Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/a94992-566b-4b6f-a689-a57604a3f6bb/1/YHWmzf0YnCNU3-seorTADpKj58o.roa
File: YHWmzf0YnCNU3-seorTADpKj58o.roa (raw, json)
Hash identifier: 8NmUM9Y8InGHn4YsJaE8J+LLXqnHvAvEjSgo1IIrjCo=
Subject key identifier: 60:75:A6:CD:FD:18:9C:23:54:DF:EB:1E:A2:B4:C0:0E:92:A3:E7:CA
Certificate issuer: /CN=b8c8aa18730f4a83e2852c5692551abb5b1ee7ea
Certificate serial: 018B383C6E4AD2584473F17F940A5FA8374A
Authority key identifier: B8:C8:AA:18:73:0F:4A:83:E2:85:2C:56:92:55:1A:BB:5B:1E:E7:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uMiqGHMPSoPihSxWklUau1se5-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/a94992-566b-4b6f-a689-a57604a3f6bb/1/YHWmzf0YnCNU3-seorTADpKj58o.roa
Signing time: Mon 16 Oct 2023 11:26:06 +0000
ROA not before: Mon 16 Oct 2023 11:26:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62055
IP address blocks: 89.38.44.0/24 maxlen: 24
89.38.44.0/23 maxlen: 24
89.38.40.0/21 maxlen: 24
89.38.40.0/22 maxlen: 22
89.38.46.0/23 maxlen: 23
185.48.192.0/22 maxlen: 22
2a01:98e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 16 Oct 2023 16:33:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:38:3c:6e:4a:d2:58:44:73:f1:7f:94:0a:5f:a8:37:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8c8aa18730f4a83e2852c5692551abb5b1ee7ea
Validity
Not Before: Oct 16 11:26:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6075a6cdfd189c2354dfeb1ea2b4c00e92a3e7ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:6c:a4:b8:3b:e9:e6:d3:e6:97:e2:0d:26:6c:
24:6c:01:5d:2f:88:d0:54:9d:b1:e7:b3:da:d0:36:
68:80:a4:e3:e4:df:75:59:48:80:b9:88:88:7a:50:
58:10:ea:99:05:d9:ba:5a:c9:05:07:17:de:72:6d:
94:6d:b6:ca:38:85:59:74:13:2e:9b:01:d9:31:49:
01:e8:be:bd:96:0d:6d:c4:4e:fd:f4:5e:bf:c1:25:
73:e5:00:20:54:dc:ac:04:90:c2:29:e7:91:8a:e9:
a8:4a:1d:1d:95:37:33:56:12:74:b2:bf:ea:f2:50:
43:34:2e:3d:18:16:9d:ca:be:8a:05:2e:1e:ce:34:
10:7f:d8:2c:45:05:90:1c:4a:33:99:0d:ab:cd:87:
40:a6:89:6b:e9:0f:c7:53:bf:46:27:c2:28:ae:d9:
d6:2b:48:80:7d:2e:ba:a0:60:9b:cf:ea:b5:6a:64:
ec:6c:3a:0f:e7:e0:0a:81:d8:01:d0:89:93:58:71:
51:89:22:d8:cd:43:e2:02:2f:fd:8f:73:7f:b8:26:
34:97:ee:d2:56:c8:86:c3:e7:89:b5:45:8a:b1:e6:
f8:12:6f:8c:3c:f8:db:34:39:24:ae:0d:cf:6d:80:
e9:a8:d2:6d:f3:d1:f7:bd:ea:46:ad:5d:fc:98:61:
fe:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:75:A6:CD:FD:18:9C:23:54:DF:EB:1E:A2:B4:C0:0E:92:A3:E7:CA
X509v3 Authority Key Identifier:
keyid:B8:C8:AA:18:73:0F:4A:83:E2:85:2C:56:92:55:1A:BB:5B:1E:E7:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uMiqGHMPSoPihSxWklUau1se5-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a94992-566b-4b6f-a689-a57604a3f6bb/1/YHWmzf0YnCNU3-seorTADpKj58o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a94992-566b-4b6f-a689-a57604a3f6bb/1/uMiqGHMPSoPihSxWklUau1se5-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.40.0/21
