Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/D4AoFiHMMClicvWzWuPcy3vX1Lk.roa
File: D4AoFiHMMClicvWzWuPcy3vX1Lk.roa (raw, json)
Hash identifier: mNgtgNreKJpBxjcosCuVFl+MlBXiZ9py2wBXuw5CJTw=
Subject key identifier: 0F:80:28:16:21:CC:30:29:62:72:F5:B3:5A:E3:DC:CB:7B:D7:D4:B9
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 01856EA6B5A60887B4F6B06464E94FDBADAA
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/D4AoFiHMMClicvWzWuPcy3vX1Lk.roa
Signing time: Sun 01 Jan 2023 18:44:57 +0000
ROA not before: Sun 01 Jan 2023 18:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31554
IP address blocks: 89.44.214.0/23 maxlen: 23
89.39.110.0/24 maxlen: 24
89.35.160.0/23 maxlen: 23
89.33.248.0/23 maxlen: 23
89.37.156.0/23 maxlen: 23
89.33.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:b5:a6:08:87:b4:f6:b0:64:64:e9:4f:db:ad:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jan 1 18:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f80281621cc30296272f5b35ae3dccb7bd7d4b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:01:c0:ba:86:c0:b0:b5:f5:4b:2f:6a:9d:05:
48:01:f4:26:90:de:83:41:3e:c2:c1:94:9c:7b:88:
68:e7:f1:6e:bd:d8:3b:7d:56:35:02:b0:ac:6a:42:
98:10:ac:ea:ba:d4:37:c9:84:c1:e8:e2:1f:0a:a4:
fa:8c:fc:03:a0:d6:ce:1e:79:08:74:fc:df:b8:b2:
1e:fb:80:d1:cc:f3:aa:ac:ef:e2:62:41:78:cf:8b:
07:58:1a:21:3d:a8:06:57:6e:95:6a:a4:e9:9e:0b:
75:cc:bc:a2:3e:b1:d2:d9:4d:f3:36:72:91:74:66:
cb:7a:a2:47:a1:10:38:28:91:a8:41:1b:71:8f:1b:
bd:e8:2b:11:ce:ba:1c:1d:31:13:f9:91:7d:09:17:
b5:55:8b:36:c7:5e:a8:5a:da:78:5e:4b:39:cc:a9:
40:14:a1:1a:e1:2f:1f:3a:63:1c:d1:1f:08:d2:06:
ba:df:80:85:c8:01:e5:d8:24:5c:51:c0:28:87:06:
9d:b1:6f:75:90:63:d1:69:77:11:32:c9:29:f4:8a:
01:60:de:31:2d:ec:86:60:17:33:1d:a7:29:5e:62:
56:68:2c:3c:84:01:8e:05:05:79:48:e7:1f:4a:cc:
2b:ec:b1:46:75:d3:5b:f6:8c:c7:db:7c:dd:ef:e6:
d7:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:80:28:16:21:CC:30:29:62:72:F5:B3:5A:E3:DC:CB:7B:D7:D4:B9
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/D4AoFiHMMClicvWzWuPcy3vX1Lk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.5.0/24
89.33.248.0/23
89.35.160.0/23
89.37.156.0/23
89.39.110.0/24
89.44.214.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:89:54:df:55:9b:7a:f7:13:bf:f1:75:cd:48:44:38:37:3a:
98:da:b8:e0:fb:2b:4b:6a:31:41:14:a4:60:81:ee:34:58:b6:
5c:0f:74:89:10:32:ca:45:ec:ed:f5:05:0f:5b:29:67:77:3a:
b9:c6:79:33:6f:d6:14:14:93:e2:89:f6:35:b9:78:10:e3:d8:
b7:45:e6:35:86:ec:93:2a:27:93:5e:be:17:ff:d1:fa:7c:3e:
44:82:78:62:97:ef:87:3d:36:35:fc:0b:cd:20:f3:73:1f:c1:
5d:2a:46:59:a4:5f:61:ae:56:4f:8e:94:ce:89:79:87:f5:57:
97:2d:a8:7d:d1:42:b3:3e:84:70:ab:90:a6:95:05:9a:31:20:
34:d3:7a:9c:d8:c2:c4:40:39:9b:ea:be:74:94:88:f3:71:71:
06:21:b9:9b:32:62:69:e2:56:16:bc:98:f3:bf:b5:22:e1:2c:
8e:e3:c6:03:b3:06:df:6b:5a:37:d5:06:aa:c3:dd:af:a0:ab:
2a:60:b2:2f:ce:42:bd:c1:e2:81:6d:39:0f:61:38:b3:4d:f9:
98:b1:24:bd:b5:8f:dc:89:c3:e8:6c:15:f3:d3:6d:0a:fb:e8:
a4:f3:3e:41:34:8c:83:b0:e8:a7:73:85:cd:7a:d7:8c:a4:89:
0e:f9:99:b0
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVuprWmCIe09rBkZOlP262qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjMwMTAxMTg0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjgwMjgxNjIxY2MzMDI5NjI3MmY1YjM1YWUzZGNjYjdiZDdkNGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQHAuobAsLX1Sy9qnQVIAfQmkN6D
QT7CwZSce4ho5/Fuvdg7fVY1ArCsakKYEKzqutQ3yYTB6OIfCqT6jPwDoNbOHnkI
dPzfuLIe+4DRzPOqrO/iYkF4z4sHWBohPagGV26VaqTpngt1zLyiPrHS2U3zNnKR
dGbLeqJHoRA4KJGoQRtxjxu96CsRzrocHTET+ZF9CRe1VYs2x16oWtp4Xks5zKlA
FKEa4S8fOmMc0R8I0ga634CFyAHl2CRcUcAohwadsW91kGPRaXcRMskp9IoBYN4x
LeyGYBczHacpXmJWaCw8hAGOBQV5SOcfSswr7LFGddNb9ozH23zd7+bXwQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFA+AKBYhzDApYnL1s1rj3Mt719S5MB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvRDRBb0ZpSE1NQ2xpY3ZXeld1UGN5M3ZYMUxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAWSEFAwQB
WSH4AwQBWSOgAwQBWSWcAwQAWSduAwQBWSzWMA0GCSqGSIb3DQEBCwUAA4IBAQA6
iVTfVZt69xO/8XXNSEQ4NzqY2rjg+ytLajFBFKRgge40WLZcD3SJEDLKRezt9QUP
Wylndzq5xnkzb9YUFJPiifY1uXgQ49i3ReY1huyTKieTXr4X/9H6fD5Egnhil++H
PTY1/AvNIPNzH8FdKkZZpF9hrlZPjpTOiXmH9VeXLah90UKzPoRwq5CmlQWaMSA0
03qc2MLEQDmb6r50lIjzcXEGIbmbMmJp4lYWvJjzv7Ui4SyO48YDswbfa1o31Qaq
w92voKsqYLIvzkK9weKBbTkPYTizTfmYsSS9tY/cicPobBXz020K++ik8z5BNIyD
sOinc4XNeteMpIkO+Zmw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:29 2024 by rpki-client on console-fra.rpki-client.org