Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/fknhB9JYl69maO55WUWdtguuMwQ.roa
File: fknhB9JYl69maO55WUWdtguuMwQ.roa (raw, json)
Hash identifier: hsS/e9Xl0khXQ+uBYxmnGpKav/gOrj3iAI2Md9RagV0=
Subject key identifier: 7E:49:E1:07:D2:58:97:AF:66:68:EE:79:59:45:9D:B6:0B:AE:33:04
Certificate issuer: /CN=f82554a856a422b061ae64c577630f91d408cd4a
Certificate serial: 018ED35A5421A40DDCAB7C33B2846BDCC2C9
Authority key identifier: F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/fknhB9JYl69maO55WUWdtguuMwQ.roa
Signing time: Fri 12 Apr 2024 17:28:16 +0000
ROA not before: Fri 12 Apr 2024 17:28:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207849
IP address blocks: 89.234.168.0/22 maxlen: 22
2a00:5881:b100::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 06 May 2024 21:10:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d3:5a:54:21:a4:0d:dc:ab:7c:33:b2:84:6b:dc:c2:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f82554a856a422b061ae64c577630f91d408cd4a
Validity
Not Before: Apr 12 17:28:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e49e107d25897af6668ee7959459db60bae3304
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e0:90:86:52:1b:1f:8e:a2:d8:ad:b0:58:f1:
c6:76:0e:a8:b4:a3:dc:ba:d4:45:b7:af:44:f0:f3:
38:15:62:23:7d:3c:ae:6e:f8:bf:0b:c2:f3:d5:71:
63:a8:12:01:36:f4:af:f3:d0:76:98:24:56:31:e8:
8e:5d:f9:cb:5a:f5:ec:fa:44:ee:47:0e:d3:5f:63:
44:78:96:13:39:10:c6:12:1d:64:4b:64:16:d4:2e:
a7:92:82:2d:f7:51:03:6f:bb:1a:21:e1:ca:a7:a9:
0e:cc:67:e6:73:dd:d9:53:e9:80:9d:27:35:1a:5d:
a2:96:bc:03:e6:c9:f1:b6:88:5e:97:fe:bd:eb:4b:
d3:95:51:5e:67:d2:78:a5:65:e6:bc:22:dc:7b:4f:
c4:27:41:d9:c7:18:10:74:7e:42:56:51:e2:c2:51:
81:19:ce:de:47:e1:78:ea:bf:f8:d1:a2:3d:0e:4e:
6d:81:41:6c:bd:78:f4:ca:ce:3c:51:bf:a8:43:6c:
9b:e2:74:e3:e1:01:07:96:c7:26:85:d0:b5:68:f1:
a0:e8:a9:d9:f8:a6:fd:e0:79:82:b2:95:9d:f8:49:
b8:d8:c4:a7:ee:97:ce:25:e8:0f:a6:74:07:d6:b3:
a6:e0:3c:55:4b:c8:a7:72:0b:c6:4d:10:9d:ad:93:
98:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:49:E1:07:D2:58:97:AF:66:68:EE:79:59:45:9D:B6:0B:AE:33:04
X509v3 Authority Key Identifier:
keyid:F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/fknhB9JYl69maO55WUWdtguuMwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.234.168.0/22
IPv6:
2a00:5881:b100::/40
Signature Algorithm: sha256WithRSAEncryption
b4:f4:f8:a2:aa:22:08:08:13:4c:be:35:34:2c:bd:90:ea:25:
33:d7:19:07:e3:ed:c7:cb:e9:bc:64:ce:39:22:da:28:06:f1:
