Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/pQeo28M9Wga1pK8_WsdU94yQtgU.roa
File: pQeo28M9Wga1pK8_WsdU94yQtgU.roa (raw, json)
Hash identifier: Td2bcQRiFoo4UpnG803PCsLxx3AWMnLedB1HmvYFlks=
Subject key identifier: A5:07:A8:DB:C3:3D:5A:06:B5:A4:AF:3F:5A:C7:54:F7:8C:90:B6:05
Certificate issuer: /CN=408af485b4fd0f03717cd4a709ef11c61d3ef46e
Certificate serial: 01857271171380453ECB155CB3890BDF1821
Authority key identifier: 40:8A:F4:85:B4:FD:0F:03:71:7C:D4:A7:09:EF:11:C6:1D:3E:F4:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/pQeo28M9Wga1pK8_WsdU94yQtgU.roa
Signing time: Mon 02 Jan 2023 12:24:52 +0000
ROA not before: Mon 02 Jan 2023 12:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5606
IP address blocks: 89.33.236.0/23 maxlen: 23
185.171.186.0/24 maxlen: 24
93.119.152.0/24 maxlen: 24
93.119.153.0/24 maxlen: 24
89.40.16.0/24 maxlen: 24
89.40.17.0/24 maxlen: 24
188.214.105.0/24 maxlen: 24
89.40.19.0/24 maxlen: 24
89.40.18.0/24 maxlen: 24
89.46.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Jul 2023 10:41:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:17:13:80:45:3e:cb:15:5c:b3:89:0b:df:18:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408af485b4fd0f03717cd4a709ef11c61d3ef46e
Validity
Not Before: Jan 2 12:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a507a8dbc33d5a06b5a4af3f5ac754f78c90b605
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e6:1a:0d:8d:43:6e:bc:1e:46:14:6a:d2:9f:
34:90:7e:04:0a:a3:e6:8b:f1:a9:c8:7e:32:d0:fe:
41:9b:93:ed:15:f7:57:20:14:b7:40:e2:dc:f7:2d:
3b:a5:97:97:9d:1c:7e:6f:b7:01:44:6a:19:4c:ba:
d3:8b:41:b0:94:9c:08:05:55:9d:8e:f0:f0:d3:d7:
0c:0e:17:fe:d8:56:b8:2e:e5:a6:b7:10:3c:9b:c1:
77:63:ce:f5:0b:78:1d:ee:d9:8e:8f:1e:75:1d:67:
05:32:d4:80:0c:42:7b:53:a5:97:41:f0:c4:63:da:
9c:ec:a4:16:6e:5d:21:fa:8f:ca:f6:c8:4b:36:a0:
ec:99:2d:d6:99:33:66:b8:6f:df:ea:1b:57:5c:05:
2a:bb:ee:ae:60:97:0c:e8:bc:da:d5:85:83:93:5b:
64:38:61:e8:c4:b4:4b:98:86:cc:51:e8:d3:8c:59:
a0:05:3f:f7:91:8d:5b:b6:6c:d2:5e:a5:88:2d:10:
3a:06:16:62:84:fa:64:e6:cf:aa:79:a9:f6:27:16:
e0:92:9c:20:b2:89:c5:1a:0a:ab:78:5d:d9:74:96:
00:47:51:88:26:c7:f1:86:ad:2e:5a:57:10:b3:73:
7d:e6:ea:1c:9b:d9:24:3a:37:0b:b2:53:3a:2e:2b:
f3:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:07:A8:DB:C3:3D:5A:06:B5:A4:AF:3F:5A:C7:54:F7:8C:90:B6:05
X509v3 Authority Key Identifier:
keyid:40:8A:F4:85:B4:FD:0F:03:71:7C:D4:A7:09:EF:11:C6:1D:3E:F4:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/pQeo28M9Wga1pK8_WsdU94yQtgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.236.0/23
89.40.16.0/22
89.46.6.0/24
93.119.152.0/23
185.171.186.0/24
188.214.105.0/24
