Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/Bu5n2CDzarOAE2DlRWCdLC6FIXo.roa
File: Bu5n2CDzarOAE2DlRWCdLC6FIXo.roa (raw, json)
Hash identifier: 0EDDjIXwCT+I5/4VWlI6E7Pno32VRbR4boLfRQMBfB4=
Subject key identifier: 06:EE:67:D8:20:F3:6A:B3:80:13:60:E5:45:60:9D:2C:2E:85:21:7A
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 018E09F42D2E38614CF67D0CC2921EFCC8E1
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/Bu5n2CDzarOAE2DlRWCdLC6FIXo.roa
Signing time: Mon 04 Mar 2024 14:53:00 +0000
ROA not before: Mon 04 Mar 2024 14:53:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31554
IP address blocks: 89.33.5.0/24 maxlen: 24
89.33.248.0/23 maxlen: 23
89.35.160.0/23 maxlen: 23
89.37.156.0/23 maxlen: 23
89.39.110.0/24 maxlen: 24
89.44.214.0/23 maxlen: 23
2a10:c304::/30 maxlen: 30
Validation: Failed, certificate revoked on Fri 15 Mar 2024 07:23:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:09:f4:2d:2e:38:61:4c:f6:7d:0c:c2:92:1e:fc:c8:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Mar 4 14:53:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06ee67d820f36ab3801360e545609d2c2e85217a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:49:48:b5:84:ef:d9:df:70:67:91:4a:b5:88:
04:ad:d6:51:63:93:2e:a4:5b:6f:d3:b7:bf:62:1a:
c5:93:a4:f7:25:fe:98:c0:2a:0b:77:0f:75:5f:f2:
bc:73:5e:7d:76:3e:ff:1c:76:26:b8:5a:32:bc:cf:
51:85:99:ff:4c:3e:2c:ce:cd:5a:d2:e6:52:18:f2:
b1:6e:c8:20:30:e4:1a:47:28:e0:93:55:ae:f0:8a:
de:9c:25:21:4c:56:a6:34:d6:2f:de:aa:50:cd:95:
20:e7:f2:76:36:52:ab:da:a0:0c:f0:40:ea:9a:8a:
45:69:be:58:49:60:a4:36:e1:4b:f1:a3:9d:01:06:
37:15:38:41:88:84:65:07:a2:d5:bc:17:c9:1c:10:
01:e8:fd:07:08:0e:fb:62:14:9e:cd:78:db:c5:ae:
17:df:d1:8c:f4:af:e0:fa:b1:1e:94:6f:7a:3a:a8:
86:4d:5a:82:ae:37:91:d9:b2:cc:ce:ae:b8:91:f1:
be:01:59:2a:81:3c:5b:ba:ba:96:da:b5:3f:e6:72:
90:51:ea:2f:b5:3f:4b:09:f4:09:ba:cc:91:bb:35:
cb:2d:9e:36:c5:d0:23:26:dc:ec:20:c6:45:25:d2:
76:c7:26:5a:a9:67:86:47:b7:1b:85:eb:d4:32:be:
20:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:EE:67:D8:20:F3:6A:B3:80:13:60:E5:45:60:9D:2C:2E:85:21:7A
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/Bu5n2CDzarOAE2DlRWCdLC6FIXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.5.0/24
89.33.248.0/23
89.35.160.0/23
89.37.156.0/23
89.39.110.0/24
89.44.214.0/23
IPv6:
2a10:c304::/30
Signature Algorithm: sha256WithRSAEncryption
ac:74:fe:d9:6f:4b:f2:08:63:c3:10:a7:7b:b1:5e:0e:01:92:
62:83:67:8a:20:76:3c:68:0a:0f:0e:83:a8:41:81:a5:b0:c3:
23:0c:67:32:00:d6:88:38:37:ce:50:df:2d:8c:60:9f:74:dd:
d6:1a:1b:9b:20:70:b3:8d:62:18:c3:af:5f:4d:61:74:06:a0:
dd:5f:e5:73:bf:13:44:36:e5:e9:75:ef:1c:7f:ab:97:70:19:
a9:fe:c2:c3:76:45:c9:f7:fa:8e:9a:dc:b3:cf:da:70:aa:6f:
97:6f:55:88:92:1a:fc:14:0a:1d:69:ca:46:0d:30:c1:4a:4e:
7d:a0:f6:51:00:89:a8:db:b6:66:7a:a4:95:fe:4b:43:55:a6:
3e:90:a1:b9:ba:04:cc:53:6c:32:f8:1c:66:88:51:87:88:c3:
45:21:62:10:ec:40:3d:08:bc:69:ae:ea:1e:8d:c0:74:5c:b0:
fa:ad:50:f0:34:be:84:15:dd:80:44:54:13:36:60:fd:ae:9f:
75:07:83:1b:a6:dd:74:90:6b:3e:4a:fc:9c:56:5e:59:99:d2:
66:45:00:07:3f:6f:c3:9f:dd:c5:b5:6b:5d:cc:32:50:fb:a9:
a8:ce:c1:90:5b:4d:f7:67:5d:ae:82:9b:e2:ac:55:34:8f:88:
52:f6:97:08
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAY4J9C0uOGFM9n0MwpIe/MjhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjQwMzA0MTQ1MzAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmVlNjdkODIwZjM2YWIzODAxMzYwZTU0NTYwOWQyYzJlODUyMTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoElItYTv2d9wZ5FKtYgErdZRY5Mu
pFtv07e/YhrFk6T3Jf6YwCoLdw91X/K8c159dj7/HHYmuFoyvM9RhZn/TD4szs1a
0uZSGPKxbsggMOQaRyjgk1Wu8IrenCUhTFamNNYv3qpQzZUg5/J2NlKr2qAM8EDq
mopFab5YSWCkNuFL8aOdAQY3FThBiIRlB6LVvBfJHBAB6P0HCA77YhSezXjbxa4X
39GM9K/g+rEelG96OqiGTVqCrjeR2bLMzq64kfG+AVkqgTxburqW2rU/5nKQUeov
tT9LCfQJusyRuzXLLZ42xdAjJtzsIMZFJdJ2xyZaqWeGR7cbhevUMr4gLQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFAbuZ9gg82qzgBNg5UVgnSwuhSF6MB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvQnU1bjJDRHphck9BRTJEbFJXQ2RMQzZGSVhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAWSEFAwQB
WSH4AwQBWSOgAwQBWSWcAwQAWSduAwQBWSzWMA0EAgACMAcDBQIqEMMEMA0GCSqG
SIb3DQEBCwUAA4IBAQCsdP7Zb0vyCGPDEKd7sV4OAZJig2eKIHY8aAoPDoOoQYGl
sMMjDGcyANaIODfOUN8tjGCfdN3WGhubIHCzjWIYw69fTWF0BqDdX+VzvxNENuXp
de8cf6uXcBmp/sLDdkXJ9/qOmtyzz9pwqm+Xb1WIkhr8FAodacpGDTDBSk59oPZR
AImo27ZmeqSV/ktDVaY+kKG5ugTMU2wy+BxmiFGHiMNFIWIQ7EA9CLxpruoejcB0
XLD6rVDwNL6EFd2ARFQTNmD9rp91B4Mbpt10kGs+SvycVl5ZmdJmRQAHP2/Dn93F
tWtdzDJQ+6mozsGQW033Z12ugpvirFU0j4hS9pcI
-----END CERTIFICATE-----
Generated at Fri Mar 15 10:43:00 2024 by rpki-client on console-ams.rpki-client.org