185.48.192.0/22
IPv6:
2a01:98e0::/32
Signature Algorithm: sha256WithRSAEncryption
a3:ef:8c:2b:5d:11:5e:3e:64:b8:fd:f7:f3:67:bd:25:65:4c:
a3:37:56:78:a2:66:c0:74:1b:37:23:fb:de:89:e8:a5:b0:f6:
81:b5:ff:6f:18:b5:94:96:12:a1:4d:63:69:f6:3c:e5:91:a5:
b6:7c:08:1b:c1:de:a3:66:c9:0f:7b:7c:f7:4c:9a:eb:cc:91:
8f:e7:3d:82:30:26:3b:ca:6c:87:fb:10:44:3c:b8:fc:9c:63:
ee:05:4b:6a:c6:59:4d:bb:62:4b:09:d1:09:81:90:5e:76:84:
88:0d:f2:19:9d:92:a5:c5:7d:95:20:c2:96:0c:f0:12:fe:54:
1f:57:11:fa:e4:c7:bf:fa:55:7e:fd:ff:e3:a3:3b:9f:7d:5e:
c9:6f:ee:77:68:18:e9:9a:0a:14:79:31:a8:a5:4c:82:7b:9f:
94:de:34:fe:ae:1a:f1:c7:4d:a9:df:af:7f:20:ac:1d:74:1a:
ce:9c:09:9f:d2:3d:3a:7e:62:d7:33:21:18:c8:66:e2:29:1b:
54:34:0e:e3:60:74:0f:87:e2:05:82:39:26:26:a4:b0:6a:22:
8a:7a:a6:d4:95:81:38:62:2e:67:9d:dc:52:be:46:07:af:b6:
cf:a1:bc:a5:52:a6:66:c1:90:fb:a7:56:3e:51:f1:b5:44:df:
20:fc:51:5d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYs4PG5K0lhEc/F/lApfqDdKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4YzhhYTE4NzMwZjRhODNlMjg1MmM1NjkyNTUxYWJiNWIx
ZWU3ZWEwHhcNMjMxMDE2MTEyNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDc1YTZjZGZkMTg5YzIzNTRkZmViMWVhMmI0YzAwZTkyYTNlN2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmykuDvp5tPml+INJmwkbAFdL4jQ
VJ2x57Pa0DZogKTj5N91WUiAuYiIelBYEOqZBdm6WskFBxfecm2UbbbKOIVZdBMu
mwHZMUkB6L69lg1txE799F6/wSVz5QAgVNysBJDCKeeRiumoSh0dlTczVhJ0sr/q
8lBDNC49GBadyr6KBS4ezjQQf9gsRQWQHEozmQ2rzYdApolr6Q/HU79GJ8IortnW
K0iAfS66oGCbz+q1amTsbDoP5+AKgdgB0ImTWHFRiSLYzUPiAi/9j3N/uCY0l+7S
VsiGw+eJtUWKseb4Em+MPPjbNDkkrg3PbYDpqNJt89H3vepGrV38mGH+rwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGB1ps39GJwjVN/rHqK0wA6So+fKMB8GA1UdIwQY
MBaAFLjIqhhzD0qD4oUsVpJVGrtbHufqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU1pcUdITVBTb1BpaFN4V2tsVWF1MXNlNS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9hOTQ5OTItNTY2Yi00YjZmLWE2ODkt
YTU3NjA0YTNmNmJiLzEvWUhXbXpmMFluQ05VMy1zZW9yVEFEcEtqNThvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9hOTQ5OTItNTY2Yi00YjZmLWE2ODktYTU3NjA0YTNmNmJi
LzEvdU1pcUdITVBTb1BpaFN4V2tsVWF1MXNlNS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDWSYoAwQC
uTDAMA0EAgACMAcDBQAqAZjgMA0GCSqGSIb3DQEBCwUAA4IBAQCj74wrXRFePmS4
/ffzZ70lZUyjN1Z4ombAdBs3I/veieilsPaBtf9vGLWUlhKhTWNp9jzlkaW2fAgb
wd6jZskPe3z3TJrrzJGP5z2CMCY7ymyH+xBEPLj8nGPuBUtqxllNu2JLCdEJgZBe
doSIDfIZnZKlxX2VIMKWDPAS/lQfVxH65Me/+lV+/f/jozuffV7Jb+53aBjpmgoU
eTGopUyCe5+U3jT+rhrxx02p369/IKwddBrOnAmf0j06fmLXMyEYyGbiKRtUNA7j
YHQPh+IFgjkmJqSwaiKKeqbUlYE4Yi5nndxSvkYHr7bPobylUqZmwZD7p1Y+UfG1
RN8g/FFd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:27 2024 by rpki-client on console-ams.rpki-client.org