Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/0547cb-c5dc-4e2f-aff7-3eca7df2ae57/1/awTB84jZp8YMe9I4helUbSI7s7o.roa
File: awTB84jZp8YMe9I4helUbSI7s7o.roa (raw, json)
Hash identifier: bVWL0f6zS8LPOvmklMNyaQ72FVfv0drlO+yqsUx7yTg=
Subject key identifier: 6B:04:C1:F3:88:D9:A7:C6:0C:7B:D2:38:85:E9:54:6D:22:3B:B3:BA
Certificate issuer: /CN=8f368feb9e553bdd131562584a3353b1d7555c50
Certificate serial: 01906F0FB4E432019232342F7E0D81505AA7
Authority key identifier: 8F:36:8F:EB:9E:55:3B:DD:13:15:62:58:4A:33:53:B1:D7:55:5C:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzaP655VO90TFWJYSjNTsddVXFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/0547cb-c5dc-4e2f-aff7-3eca7df2ae57/1/awTB84jZp8YMe9I4helUbSI7s7o.roa
Signing time: Mon 01 Jul 2024 16:10:18 +0000
ROA not before: Mon 01 Jul 2024 16:10:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201565
IP address blocks: 89.35.206.0/24 maxlen: 24
89.35.207.0/24 maxlen: 24
94.176.184.0/24 maxlen: 24
94.176.185.0/24 maxlen: 24
185.11.232.0/22 maxlen: 22
185.59.96.0/22 maxlen: 22
185.91.148.0/24 maxlen: 24
185.91.149.0/24 maxlen: 24
185.91.150.0/24 maxlen: 24
185.91.151.0/24 maxlen: 24
2a03:7e40::/36 maxlen: 36
2a03:7e40:1000::/36 maxlen: 36
2a03:7e40:2000::/36 maxlen: 36
2a03:7e40:3000::/36 maxlen: 36
2a03:7e40:4000::/36 maxlen: 36
2a03:7e40:5000::/36 maxlen: 36
2a03:7e40:6000::/36 maxlen: 36
2a03:7e40:7000::/36 maxlen: 36
Validation: Failed, certificate revoked on Fri 12 Jul 2024 11:16:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6f:0f:b4:e4:32:01:92:32:34:2f:7e:0d:81:50:5a:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f368feb9e553bdd131562584a3353b1d7555c50
Validity
Not Before: Jul 1 16:10:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b04c1f388d9a7c60c7bd23885e9546d223bb3ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:11:e7:c5:9a:44:2e:07:f4:7d:0a:da:58:39:
3a:27:dc:9e:eb:f2:2c:bf:44:58:45:90:ec:da:a4:
bc:d5:d4:c7:6e:5b:1c:6d:59:b8:58:5a:37:35:fe:
fa:ad:e5:e4:fd:a7:ed:3e:ac:44:e0:7b:cc:70:79:
2a:1d:7c:73:c5:64:bb:f8:c9:a3:fe:d1:dd:5b:bf:
f8:d4:b3:05:c2:5f:92:18:8b:93:e3:ed:c9:fc:db:
78:11:b9:ba:17:41:16:e1:69:b2:60:fa:f6:2b:e0:
61:bd:35:e2:ca:11:e7:49:0e:d3:35:3d:98:29:12:
3d:68:62:a8:b5:b2:2e:b4:2b:d9:05:f6:b8:87:af:
f8:b8:61:dc:e7:39:0c:fa:4b:8f:f0:fd:08:ec:f8:
72:46:62:80:16:cf:60:d5:89:21:00:ab:ac:16:ec:
57:a7:56:30:b3:a5:11:14:3d:d6:d2:35:4a:9c:f0:
f3:9e:d2:36:1f:7e:32:ef:e8:11:8e:dd:55:73:17:
8e:ed:70:e3:cd:8d:ed:b8:1f:51:d5:83:56:e4:50:
fc:ee:46:88:0e:bc:d4:9c:64:20:86:f5:2e:d2:f0:
e0:a0:04:01:a9:8d:1f:16:33:4c:84:04:f2:25:9d:
10:3e:f2:12:88:a1:f1:2a:7c:b0:0f:f3:e3:a4:da:
76:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:04:C1:F3:88:D9:A7:C6:0C:7B:D2:38:85:E9:54:6D:22:3B:B3:BA
X509v3 Authority Key Identifier:
