Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/fAt0j0n6punhBYH3IxfgAIFsOkI.roa
File: fAt0j0n6punhBYH3IxfgAIFsOkI.roa (raw, json)
Hash identifier: eJx1wrxH7eQJ/uHk7Y8wvTN9xIxynzniT8gsxBD+a3Y=
Subject key identifier: 7C:0B:74:8F:49:FA:A6:E9:E1:05:81:F7:23:17:E0:00:81:6C:3A:42
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 018CC94E06DE064ECCF87E68973CE049D838
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/fAt0j0n6punhBYH3IxfgAIFsOkI.roa
Signing time: Tue 02 Jan 2024 08:33:03 +0000
ROA not before: Tue 02 Jan 2024 08:33:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213200
IP address blocks: 89.43.46.0/24 maxlen: 24
89.45.34.0/24 maxlen: 24
93.114.171.0/24 maxlen: 24
188.215.72.0/24 maxlen: 24
89.44.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jan 2024 14:02:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:06:de:06:4e:cc:f8:7e:68:97:3c:e0:49:d8:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jan 2 08:33:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c0b748f49faa6e9e10581f72317e000816c3a42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:2f:e2:87:86:19:82:17:ff:f2:a1:44:5d:52:
43:b3:ee:23:ba:88:f4:23:30:d7:ba:df:0b:54:14:
03:3f:2d:6d:aa:b7:9a:d5:8f:81:da:85:73:25:89:
b8:0c:12:e1:25:9d:69:5d:8b:68:ce:e6:50:b1:0e:
33:46:47:3e:cd:26:3c:4c:63:25:61:0b:e1:c1:df:
89:68:c3:f7:06:19:c6:25:ea:c4:a7:c1:25:a5:9b:
32:7e:a7:4b:7d:13:8e:ca:c4:7e:6e:be:ab:46:d3:
5c:a1:a9:2a:d7:48:01:9a:38:39:a8:b5:b1:f6:10:
d4:8e:31:73:a0:8f:3b:8d:56:c7:21:ec:28:5a:d0:
62:21:33:c9:5f:f5:1c:39:b2:d0:45:0e:c1:56:77:
27:26:82:2e:70:42:dc:bd:2a:03:db:c2:0b:89:7d:
36:4b:de:f1:00:a2:08:0e:72:d6:68:80:32:14:13:
67:fa:49:1e:3a:4b:93:3a:8f:b1:5d:84:a1:36:a1:
c1:b1:74:f2:f7:fe:ba:b7:14:f6:63:78:4b:56:11:
ee:92:9b:d2:b1:41:e5:db:87:39:a6:4f:ec:38:8f:
30:7b:f4:e1:49:d7:b7:fd:6b:cd:c6:91:8c:53:45:
f5:ec:36:e4:8a:d5:89:b7:fe:3d:e7:c6:a0:1d:e1:
6e:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:0B:74:8F:49:FA:A6:E9:E1:05:81:F7:23:17:E0:00:81:6C:3A:42
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/fAt0j0n6punhBYH3IxfgAIFsOkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.43.46.0/24
89.44.209.0/24
89.45.34.0/24
93.114.171.0/24
188.215.72.0/24
Signature Algorithm: sha256WithRSAEncryption
08:2b:15:e6:5e:38:87:01:89:77:e1:51:03:5a:69:81:72:e6:
89:9a:80:53:c5:e6:d5:5d:e3:1c:0a:c7:00:09:8b:b4:cc:27:
e0:4f:62:6a:af:f4:98:24:23:a6:5a:af:2d:c6:c5:89:fd:bb:
9c:72:33:3a:f5:26:1c:0f:f0:0b:4e:e4:26:97:bc:22:bd:46:
ff:a7:ea:02:e2:4e:ed:d7:f2:bd:28:92:73:dc:a3:e9:5b:06:
f1:55:1d:c0:4e:e8:55:a8:8e:9b:f4:86:9f:df:bc:ae:66:a9:
2f:21:e7:30:42:56:12:73:0f:94:7e:ae:93:90:51:86:e6:eb:
3b:ee:63:17:75:b0:a3:7b:f4:30:31:83:eb:32:be:f3:7f:76:
45:1a:7b:9d:13:df:e4:fb:b8:d8:b7:84:8f:ae:7b:f6:c4:c5:
09:f9:3b:43:24:1b:05:e4:84:9e:cc:98:64:db:92:d5:ca:56:
0e:a0:81:bf:b9:99:15:03:1c:c7:fb:e9:6b:8c:ff:f3:9e:eb:
80:2c:bf:24:a0:06:d4:58:a6:e9:7a:af:54:41:ec:87:7f:a8:
cc:8e:f3:83:57:c7:43:93:23:5e:3e:62:27:ce:0b:25:9b:9b:
e1:fa:3c:3e:ec:25:e8:9e:3a:ee:5a:2c:25:25:ec:2e:4e:95:
5b:38:5a:32
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzJTgbeBk7M+H5olzzgSdg4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjQwMTAyMDgzMzAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzBiNzQ4ZjQ5ZmFhNmU5ZTEwNTgxZjcyMzE3ZTAwMDgxNmMzYTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3i/ih4YZghf/8qFEXVJDs+4juoj0
IzDXut8LVBQDPy1tqrea1Y+B2oVzJYm4DBLhJZ1pXYtozuZQsQ4zRkc+zSY8TGMl
YQvhwd+JaMP3BhnGJerEp8ElpZsyfqdLfROOysR+br6rRtNcoakq10gBmjg5qLWx
9hDUjjFzoI87jVbHIewoWtBiITPJX/UcObLQRQ7BVncnJoIucELcvSoD28ILiX02
S97xAKIIDnLWaIAyFBNn+kkeOkuTOo+xXYShNqHBsXTy9/66txT2Y3hLVhHukpvS
sUHl24c5pk/sOI8we/ThSde3/WvNxpGMU0X17DbkitWJt/4958agHeFuTwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHwLdI9J+qbp4QWB9yMX4ACBbDpCMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvZkF0MGowbjZwdW5oQllIM0l4ZmdBSUZzT2tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWSsuAwQA
WSzRAwQAWS0iAwQAXXKrAwQAvNdIMA0GCSqGSIb3DQEBCwUAA4IBAQAIKxXmXjiH
AYl34VEDWmmBcuaJmoBTxebVXeMcCscACYu0zCfgT2Jqr/SYJCOmWq8txsWJ/buc
cjM69SYcD/ALTuQml7wivUb/p+oC4k7t1/K9KJJz3KPpWwbxVR3ATuhVqI6b9Iaf
37yuZqkvIecwQlYScw+Ufq6TkFGG5us77mMXdbCje/QwMYPrMr7zf3ZFGnudE9/k
+7jYt4SPrnv2xMUJ+TtDJBsF5ISezJhk25LVylYOoIG/uZkVAxzH++lrjP/znuuA
LL8koAbUWKbpeq9UQeyHf6jMjvODV8dDkyNePmInzgslm5vh+jw+7CXonjruWiwl
JewuTpVbOFoy
-----END CERTIFICATE-----
Generated at Mon Jan 8 18:32:36 2024 by rpki-client on console-fra.rpki-client.org