:a7:df:60:19:8f:df:6a:43:ee:89:1d:
3d:03:e2:2e:3e:61:bb:f5:75:fe:19:96:2b:97:59:
cc:14:fc:5b:ea:52:d6:3b:72:74:d6:bb:4e:ae:3f:
54:bf:b7:c4:4c:4d:c5:76:68:9d:c7:76:cd:98:3c:
80:a8:5d:b8:c9:27:8b:95:d1:01:5b:9a:59:50:f0:
47:4a:1b:b0:35:41:7b:42:a7:80:b1:c4:b8:82:ee:
a1:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:3F:3D:A7:5E:CF:3A:3E:A6:7F:E5:86:AE:AF:A8:EF:D3:04:3A:DE
X509v3 Authority Key Identifier:
keyid:C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/DT89p17POj6mf-WGrq-o79MEOt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/xZvR6MWPZBvZRDBfEcVO_l86DOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.236.0/22
185.217.143.0/24
185.227.136.0/22
193.163.72.0/24
213.232.203.0/24
IPv6:
2a0c:6600::-2a0c:6600:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b3:57:00:1c:d7:7c:9d:5e:15:46:9e:48:04:55:3f:bb:49:78:
53:b0:17:ba:fb:a3:80:8c:d8:c4:b0:90:b0:59:ed:43:0a:26:
ce:bf:d2:ee:42:78:ea:83:6d:00:66:8f:34:b8:f0:3a:3b:1c:
bc:de:12:f8:ef:01:72:4a:ae:dc:35:ce:26:0e:65:22:50:8c:
09:b5:38:bf:79:68:3c:5b:7e:4d:31:35:a2:91:47:ab:f6:42:
df:17:56:96:68:d0:97:02:11:95:7a:bb:73:20:a8:e9:b6:34:
86:47:9e:cd:6c:33:ed:20:6f:0a:f8:54:3e:2d:10:b7:0f:fb:
36:64:5f:b1:da:c8:31:54:02:5a:f1:2d:25:a5:71:19:52:1d:
ed:00:b2:86:6d:a4:6d:e1:ed:0a:5f:24:fa:75:ce:52:a1:c6:
4b:55:35:36:9e:ab:44:5a:cc:1b:22:8a:b4:0d:96:64:f7:ee:
e7:70:64:3b:34:5d:3c:9a:db:e3:42:41:ed:05:5c:eb:71:c0:
55:18:1e:eb:83:5d:92:b6:95:84:b3:eb:63:ef:91:0d:12:fb:
a5:f8:03:a7:41:19:73:a2:4d:34:d3:d9:89:05:14:4f:0a:a2:
ad:17:82:fb:90:e6:b8:0c:ff:7c:bc:3a:a2:78:01:24:85:28:
20:e8:72:08
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYV8caqiOZJJrMBnmKG/9eqcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OWJkMWU4YzU4ZjY0MWJkOTQ0MzA1ZjExYzU0ZWZlNWYz
YTBjZTIwHhcNMjMwMTA0MTEwMTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDNmM2RhNzVlY2YzYTNlYTY3ZmU1ODZhZWFmYThlZmQzMDQzYWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTiX1iaO+C6+5gGpXknJkaIJH4Wq
kuoBZf6vCyj+WY5Oq26eT8YI2mQs995wnAKwocSZgVMr+m7jP2jlYv17TAb1k4Uz
3HItiPUWwM3H31LaI6nEU1BeIaNKXx2ok7aPmw71s6NqNqMJo1dywMVdnRxYq1WK
wuq3Vs+vJjhQLvIUhPeFnZ0Xd/Kg/bz20zrRagt4NLeGqqTHXMFexfhS1Tv09Ccf
YXhgp99gGY/fakPuiR09A+IuPmG79XX+GZYrl1nMFPxb6lLWO3J01rtOrj9Uv7fE
TE3Fdmidx3bNmDyAqF24ySeLldEBW5pZUPBHShuwNUF7QqeAscS4gu6htwIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFA0/Padezzo+pn/lhq6vqO/TBDreMB8GA1UdIwQY
MBaAFMWb0ejFj2Qb2UQwXxHFTv5fOgziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgt
NTZjYzM5ZGI2ZWQ2LzEvRFQ4OXAxN1BPajZtZi1XR3JxLW83OU1FT3Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgtNTZjYzM5ZGI2ZWQ2
LzEveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAkBAIAATAeAwQCLVnsAwQA
udmPAwQCueOIAwQAwaNIAwQA1ejLMBcEAgACMBEwDwMEASoMZgMHACoMZgAABDAN
BgkqhkiG9w0BAQsFAAOCAQEAs1cAHNd8nV4VRp5IBFU/u0l4U7AXuvujgIzYxLCQ
sFntQwomzr/S7kJ46oNtAGaPNLjwOjscvN4S+O8Bckqu3DXOJg5lIlCMCbU4v3lo
PFt+TTE1opFHq/ZC3xdWlmjQlwIRlXq7cyCo6bY0hkeezWwz7SBvCvhUPi0Qtw/7
NmRfsdrIMVQCWvEtJaVxGVId7QCyhm2kbeHtCl8k+nXOUqHGS1U1Np6rRFrMGyKK
tA2WZPfu53BkOzRdPJrb40JB7QVc63HAVRge64NdkraVhLPrY++RDRL7pfgDp0EZ
c6JNNNPZiQUUTwqirReC+5DmuAz/fLw6ongBJIUoIOhyCA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:16 2024 by rpki-client on console-fra.rpki-client.org