Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/56izy7TZdWDc73LbzDRKxOieVqs.roa
File: 56izy7TZdWDc73LbzDRKxOieVqs.roa (raw, json)
Hash identifier: vJopUDi/L6kgKk/bXET5dIuwDm21NCMBVC3b7y0M6pg=
Subject key identifier: E7:A8:B3:CB:B4:D9:75:60:DC:EF:72:DB:CC:34:4A:C4:E8:9E:56:AB
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018E81B6685FEDBCB9FECA47BD5573950C47
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/56izy7TZdWDc73LbzDRKxOieVqs.roa
Signing time: Wed 27 Mar 2024 20:59:58 +0000
ROA not before: Wed 27 Mar 2024 20:59:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 89.249.201.0/24 maxlen: 24
89.249.204.0/24 maxlen: 24
89.249.206.0/23 maxlen: 24
212.42.192.0/20 maxlen: 24
212.42.208.0/20 maxlen: 24
Validation: Failed, certificate revoked on Sun 28 Apr 2024 16:35:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:81:b6:68:5f:ed:bc:b9:fe:ca:47:bd:55:73:95:0c:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Mar 27 20:59:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7a8b3cbb4d97560dcef72dbcc344ac4e89e56ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:02:bb:25:78:a4:a4:cc:f6:8b:4c:1a:bb:86:
bf:73:e2:33:23:fa:f8:51:fc:e2:0a:2b:64:dd:dc:
7d:0b:d6:55:d5:de:88:50:62:03:22:1c:4f:d6:61:
fb:36:23:af:3f:13:8c:24:35:c1:53:9e:b3:bc:51:
cc:f1:c5:42:ca:75:6c:36:65:67:f0:72:a5:d2:99:
0f:bf:8a:6f:8e:80:3d:1d:9d:19:17:cf:3d:a6:1b:
5a:e2:2d:35:dd:14:ab:79:5e:46:47:fe:40:3f:f4:
2a:30:0b:c8:74:6b:12:10:2f:85:7b:52:94:d5:29:
9c:44:54:4c:04:87:44:1b:71:8b:f2:6c:a2:a6:f4:
a8:7a:ea:a2:fe:21:ad:ea:ee:e6:d6:7f:68:68:c4:
b1:e7:2f:02:6e:f8:4b:94:73:0a:01:c7:ef:b3:6f:
2a:0c:33:17:05:a4:56:71:82:d4:67:8c:d7:12:12:
fe:e2:68:b8:99:d9:df:52:9c:70:0d:37:9d:5f:d8:
27:44:5c:d4:ce:33:ac:71:ed:72:10:56:b3:0a:60:
0e:90:be:cf:8f:8e:0d:b3:c2:d7:8c:21:ee:6a:6d:
c0:42:4a:51:46:48:d6:df:50:c9:2d:b2:b2:92:bc:
e7:60:cd:7a:3f:7d:50:b8:ff:74:7f:ba:85:5e:58:
99:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:A8:B3:CB:B4:D9:75:60:DC:EF:72:DB:CC:34:4A:C4:E8:9E:56:AB
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/56izy7TZdWDc73LbzDRKxOieVqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.201.0/24
89.249.204.0/24
89.249.206.0/23
212.42.192.0/19
Signature Algorithm: sha256WithRSAEncryption
36:44:54:0e:8c:c1:52:a3:38:22:5b:bc:ca:b3:8d:9f:33:7d:
22:21:c6:11:8e:72:7e:88:ac:35:66:66:36:3a:c8:70:be:b4:
44:7d:7a:66:a8:cc:d1:de:ba:81:00:c5:7a:48:c0:30:d2:51:
f7:96:43:12:96:ca:3b:63:86:7a:1f:41:4b:de:89:9f:eb:83:
bd:08:b9:ca:ae:41:9c:b4:6f:9c:fc:24:c7:e8:ae:eb:a8:53:
cc:8f:67:a7:97:be:c8:0e:ed:26:e4:a8:61:9c:37:00:e0:4a:
24:9c:7b:99:e9:aa:a3:0d:16:35:bf:e8:de:73:8a:eb:e0:a9:
f9:2f:b4:2b:4b:21:4b:88:14:0a:78:ec:a0:5f:68:86:a8:ce:
04:43:16:71:3b:c8:af:8f:ae:66:5f:66:06:e9:ef:46:8f:92:
66:d9:7c:1b:f2:fc:a6:47:e1:78:bb:43:4f:26:33:54:94:83:
93:cf:1c:62:04:3f:c9:65:d0:e1:5a:54:87:84:95:0f:66:fc:
12:f5:86:2c:0c:46:84:80:cd:37:6e:06:5a:57:fe:42:0f:56:
53:12:a8:d7:7c:05:fa:89:b0:6d:f5:88:5f:69:76:14:fb:4d:
cb:a7:29:66:cd:e4:81:fc:ff:d6:f0:e0:cb:60:05:ac:2d:34:
70:e9:ba:53
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY6Btmhf7by5/spHvVVzlQxHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwMzI3MjA1OTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2E4YjNjYmI0ZDk3NTYwZGNlZjcyZGJjYzM0NGFjNGU4OWU1NmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQK7JXikpMz2i0wau4a/c+IzI/r4
UfziCitk3dx9C9ZV1d6IUGIDIhxP1mH7NiOvPxOMJDXBU56zvFHM8cVCynVsNmVn
8HKl0pkPv4pvjoA9HZ0ZF889phta4i013RSreV5GR/5AP/QqMAvIdGsSEC+Fe1KU
1SmcRFRMBIdEG3GL8myipvSoeuqi/iGt6u7m1n9oaMSx5y8CbvhLlHMKAcfvs28q
DDMXBaRWcYLUZ4zXEhL+4mi4mdnfUpxwDTedX9gnRFzUzjOsce1yEFazCmAOkL7P
j44Ns8LXjCHuam3AQkpRRkjW31DJLbKykrznYM16P31QuP90f7qFXliZVwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOeos8u02XVg3O9y28w0SsTonlarMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvNTZpenk3VFpkV0RjNzNMYnpEUkt4T2llVnFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWfnJAwQA
WfnMAwQBWfnOAwQF1CrAMA0GCSqGSIb3DQEBCwUAA4IBAQA2RFQOjMFSozgiW7zK
s42fM30iIcYRjnJ+iKw1ZmY2OshwvrREfXpmqMzR3rqBAMV6SMAw0lH3lkMSlso7
Y4Z6H0FL3omf64O9CLnKrkGctG+c/CTH6K7rqFPMj2enl77IDu0m5KhhnDcA4Eok
nHuZ6aqjDRY1v+jec4rr4Kn5L7QrSyFLiBQKeOygX2iGqM4EQxZxO8ivj65mX2YG
6e9Gj5Jm2Xwb8vymR+F4u0NPJjNUlIOTzxxiBD/JZdDhWlSHhJUPZvwS9YYsDEaE
gM03bgZaV/5CD1ZTEqjXfAX6ibBt9YhfaXYU+03LpylmzeSB/P/W8ODLYAWsLTRw
6bpT
-----END CERTIFICATE-----
Generated at Sun Apr 28 18:18:30 2024 by rpki-client on console-ams.rpki-client.org