Signature Algorithm: sha256WithRSAEncryption
96:fd:e2:cb:c4:69:c4:0f:fc:fd:58:af:bd:2e:82:52:a1:8b:
da:37:96:2e:c4:5d:35:d8:05:cb:d7:3a:c6:8c:b2:7c:20:13:
6f:aa:b7:a9:c0:6b:24:0c:ac:92:c9:fc:9d:62:4b:37:e8:ee:
d8:0c:c0:0c:bc:ba:39:f2:2b:f1:9e:ba:7a:21:da:78:fd:a4:
e8:ee:68:b7:46:d1:5d:dd:59:c7:a0:f7:98:e1:e1:81:77:ee:
40:ba:f7:cb:a5:13:f0:b8:a3:c8:4a:7b:db:08:71:28:3f:a1:
d3:98:6f:8b:d5:64:1d:41:69:45:4e:4f:26:3b:32:3f:26:22:
83:6e:df:43:38:0d:99:b0:30:bb:6d:ae:d2:63:8d:47:78:3c:
5a:01:3a:23:fe:e1:b1:c6:fd:6a:8e:69:62:35:90:38:42:1f:
fe:33:eb:d5:1d:1a:e3:14:7b:ff:c0:eb:fc:a3:fa:31:c1:85:
e4:f3:ce:e2:2a:50:fb:0e:b0:6c:ea:9b:81:1a:42:82:de:45:
49:84:2c:7c:89:ef:08:d3:d6:1c:e3:ae:49:82:ea:45:9a:21:
0a:53:0f:79:d0:f5:b9:d0:5f:cc:e6:b6:cd:a8:36:c6:aa:6a:
92:be:8f:41:a3:b0:16:e7:d6:9a:a1:cc:93:9e:74:dc:a9:45:
24:c7:d8:5a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVycRcTgEU+yxVcs4kL3xghMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwOGFmNDg1YjRmZDBmMDM3MTdjZDRhNzA5ZWYxMWM2MWQz
ZWY0NmUwHhcNMjMwMTAyMTIyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTA3YThkYmMzM2Q1YTA2YjVhNGFmM2Y1YWM3NTRmNzhjOTBiNjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+YaDY1DbrweRhRq0p80kH4ECqPm
i/GpyH4y0P5Bm5PtFfdXIBS3QOLc9y07pZeXnRx+b7cBRGoZTLrTi0GwlJwIBVWd
jvDw09cMDhf+2Fa4LuWmtxA8m8F3Y871C3gd7tmOjx51HWcFMtSADEJ7U6WXQfDE
Y9qc7KQWbl0h+o/K9shLNqDsmS3WmTNmuG/f6htXXAUqu+6uYJcM6Lza1YWDk1tk
OGHoxLRLmIbMUejTjFmgBT/3kY1btmzSXqWILRA6BhZihPpk5s+qean2Jxbgkpwg
sonFGgqreF3ZdJYAR1GIJsfxhq0uWlcQs3N95uocm9kkOjcLslM6LivzNwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKUHqNvDPVoGtaSvP1rHVPeMkLYFMB8GA1UdIwQY
MBaAFECK9IW0/Q8DcXzUpwnvEcYdPvRuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlyMGhiVDlEd054Zk5TbkNlOFJ4aDAtOUc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lMTE3MWMtNTI3MC00OWNkLTkzNzkt
Yjk1YjA4YTIzYWUxLzEvcFFlbzI4TTlXZ2ExcEs4X1dzZFU5NHlRdGdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lMTE3MWMtNTI3MC00OWNkLTkzNzktYjk1YjA4YTIzYWUx
LzEvUUlyMGhiVDlEd054Zk5TbkNlOFJ4aDAtOUc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBWSHsAwQC
WSgQAwQAWS4GAwQBXXeYAwQAuau6AwQAvNZpMA0GCSqGSIb3DQEBCwUAA4IBAQCW
/eLLxGnED/z9WK+9LoJSoYvaN5YuxF012AXL1zrGjLJ8IBNvqrepwGskDKySyfyd
Yks36O7YDMAMvLo58ivxnrp6Idp4/aTo7mi3RtFd3VnHoPeY4eGBd+5AuvfLpRPw
uKPISnvbCHEoP6HTmG+L1WQdQWlFTk8mOzI/JiKDbt9DOA2ZsDC7ba7SY41HeDxa
AToj/uGxxv1qjmliNZA4Qh/+M+vVHRrjFHv/wOv8o/oxwYXk887iKlD7DrBs6puB
GkKC3kVJhCx8ie8I09Yc465JgupFmiEKUw950PW50F/M5rbNqDbGqmqSvo9Bo7AW
59aaocyTnnTcqUUkx9ha
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:06 2024 by rpki-client on console-ams.rpki-client.org