keyid:8F:36:8F:EB:9E:55:3B:DD:13:15:62:58:4A:33:53:B1:D7:55:5C:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzaP655VO90TFWJYSjNTsddVXFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/0547cb-c5dc-4e2f-aff7-3eca7df2ae57/1/awTB84jZp8YMe9I4helUbSI7s7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/0547cb-c5dc-4e2f-aff7-3eca7df2ae57/1/jzaP655VO90TFWJYSjNTsddVXFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.206.0/23
94.176.184.0/23
185.11.232.0/22
185.59.96.0/22
185.91.148.0/22
IPv6:
2a03:7e40::/33
Signature Algorithm: sha256WithRSAEncryption
84:7c:dd:11:56:91:4d:bd:49:6c:df:68:17:29:72:25:2f:9c:
8f:71:dd:f9:87:f2:c4:b0:f3:6f:35:c4:d3:fd:b0:67:41:b5:
b1:a7:79:12:b9:80:02:80:ff:29:55:f1:6b:8b:e3:d5:54:9d:
58:7d:6a:0a:94:d9:27:20:23:cf:25:99:36:dc:0f:fe:fd:b3:
33:2b:ff:e3:4e:e9:ec:24:29:6d:b7:86:04:d9:98:43:ff:f0:
db:78:35:cd:48:10:63:92:b5:21:fa:03:d6:3a:26:50:14:b9:
c2:0c:21:90:76:4a:61:1f:1e:72:dd:e6:fd:b6:2f:c4:09:27:
a6:88:5b:e2:fe:3b:4e:f8:bf:f5:98:10:7c:77:a0:5e:15:42:
0c:c3:7a:8a:ab:4d:91:e9:73:6a:06:3d:12:05:9a:c1:1b:70:
f8:f0:2e:31:8a:83:f7:69:0f:f6:e9:55:9d:db:34:d9:c1:07:
21:ca:bb:0e:5c:23:db:4e:45:c4:01:18:c3:ed:45:52:97:37:
16:ed:0d:30:f7:5f:46:82:62:66:ab:62:b8:5c:5c:02:d4:e2:
34:b3:90:64:b4:98:61:07:77:34:c8:cb:20:3e:3a:3e:be:82:
36:b3:94:61:d5:d0:66:e2:e0:db:43:27:5c:a5:6b:0e:6c:7c:
1c:64:9a:1b
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZBvD7TkMgGSMjQvfg2BUFqnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzY4ZmViOWU1NTNiZGQxMzE1NjI1ODRhMzM1M2IxZDc1
NTVjNTAwHhcNMjQwNzAxMTYxMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjA0YzFmMzg4ZDlhN2M2MGM3YmQyMzg4NWU5NTQ2ZDIyM2JiM2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxHnxZpELgf0fQraWDk6J9ye6/Is
v0RYRZDs2qS81dTHblscbVm4WFo3Nf76reXk/aftPqxE4HvMcHkqHXxzxWS7+Mmj
/tHdW7/41LMFwl+SGIuT4+3J/Nt4Ebm6F0EW4WmyYPr2K+BhvTXiyhHnSQ7TNT2Y
KRI9aGKotbIutCvZBfa4h6/4uGHc5zkM+kuP8P0I7PhyRmKAFs9g1YkhAKusFuxX
p1Yws6URFD3W0jVKnPDzntI2H34y7+gRjt1VcxeO7XDjzY3tuB9R1YNW5FD87kaI
DrzUnGQghvUu0vDgoAQBqY0fFjNMhATyJZ0QPvISiKHxKnywD/PjpNp2VQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFGsEwfOI2afGDHvSOIXpVG0iO7O6MB8GA1UdIwQY
MBaAFI82j+ueVTvdExViWEozU7HXVVxQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanphUDY1NVZPOTBURldKWVNqTlRzZGRWWEZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8wNTQ3Y2ItYzVkYy00ZTJmLWFmZjct
M2VjYTdkZjJhZTU3LzEvYXdUQjg0alpwOFlNZTlJNGhlbFViU0k3czdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8wNTQ3Y2ItYzVkYy00ZTJmLWFmZjctM2VjYTdkZjJhZTU3
LzEvanphUDY1NVZPOTBURldKWVNqTlRzZGRWWEZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAkBAIAATAeAwQBWSPOAwQB
XrC4AwQCuQvoAwQCuTtgAwQCuVuUMA4EAgACMAgDBgcqA35AADANBgkqhkiG9w0B
AQsFAAOCAQEAhHzdEVaRTb1JbN9oFylyJS+cj3Hd+YfyxLDzbzXE0/2wZ0G1sad5
ErmAAoD/KVXxa4vj1VSdWH1qCpTZJyAjzyWZNtwP/v2zMyv/407p7CQpbbeGBNmY
Q//w23g1zUgQY5K1IfoD1jomUBS5wgwhkHZKYR8ect3m/bYvxAknpohb4v47Tvi/
9ZgQfHegXhVCDMN6iqtNkelzagY9EgWawRtw+PAuMYqD92kP9ulVnds02cEHIcq7
Dlwj205FxAEYw+1FUpc3Fu0NMPdfRoJiZqtiuFxcAtTiNLOQZLSYYQd3NMjLID46
Pr6CNrOUYdXQZuLg20MnXKVrDmx8HGSaGw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:59 2025 by rpki-client