Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/FN3lgNT-RLdxjhLUWCnaazwRjMo.roa
File: FN3lgNT-RLdxjhLUWCnaazwRjMo.roa (raw, json)
Hash identifier: 7hSI7z1FAeEN5k+2VZxAvTSMqcTFZMfD11R39f2lIZ8=
Subject key identifier: 14:DD:E5:80:D4:FE:44:B7:71:8E:12:D4:58:29:DA:6B:3C:11:8C:CA
Certificate issuer: /CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
Certificate serial: 01856F5DCDCFF5BD91A929D6C8254E6FE842
Authority key identifier: DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/FN3lgNT-RLdxjhLUWCnaazwRjMo.roa
Signing time: Sun 01 Jan 2023 22:04:56 +0000
ROA not before: Sun 01 Jan 2023 22:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41480
IP address blocks: 89.20.64.0/19 maxlen: 19
89.20.64.0/20 maxlen: 20
212.124.64.0/19 maxlen: 19
212.124.64.0/22 maxlen: 22
212.124.64.0/20 maxlen: 20
212.124.80.0/20 maxlen: 20
89.20.80.0/20 maxlen: 20
2a02:2170::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:cd:cf:f5:bd:91:a9:29:d6:c8:25:4e:6f:e8:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
Validity
Not Before: Jan 1 22:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14dde580d4fe44b7718e12d45829da6b3c118cca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1e:85:48:78:ea:8d:95:83:00:e9:1e:04:81:
fa:ff:02:d9:11:d8:55:09:c6:d6:27:ef:c6:e8:75:
a8:9b:4c:cb:4c:21:25:9b:cc:84:16:5b:d8:45:ff:
78:07:d2:2c:5c:2e:8a:30:a4:bd:2d:4a:25:0f:e1:
b2:ee:7e:2d:a4:63:fe:ba:60:9a:20:34:55:b4:55:
f0:4c:9d:f9:63:8e:eb:db:99:e8:63:9c:d2:64:0f:
0e:2d:c2:f4:42:a4:7a:87:9f:fd:5d:58:4e:08:17:
b5:b2:c9:83:e0:4f:0d:38:8e:48:ba:79:a8:e9:97:
14:c2:f0:67:42:0a:d1:b9:86:cc:f5:b1:3d:e1:d1:
c3:41:aa:91:e9:5a:8c:fb:1b:5d:4a:1f:16:b3:f3:
d9:49:5c:f6:7f:2e:ca:10:ac:ae:8f:cd:c3:b8:e6:
71:7a:00:c0:28:e0:4b:91:51:36:75:87:ac:95:7d:
25:3e:5f:70:a8:2b:b1:96:7c:c6:ff:e4:ee:dc:ac:
27:4c:e3:40:fb:0b:ce:7d:c1:ae:cc:a3:ea:46:94:
91:1b:70:58:97:16:37:37:54:29:20:d2:ac:32:54:
6d:86:12:f7:a0:7c:3b:c0:48:24:03:46:85:5f:f7:
26:88:8b:31:21:a1:ef:a6:ce:5a:a6:4d:52:b9:67:
69:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:DD:E5:80:D4:FE:44:B7:71:8E:12:D4:58:29:DA:6B:3C:11:8C:CA
X509v3 Authority Key Identifier:
keyid:DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/FN3lgNT-RLdxjhLUWCnaazwRjMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.20.64.0/19
212.124.64.0/19
IPv6:
2a02:2170::/32
Signature Algorithm: sha256WithRSAEncryption