3a:fc:5a:40:be:93:e4:0d:c5:eb:41:59:ac:17:af:0b:75:f2:
4b:e3:d2:08:a1:3b:3c:ba:70:a7:52:4e:de:d8:71:b4:6f:c8:
fd:e0:20:b0:21:4a:de:5b:a6:9f:01:8a:e8:05:83:a7:02:65:
5a:a3:0f:35:d5:f2:77:70:81:7f:0a:8f:00:ce:f8:4a:ef:24:
de:79:53:3a:e3:c5:70:36:b5:63:28:92:a2:64:8a:03:47:5f:
e4:c4:a8:83:49:78:25:62:8a:e2:59:b4:f8:01:ca:0b:3f:25:
2d:96:50:f8:e7:88:6f:a7:24:99:49:ba:54:7c:27:f9:ef:e0:
e8:e9:c8:2e:4a:27:32:f2:fd:c6:0c:d1:11:b6:d3:b8:4b:87:
e8:a5:58:b6:57:d3:04:a7:1a:ed:67:88:e9:11:75:10:c6:11:
e2:49:85:06:6e:c6:15:e6:6a:34:a4:33:79:a9:0b:3b:a6:d6:
91:3c:76:1d:1a:e0:4c:45:ed:5a:ac:db:de:eb:36:60:a1:12:
b6:eb:2f:0c:bd:7e:c6:b3:92:29:34:6d:12:0b:95:62:28:57:
89:8c:16:c8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY7TWlQhpA3cq3wzsoRr3MLJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MjU1NGE4NTZhNDIyYjA2MWFlNjRjNTc3NjMwZjkxZDQw
OGNkNGEwHhcNMjQwNDEyMTcyODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTQ5ZTEwN2QyNTg5N2FmNjY2OGVlNzk1OTQ1OWRiNjBiYWUzMzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+CQhlIbH46i2K2wWPHGdg6otKPc
utRFt69E8PM4FWIjfTyubvi/C8Lz1XFjqBIBNvSv89B2mCRWMeiOXfnLWvXs+kTu
Rw7TX2NEeJYTORDGEh1kS2QW1C6nkoIt91EDb7saIeHKp6kOzGfmc93ZU+mAnSc1
Gl2ilrwD5snxtohel/6960vTlVFeZ9J4pWXmvCLce0/EJ0HZxxgQdH5CVlHiwlGB
Gc7eR+F46r/40aI9Dk5tgUFsvXj0ys48Ub+oQ2yb4nTj4QEHlscmhdC1aPGg6KnZ
+Kb94HmCspWd+Em42MSn7pfOJegPpnQH1rOm4DxVS8incgvGTRCdrZOYEwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH5J4QfSWJevZmjueVlFnbYLrjMEMB8GA1UdIwQY
MBaAFPglVKhWpCKwYa5kxXdjD5HUCM1KMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1DVlVxRmFrSXJCaHJtVEZkMk1Qa2RRSXpVby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNm
LTk2NWQ2ZDYwM2JmYS8xL2ZrbmhCOUpZbDY5bWFPNTVXVVdkdGd1dU13US5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNmLTk2NWQ2ZDYwM2Jm
YS8xLzEtQ1ZVcUZha0lyQmhybVRGZDJNUGtkUUl6VW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLwYIKwYBBQUHAQcBAf8EIDAeMAwEAgABMAYDBAJZ6qgw
DgQCAAIwCAMGACoAWIGxMA0GCSqGSIb3DQEBCwUAA4IBAQC09PiiqiIICBNMvjU0
LL2Q6iUz1xkH4+3Hy+m8ZM45ItooBvE6/FpAvpPkDcXrQVmsF68LdfJL49IIoTs8
unCnUk7e2HG0b8j94CCwIUreW6afAYroBYOnAmVaow811fJ3cIF/Co8AzvhK7yTe
eVM648VwNrVjKJKiZIoDR1/kxKiDSXglYoriWbT4AcoLPyUtllD454hvpySZSbpU
fCf57+Do6cguSicy8v3GDNERttO4S4fopVi2V9MEpxrtZ4jpEXUQxhHiSYUGbsYV
5mo0pDN5qQs7ptaRPHYdGuBMRe1arNve6zZgoRK26y8MvX7Gs5IpNG0SC5ViKFeJ
jBbI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:03 2024 by rpki-client on console-fra.rpki-client.org