Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/a94992-566b-4b6f-a689-a57604a3f6bb/1/xom90yEjMhf5bTzymMIAHOne-uA.roa
File: xom90yEjMhf5bTzymMIAHOne-uA.roa (raw, json)
Hash identifier: MwcjDChAfw+Hqk9IhKWjNa31fgnKgpjtoT/zHj+F0cg=
Subject key identifier: C6:89:BD:D3:21:23:32:17:F9:6D:3C:F2:98:C2:00:1C:E9:DE:FA:E0
Certificate issuer: /CN=b8c8aa18730f4a83e2852c5692551abb5b1ee7ea
Certificate serial: 018B3955803AB20654B75C89574138A7030F
Authority key identifier: B8:C8:AA:18:73:0F:4A:83:E2:85:2C:56:92:55:1A:BB:5B:1E:E7:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uMiqGHMPSoPihSxWklUau1se5-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/a94992-566b-4b6f-a689-a57604a3f6bb/1/xom90yEjMhf5bTzymMIAHOne-uA.roa
Signing time: Mon 16 Oct 2023 16:33:06 +0000
ROA not before: Mon 16 Oct 2023 16:33:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62055
IP address blocks: 89.38.44.0/23 maxlen: 24
89.38.44.0/24 maxlen: 24
89.38.40.0/21 maxlen: 24
89.38.40.0/22 maxlen: 22
89.38.45.0/24 maxlen: 24
89.38.46.0/23 maxlen: 23
185.48.192.0/22 maxlen: 22
2a01:98e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 17 Oct 2023 08:23:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:39:55:80:3a:b2:06:54:b7:5c:89:57:41:38:a7:03:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8c8aa18730f4a83e2852c5692551abb5b1ee7ea
Validity
Not Before: Oct 16 16:33:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c689bdd321233217f96d3cf298c2001ce9defae0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4c:aa:22:1b:15:5d:e3:68:60:34:fd:03:bb:
8e:94:dc:79:ee:4b:7b:63:f0:78:9c:e1:b6:e9:60:
45:cc:a8:aa:d5:9f:a1:5b:dd:d3:de:da:5c:ae:76:
f7:c7:d9:a2:06:8c:c4:a1:8e:fd:15:38:5c:53:dd:
e4:18:f5:2f:6e:f4:79:ea:90:18:d4:db:48:08:a0:
da:38:31:9e:97:f8:0e:f6:2e:df:35:2c:1a:e2:f6:
ef:2d:01:43:a3:50:b8:58:cc:1a:7b:2f:f3:c0:c7:
c2:a2:d3:dc:f6:f0:62:b2:ee:70:99:a5:ae:6b:72:
35:a5:df:f5:5e:c8:6d:18:ce:13:70:7e:f3:02:8f:
d1:b4:6e:2e:49:fe:db:46:94:5c:93:04:30:a5:a1:
45:f5:12:b4:bd:4a:07:72:03:d0:d8:4c:9a:9d:c1:
11:d2:2f:c1:6c:03:b9:e0:97:46:10:34:ae:3a:b6:
de:80:37:31:90:14:9f:34:a2:56:52:f1:07:d0:00:
da:d7:14:d5:4a:24:56:e5:72:3d:a4:c0:5e:3c:4e:
9e:67:b5:3e:11:74:e3:74:53:24:70:d7:c7:9e:e7:
f7:8e:dc:f7:24:20:09:cb:8b:ff:44:54:3b:28:5e:
2a:2d:dc:c0:1c:92:10:36:7e:66:2c:31:ea:f4:1b:
80:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:89:BD:D3:21:23:32:17:F9:6D:3C:F2:98:C2:00:1C:E9:DE:FA:E0
X509v3 Authority Key Identifier:
keyid:B8:C8:AA:18:73:0F:4A:83:E2:85:2C:56:92:55:1A:BB:5B:1E:E7:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uMiqGHMPSoPihSxWklUau1se5-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a94992-566b-4b6f-a689-a57604a3f6bb/1/xom90yEjMhf5bTzymMIAHOne-uA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a94992-566b-4b6f-a689-a57604a3f6bb/1/uMiqGHMPSoPihSxWklUau1se5-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.40.0/21
