Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/d9_YNGa7HxsKimk8SBvSonQE0_M.roa
File: d9_YNGa7HxsKimk8SBvSonQE0_M.roa (raw, json)
Hash identifier: oTbHwkty+fmq/0pCnFqruwUrsq9shm3mQa7sDKFHKo8=
Subject key identifier: 77:DF:D8:34:66:BB:1F:1B:0A:8A:69:3C:48:1B:D2:A2:74:04:D3:F3
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 0190BB4FE854696FA0F3E0344B23C7B1BBD2
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/d9_YNGa7HxsKimk8SBvSonQE0_M.roa
Signing time: Tue 16 Jul 2024 11:31:34 +0000
ROA not before: Tue 16 Jul 2024 11:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214637
IP address blocks: 89.37.136.0/24 maxlen: 24
89.43.73.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Nov 2024 11:21:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bb:4f:e8:54:69:6f:a0:f3:e0:34:4b:23:c7:b1:bb:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jul 16 11:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77dfd83466bb1f1b0a8a693c481bd2a27404d3f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f6:a1:d2:40:9c:76:8e:6c:ca:cc:8a:e7:e0:
ea:7a:9d:6a:fa:86:a4:74:f5:db:e2:e1:cc:ed:13:
1f:88:a4:b7:32:ff:43:02:94:98:6e:b4:1c:02:11:
35:de:91:22:65:62:c6:47:ae:ea:19:42:7a:ec:a1:
97:58:50:e3:e6:2e:46:81:19:7f:96:4d:db:a9:5c:
cd:02:6d:50:05:0a:63:56:fa:2e:de:0c:95:d6:c3:
d6:93:3b:82:7c:45:f9:df:1a:4a:83:17:b2:1d:13:
d6:7a:4e:cd:a2:20:f0:b3:14:03:a6:14:ff:e6:f3:
f1:14:6e:f3:39:58:3a:59:23:d1:3d:65:93:9d:cb:
a7:0d:e2:1b:91:6f:6f:e7:0c:14:cb:df:bc:c8:26:
0b:bc:99:ad:70:ef:68:75:a5:3c:f1:dd:62:22:d3:
9a:31:83:e3:eb:a3:c5:ec:ae:33:b1:f1:af:11:af:
57:9b:e8:b1:d1:33:d3:44:af:02:d1:88:2a:d6:ec:
df:22:3a:5c:c2:4a:42:bb:50:98:43:b9:bc:af:67:
85:76:21:74:94:46:98:cd:1a:ef:d1:f5:da:4a:21:
15:b2:c6:00:95:3f:1b:c5:80:29:33:59:55:d1:ad:
1a:11:1e:ac:d1:8e:35:e8:cd:e5:88:b2:a0:ac:0a:
be:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:DF:D8:34:66:BB:1F:1B:0A:8A:69:3C:48:1B:D2:A2:74:04:D3:F3
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/d9_YNGa7HxsKimk8SBvSonQE0_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.136.0/24
89.43.73.0/24
Signature Algorithm: sha256WithRSAEncryption
72:69:e2:2d:22:4a:13:26:fc:2c:e1:41:48:99:80:5b:a1:ca:
8b:8a:ec:f8:c8:22:07:2b:44:38:c3:77:ee:96:8c:49:60:c8:
d1:b0:d6:57:c7:b6:34:00:b9:dc:cd:9d:c7:ff:8a:0a:1c:1b:
28:0f:8f:ca:29:ec:12:c6:9f:20:56:83:72:c8:8a:34:1e:5c:
72:9c:a5:ab:3c:c8:79:31:74:f6:dd:5a:0c:9b:1c:eb:92:84:
3c:6c:dd:c4:52:15:91:17:a1:b3:f7:6d:3a:6b:08:ff:69:ee:
12:e8:e3:f9:2d:09:a6:8e:ca:ae:a9:19:b3:53:65:7e:f3:de:
fb:f1:77:82:2b:b8:92:11:ec:78:76:96:5c:97:3c:a8:02:0a:
b0:21:81:da:79:e7:2d:da:d8:88:4b:02:2b:c6:f6:a7:43:d8:
59:8b:2d:04:b9:b6:35:e7:33:bc:ce:c5:fd:d4:48:bc:b4:ba:
10:93:10:2d:fb:ee:8f:b0:c3:c0:c3:95:4d:5b:b9:1f:7e:0d:
99:0a:2b:bd:7f:4c:29:e1:0f:ea:56:73:e8:b9:79:bf:19:32:
dd:35:3b:04:0d:e4:ca:e8:c9:89:50:12:18:90:29:57:c6:aa:
e7:80:3c:f5:f4:21:6b:3d:19:c6:e2:3c:aa:27:8a:d8:22:9f:
be:b0:4b:be
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZC7T+hUaW+g8+A0SyPHsbvSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjQwNzE2MTEzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2RmZDgzNDY2YmIxZjFiMGE4YTY5M2M0ODFiZDJhMjc0MDRkM2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfah0kCcdo5sysyK5+Dqep1q+oak
dPXb4uHM7RMfiKS3Mv9DApSYbrQcAhE13pEiZWLGR67qGUJ67KGXWFDj5i5GgRl/
lk3bqVzNAm1QBQpjVvou3gyV1sPWkzuCfEX53xpKgxeyHRPWek7NoiDwsxQDphT/
5vPxFG7zOVg6WSPRPWWTncunDeIbkW9v5wwUy9+8yCYLvJmtcO9odaU88d1iItOa
MYPj66PF7K4zsfGvEa9Xm+ix0TPTRK8C0Ygq1uzfIjpcwkpCu1CYQ7m8r2eFdiF0
lEaYzRrv0fXaSiEVssYAlT8bxYApM1lV0a0aER6s0Y416M3liLKgrAq+/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHff2DRmux8bCoppPEgb0qJ0BNPzMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvZDlfWU5HYTdIeHNLaW1rOFNCdlNvblFFMF9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSWIAwQA
WStJMA0GCSqGSIb3DQEBCwUAA4IBAQByaeItIkoTJvws4UFImYBbocqLiuz4yCIH
K0Q4w3fuloxJYMjRsNZXx7Y0ALnczZ3H/4oKHBsoD4/KKewSxp8gVoNyyIo0Hlxy
nKWrPMh5MXT23VoMmxzrkoQ8bN3EUhWRF6Gz9206awj/ae4S6OP5LQmmjsquqRmz
U2V+89778XeCK7iSEex4dpZclzyoAgqwIYHaeect2tiISwIrxvanQ9hZiy0EubY1
5zO8zsX91Ei8tLoQkxAt++6PsMPAw5VNW7kffg2ZCiu9f0wp4Q/qVnPouXm/GTLd
NTsEDeTK6MmJUBIYkClXxqrngDz19CFrPRnG4jyqJ4rYIp++sEu+
-----END CERTIFICATE-----
Generated at Mon Nov 18 14:00:10 2024 by rpki-client on console-fra.rpki-client.org