Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/9bNbUQCwrRJ7wHcULAsmq9wzGoU.roa
File: 9bNbUQCwrRJ7wHcULAsmq9wzGoU.roa (raw, json)
Hash identifier: EN44Hsy+UAo71QtUzoN3q3dVgAB9YnnCOgB9ORG65Gc=
Subject key identifier: F5:B3:5B:51:00:B0:AD:12:7B:C0:77:14:2C:0B:26:AB:DC:33:1A:85
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 018C4990E0B429963119939618A21C743683
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/9bNbUQCwrRJ7wHcULAsmq9wzGoU.roa
Signing time: Fri 08 Dec 2023 13:14:40 +0000
ROA not before: Fri 08 Dec 2023 13:14:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213200
IP address blocks: 89.43.46.0/24 maxlen: 24
89.45.34.0/24 maxlen: 24
93.114.171.0/24 maxlen: 24
188.215.72.0/24 maxlen: 24
89.44.209.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:49:90:e0:b4:29:96:31:19:93:96:18:a2:1c:74:36:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Dec 8 13:14:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5b35b5100b0ad127bc077142c0b26abdc331a85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:1c:97:1d:ed:c9:fe:f6:15:d7:f2:01:6c:fc:
04:23:23:6f:02:ce:4a:02:4d:85:41:8c:3f:67:c8:
d2:11:b1:f7:e8:41:c1:f3:e3:a2:4e:25:41:73:c3:
72:75:4c:10:38:3a:0a:5f:7e:94:29:c1:fb:a9:c5:
fa:2c:ad:71:91:1b:be:e9:df:c3:ac:b6:f6:1f:31:
8c:53:b4:1f:2b:07:57:e4:07:c7:f5:0c:43:17:7b:
40:71:30:7e:b9:49:b9:60:42:02:b3:70:65:ae:84:
fe:19:ec:47:81:9e:c9:7c:2c:33:03:50:a7:92:63:
fb:b1:bf:3f:fb:25:cb:30:a7:f2:b7:0c:39:f3:50:
bf:5b:60:8d:62:bd:d9:0b:b4:8e:fd:f6:a9:0f:f4:
64:54:d4:c9:a5:9b:df:04:bb:6c:c1:39:54:70:2a:
45:05:88:f0:36:7b:7b:fe:c8:49:63:89:70:8a:50:
de:97:d2:ca:a4:64:49:5a:c9:25:27:70:e2:07:0f:
b9:04:b2:27:1c:59:49:f3:4f:33:f3:65:d0:a4:27:
1d:3c:95:4a:46:a8:d7:79:00:74:d2:fe:97:61:08:
37:20:7a:49:ec:94:e6:4c:35:6d:b0:77:a7:67:db:
a7:05:d0:be:08:29:67:e3:b8:98:28:6a:d0:9d:ea:
c6:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:B3:5B:51:00:B0:AD:12:7B:C0:77:14:2C:0B:26:AB:DC:33:1A:85
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/9bNbUQCwrRJ7wHcULAsmq9wzGoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.43.46.0/24
89.44.209.0/24
89.45.34.0/24
93.114.171.0/24
188.215.72.0/24
Signature Algorithm: sha256WithRSAEncryption
65:0d:0a:47:27:21:5d:63:a9:e8:5f:9e:9e:1e:8e:66:35:60:
6f:23:ca:3c:2a:92:eb:57:ce:63:ac:bb:1e:13:a1:67:db:33:
c7:aa:88:65:a5:9c:dc:98:df:15:88:7f:e9:89:f0:d4:4f:81:
51:9d:f8:61:28:80:00:cb:00:28:7b:c7:c3:74:7b:c9:b4:a7:
be:de:37:6f:bb:20:63:ba:8a:b2:74:5d:71:5c:82:d1:4b:b3:
24:97:b3:f8:12:83:1b:0d:c1:c6:a7:f3:c8:16:c0:8c:d6:df:
fc:d9:de:28:6b:b5:bf:1f:df:54:dc:1a:a0:74:e5:79:ea:b3:
ba:de:c5:fa:98:0f:1f:3c:ef:2e:53:93:8c:49:92:b2:90:c1:
81:05:17:68:f4:c1:d5:05:f0:7f:59:39:6b:df:f0:08:8b:a2:
62:cf:4b:5a:a7:e1:69:be:2f:28:c4:63:f1:6d:05:05:6f:aa:
65:09:6c:81:81:45:e5:df:31:8d:22:ad:b8:e0:52:13:ea:29:
7f:0a:29:72:de:fd:83:c4:83:6b:4f:ca:9a:69:87:ff:24:df:
56:da:f1:7d:e0:0a:54:c0:3f:51:1a:67:b2:52:dd:74:9c:c9:
22:f5:a5:97:8d:cb:18:c0:9b:9e:d7:04:7a:f2:4f:46:f6:a7:
f4:08:1e:b6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYxJkOC0KZYxGZOWGKIcdDaDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjMxMjA4MTMxNDQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWIzNWI1MTAwYjBhZDEyN2JjMDc3MTQyYzBiMjZhYmRjMzMxYTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRyXHe3J/vYV1/IBbPwEIyNvAs5K
Ak2FQYw/Z8jSEbH36EHB8+OiTiVBc8NydUwQODoKX36UKcH7qcX6LK1xkRu+6d/D
rLb2HzGMU7QfKwdX5AfH9QxDF3tAcTB+uUm5YEICs3BlroT+GexHgZ7JfCwzA1Cn
kmP7sb8/+yXLMKfytww581C/W2CNYr3ZC7SO/fapD/RkVNTJpZvfBLtswTlUcCpF
BYjwNnt7/shJY4lwilDel9LKpGRJWsklJ3DiBw+5BLInHFlJ808z82XQpCcdPJVK
RqjXeQB00v6XYQg3IHpJ7JTmTDVtsHenZ9unBdC+CCln47iYKGrQnerGsQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPWzW1EAsK0Se8B3FCwLJqvcMxqFMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvOWJOYlVRQ3dyUko3d0hjVUxBc21xOXd6R29VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWSsuAwQA
WSzRAwQAWS0iAwQAXXKrAwQAvNdIMA0GCSqGSIb3DQEBCwUAA4IBAQBlDQpHJyFd
Y6noX56eHo5mNWBvI8o8KpLrV85jrLseE6Fn2zPHqohlpZzcmN8ViH/pifDUT4FR
nfhhKIAAywAoe8fDdHvJtKe+3jdvuyBjuoqydF1xXILRS7Mkl7P4EoMbDcHGp/PI
FsCM1t/82d4oa7W/H99U3BqgdOV56rO63sX6mA8fPO8uU5OMSZKykMGBBRdo9MHV
BfB/WTlr3/AIi6Jiz0tap+Fpvi8oxGPxbQUFb6plCWyBgUXl3zGNIq244FIT6il/
Cily3v2DxINrT8qaaYf/JN9W2vF94ApUwD9RGmeyUt10nMki9aWXjcsYwJue1wR6
8k9G9qf0CB62
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:29 2024 by rpki-client on console-fra.rpki-client.org