185.48.192.0/22
IPv6:
2a01:98e0::/32
Signature Algorithm: sha256WithRSAEncryption
b5:28:59:de:9a:6d:f2:09:60:e4:71:be:cd:c3:52:7a:1a:f2:
24:bf:70:ce:11:28:f7:80:72:ca:d3:52:05:56:85:95:53:97:
c3:48:0b:7c:d4:3f:f2:9b:29:a3:76:6d:bb:b4:90:9c:08:1a:
26:2e:41:b7:f9:28:f6:7f:74:b9:68:dd:8d:cd:89:a9:b9:64:
87:97:1b:28:80:11:eb:da:d0:94:98:a4:fb:ac:08:e8:2a:f9:
dd:05:94:6c:51:87:13:6a:8b:dc:36:86:df:61:26:1b:a7:85:
6b:ef:91:cc:a9:b5:9b:b7:5c:a2:a4:61:24:4b:95:ec:a9:56:
d3:ac:a4:86:47:47:98:04:70:8f:3c:bc:5b:49:02:7c:8e:6d:
9e:5f:e4:69:e9:93:e6:be:3c:3a:ed:a5:9d:7e:4b:37:2e:e8:
bc:16:3e:60:ae:31:ed:d1:ee:19:5a:dd:c3:86:a2:39:24:c2:
2d:a4:b3:3a:44:75:90:f1:c4:51:3d:5c:c8:a4:a4:48:9f:59:
f7:85:62:0c:76:e0:17:77:35:9a:89:8e:99:31:bc:04:b3:78:
a4:54:b8:44:f1:44:6b:fa:46:1f:a2:23:20:e3:ec:76:23:e0:
68:5b:6a:4d:c8:81:c5:e2:0d:14:ec:96:92:9f:d4:12:e1:96:
89:e4:6b:8e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYs5VYA6sgZUt1yJV0E4pwMPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4YzhhYTE4NzMwZjRhODNlMjg1MmM1NjkyNTUxYWJiNWIx
ZWU3ZWEwHhcNMjMxMDE2MTYzMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjg5YmRkMzIxMjMzMjE3Zjk2ZDNjZjI5OGMyMDAxY2U5ZGVmYWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEyqIhsVXeNoYDT9A7uOlNx57kt7
Y/B4nOG26WBFzKiq1Z+hW93T3tpcrnb3x9miBozEoY79FThcU93kGPUvbvR56pAY
1NtICKDaODGel/gO9i7fNSwa4vbvLQFDo1C4WMwaey/zwMfCotPc9vBisu5wmaWu
a3I1pd/1XshtGM4TcH7zAo/RtG4uSf7bRpRckwQwpaFF9RK0vUoHcgPQ2EyancER
0i/BbAO54JdGEDSuOrbegDcxkBSfNKJWUvEH0ADa1xTVSiRW5XI9pMBePE6eZ7U+
EXTjdFMkcNfHnuf3jtz3JCAJy4v/RFQ7KF4qLdzAHJIQNn5mLDHq9BuABwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMaJvdMhIzIX+W088pjCABzp3vrgMB8GA1UdIwQY
MBaAFLjIqhhzD0qD4oUsVpJVGrtbHufqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU1pcUdITVBTb1BpaFN4V2tsVWF1MXNlNS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9hOTQ5OTItNTY2Yi00YjZmLWE2ODkt
YTU3NjA0YTNmNmJiLzEveG9tOTB5RWpNaGY1YlR6eW1NSUFIT25lLXVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9hOTQ5OTItNTY2Yi00YjZmLWE2ODktYTU3NjA0YTNmNmJi
LzEvdU1pcUdITVBTb1BpaFN4V2tsVWF1MXNlNS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDWSYoAwQC
uTDAMA0EAgACMAcDBQAqAZjgMA0GCSqGSIb3DQEBCwUAA4IBAQC1KFnemm3yCWDk
cb7Nw1J6GvIkv3DOESj3gHLK01IFVoWVU5fDSAt81D/ymymjdm27tJCcCBomLkG3
+Sj2f3S5aN2NzYmpuWSHlxsogBHr2tCUmKT7rAjoKvndBZRsUYcTaovcNobfYSYb
p4Vr75HMqbWbt1yipGEkS5XsqVbTrKSGR0eYBHCPPLxbSQJ8jm2eX+Rp6ZPmvjw6
7aWdfks3Lui8Fj5grjHt0e4ZWt3DhqI5JMItpLM6RHWQ8cRRPVzIpKRIn1n3hWIM
duAXdzWaiY6ZMbwEs3ikVLhE8URr+kYfoiMg4+x2I+BoW2pNyIHF4g0U7JaSn9QS
4ZaJ5GuO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:04 2024 by rpki-client on console-fra.rpki-client.org