Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/a94992-566b-4b6f-a689-a57604a3f6bb/1/nYfQOh2aWktAUhY4GjxUVwcnzJo.roa
File: nYfQOh2aWktAUhY4GjxUVwcnzJo.roa (raw, json)
Hash identifier: IuhjVI/VddNGoOBOnXJq7ukt5/nGZDbK6P8Cc65Xq9c=
Subject key identifier: 9D:87:D0:3A:1D:9A:5A:4B:40:52:16:38:1A:3C:54:57:07:27:CC:9A
Certificate issuer: /CN=b8c8aa18730f4a83e2852c5692551abb5b1ee7ea
Certificate serial: 0185724C6FE2BC41FFF0C67B1F03327274AC
Authority key identifier: B8:C8:AA:18:73:0F:4A:83:E2:85:2C:56:92:55:1A:BB:5B:1E:E7:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uMiqGHMPSoPihSxWklUau1se5-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/a94992-566b-4b6f-a689-a57604a3f6bb/1/nYfQOh2aWktAUhY4GjxUVwcnzJo.roa
Signing time: Mon 02 Jan 2023 11:44:50 +0000
ROA not before: Mon 02 Jan 2023 11:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62055
IP address blocks: 89.38.44.0/23 maxlen: 24
89.38.44.0/24 maxlen: 24
89.38.40.0/21 maxlen: 24
89.38.40.0/22 maxlen: 22
89.38.46.0/23 maxlen: 23
185.48.192.0/22 maxlen: 22
188.215.85.0/24 maxlen: 24
188.215.84.0/22 maxlen: 22
188.215.80.0/23 maxlen: 24
188.215.82.0/23 maxlen: 23
188.215.86.0/23 maxlen: 23
2a01:98e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 28 Sep 2023 08:27:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:6f:e2:bc:41:ff:f0:c6:7b:1f:03:32:72:74:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8c8aa18730f4a83e2852c5692551abb5b1ee7ea
Validity
Not Before: Jan 2 11:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d87d03a1d9a5a4b405216381a3c54570727cc9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d7:a4:1a:d9:ec:4b:13:e3:4d:43:3f:56:97:
29:c4:20:31:04:1e:48:8e:fb:62:f2:1c:fb:b6:12:
f2:51:14:96:3d:52:1c:99:1c:d3:f9:f2:6d:18:16:
a4:71:a9:36:a4:ee:66:18:80:af:0b:cb:8d:92:1e:
2f:4a:7c:80:05:1f:6b:98:b7:71:17:c9:b7:16:d5:
1d:63:3d:81:4c:4d:7e:84:f6:5c:34:cc:07:ab:98:
40:9c:a9:6e:3f:bb:fa:2d:1f:76:c0:c0:4c:ab:88:
a1:d0:ea:0d:23:28:77:57:9a:ee:11:73:6f:4c:a6:
a4:11:fc:df:da:34:39:3e:14:e9:86:6b:e2:4a:36:
19:c1:fd:61:3f:59:64:6c:89:e3:2b:b7:59:5b:27:
21:8b:39:d8:a9:ad:09:89:38:8e:89:0f:58:8f:4e:
0a:36:a7:ae:af:30:73:28:7f:c0:dd:a7:a7:7d:8d:
07:49:69:9b:14:60:ac:81:e3:42:5d:da:8a:c1:08:
b6:89:cb:f8:aa:12:4e:93:8d:0e:de:8e:3a:ae:6f:
b5:5d:e1:86:28:14:79:0c:c4:f2:3a:9b:13:0f:58:
a0:cf:27:34:36:5a:89:97:d1:e3:96:48:3a:7e:a5:
39:84:73:da:79:b9:e9:99:30:68:a5:64:e6:02:b5:
5e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:87:D0:3A:1D:9A:5A:4B:40:52:16:38:1A:3C:54:57:07:27:CC:9A
X509v3 Authority Key Identifier:
keyid:B8:C8:AA:18:73:0F:4A:83:E2:85:2C:56:92:55:1A:BB:5B:1E:E7:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uMiqGHMPSoPihSxWklUau1se5-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a94992-566b-4b6f-a689-a57604a3f6bb/1/nYfQOh2aWktAUhY4GjxUVwcnzJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a94992-566b-4b6f-a689-a57604a3f6bb/1/uMiqGHMPSoPihSxWklUau1se5-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.40.0/21