38:d5:74:24:91:63:cf:5c:1c:6e:26:96:54:35:be:db:16:a0:
77:df:87:f3:b2:7e:65:13:f1:31:c3:c8:08:35:d5:a2:e9:1a:
58:62:a2:c2:8b:bf:7a:e8:0a:9a:a8:5f:93:4c:0d:54:2f:b5:
4e:35:4b:5e:43:02:99:3f:f9:48:68:49:9a:b9:ad:78:d7:a7:
76:0e:a7:ae:b4:f6:4b:4d:94:f1:b8:ac:80:79:96:3c:f2:df:
18:24:b3:63:2e:a5:e8:36:25:dd:00:c5:58:ba:b6:35:54:a8:
10:cb:72:8c:e4:a6:f0:e8:53:e2:8c:42:83:0d:f9:cf:53:f9:
09:89:1d:df:6c:1c:93:55:f2:42:ee:15:84:5c:e6:c9:fa:7c:
bc:4b:8b:c2:0d:95:0a:56:12:dd:e8:43:70:70:71:0f:a4:d2:
95:f3:b5:06:0f:2e:c2:ae:27:69:49:bb:a5:2f:b6:40:d0:72:
42:b3:23:2e:00:10:b3:97:fe:59:b3:1d:a2:a2:33:f8:23:a0:
02:36:d5:7a:b0:6b:86:fa:b9:1a:06:ab:4c:57:1a:4b:67:76:
ca:74:36:b2:3b:a5:04:62:7e:a3:71:8b:dd:2e:cf:75:9e:90:
c9:40:70:d6:3e:56:46:d6:fa:38:30:42:73:0c:05:ef:1f:eb:
ef:97:90:6b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvXc3P9b2RqSnWyCVOb+hCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZWUyYmY0M2YyMWE4MWM0OTJjNmU2YTlmYzZmMDc0ZDJm
MGEyMTcwHhcNMjMwMTAxMjIwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGRkZTU4MGQ0ZmU0NGI3NzE4ZTEyZDQ1ODI5ZGE2YjNjMTE4Y2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsx6FSHjqjZWDAOkeBIH6/wLZEdhV
CcbWJ+/G6HWom0zLTCElm8yEFlvYRf94B9IsXC6KMKS9LUolD+Gy7n4tpGP+umCa
IDRVtFXwTJ35Y47r25noY5zSZA8OLcL0QqR6h5/9XVhOCBe1ssmD4E8NOI5Iunmo
6ZcUwvBnQgrRuYbM9bE94dHDQaqR6VqM+xtdSh8Ws/PZSVz2fy7KEKyuj83DuOZx
egDAKOBLkVE2dYeslX0lPl9wqCuxlnzG/+Tu3KwnTONA+wvOfcGuzKPqRpSRG3BY
lxY3N1QpINKsMlRthhL3oHw7wEgkA0aFX/cmiIsxIaHvps5apk1SuWdpJwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBTd5YDU/kS3cY4S1Fgp2ms8EYzKMB8GA1UdIwQY
MBaAFN/uK/Q/IagcSSxuap/G8HTS8KIXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zYjNiZTAtNTRhNy00MTBmLTlkMTIt
MjhkNzhlYjlmMmRjLzEvRk4zbGdOVC1STGR4amhMVVdDbmFhendSak1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zYjNiZTAtNTRhNy00MTBmLTlkMTItMjhkNzhlYjlmMmRj
LzEvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFWRRAAwQF
1HxAMA0EAgACMAcDBQAqAiFwMA0GCSqGSIb3DQEBCwUAA4IBAQA41XQkkWPPXBxu
JpZUNb7bFqB334fzsn5lE/Exw8gINdWi6RpYYqLCi7966AqaqF+TTA1UL7VONUte
QwKZP/lIaEmaua1416d2DqeutPZLTZTxuKyAeZY88t8YJLNjLqXoNiXdAMVYurY1
VKgQy3KM5Kbw6FPijEKDDfnPU/kJiR3fbByTVfJC7hWEXObJ+ny8S4vCDZUKVhLd
6ENwcHEPpNKV87UGDy7CridpSbulL7ZA0HJCsyMuABCzl/5Zsx2iojP4I6ACNtV6
sGuG+rkaBqtMVxpLZ3bKdDayO6UEYn6jcYvdLs91npDJQHDWPlZG1vo4MEJzDAXv
H+vvl5Br
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:48 2024 by rpki-client on console-fra.rpki-client.org