185.48.192.0/22
188.215.80.0/21
IPv6:
2a01:98e0::/32
Signature Algorithm: sha256WithRSAEncryption
78:68:fc:e4:79:dd:8f:f0:4d:cc:ad:c1:64:fa:ab:17:e0:dd:
f4:a3:e6:bd:fe:44:a4:1b:9a:c6:b9:83:e4:ea:70:ff:32:88:
71:8c:3d:1a:33:39:30:cf:63:9f:88:04:d8:89:3a:08:5b:95:
16:a3:f2:b0:e9:5a:dc:c4:6b:03:ed:aa:94:73:32:11:51:42:
07:b9:19:71:48:9e:77:51:db:7f:bc:4b:5a:ec:63:47:76:19:
08:7e:a5:5e:1e:e0:06:ad:a3:99:2a:6d:a8:ff:7a:4f:f4:95:
59:37:b1:ba:1f:1a:b8:24:0b:a4:05:1f:a3:e9:9a:09:32:45:
7d:e1:da:8d:64:56:6b:d5:4b:6e:0b:39:85:ad:ef:bb:0b:a2:
3a:69:52:6a:c6:19:da:ef:b4:40:95:fc:ad:53:48:b0:bb:62:
63:37:5f:33:3d:f7:99:9f:43:71:5a:5a:10:94:36:60:80:f0:
a1:08:25:15:c3:45:6d:29:75:4c:5b:c0:b3:77:e3:f8:21:43:
99:29:d6:5d:7d:35:d8:1b:c8:d7:07:70:31:7f:49:65:31:5d:
0e:ce:20:c1:2a:93:91:39:0e:3d:13:de:38:a7:fc:0c:a4:a8:
3f:f9:c4:e6:87:a2:31:f3:42:e7:f2:45:e6:9a:00:79:ed:a7:
6c:d0:de:f1
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVyTG/ivEH/8MZ7HwMycnSsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4YzhhYTE4NzMwZjRhODNlMjg1MmM1NjkyNTUxYWJiNWIx
ZWU3ZWEwHhcNMjMwMTAyMTE0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDg3ZDAzYTFkOWE1YTRiNDA1MjE2MzgxYTNjNTQ1NzA3MjdjYzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtekGtnsSxPjTUM/VpcpxCAxBB5I
jvti8hz7thLyURSWPVIcmRzT+fJtGBakcak2pO5mGICvC8uNkh4vSnyABR9rmLdx
F8m3FtUdYz2BTE1+hPZcNMwHq5hAnKluP7v6LR92wMBMq4ih0OoNIyh3V5ruEXNv
TKakEfzf2jQ5PhTphmviSjYZwf1hP1lkbInjK7dZWychiznYqa0JiTiOiQ9Yj04K
NqeurzBzKH/A3aenfY0HSWmbFGCsgeNCXdqKwQi2icv4qhJOk40O3o46rm+1XeGG
KBR5DMTyOpsTD1igzyc0NlqJl9Hjlkg6fqU5hHPaebnpmTBopWTmArVeVwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJ2H0DodmlpLQFIWOBo8VFcHJ8yaMB8GA1UdIwQY
MBaAFLjIqhhzD0qD4oUsVpJVGrtbHufqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU1pcUdITVBTb1BpaFN4V2tsVWF1MXNlNS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9hOTQ5OTItNTY2Yi00YjZmLWE2ODkt
YTU3NjA0YTNmNmJiLzEvbllmUU9oMmFXa3RBVWhZNEdqeFVWd2NuekpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9hOTQ5OTItNTY2Yi00YjZmLWE2ODktYTU3NjA0YTNmNmJi
LzEvdU1pcUdITVBTb1BpaFN4V2tsVWF1MXNlNS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDWSYoAwQC
uTDAAwQDvNdQMA0EAgACMAcDBQAqAZjgMA0GCSqGSIb3DQEBCwUAA4IBAQB4aPzk
ed2P8E3MrcFk+qsX4N30o+a9/kSkG5rGuYPk6nD/MohxjD0aMzkwz2OfiATYiToI
W5UWo/Kw6VrcxGsD7aqUczIRUUIHuRlxSJ53Udt/vEta7GNHdhkIfqVeHuAGraOZ
Km2o/3pP9JVZN7G6Hxq4JAukBR+j6ZoJMkV94dqNZFZr1UtuCzmFre+7C6I6aVJq
xhna77RAlfytU0iwu2JjN18zPfeZn0NxWloQlDZggPChCCUVw0VtKXVMW8Czd+P4
IUOZKdZdfTXYG8jXB3Axf0llMV0OziDBKpOROQ49E944p/wMpKg/+cTmh6Ix80Ln
8kXmmgB57ads0N7x
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:04 2024 by rpki-client on console-fra.rpki-client.org