Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/IMRpK5G-mQnoc8wN7KSr8Apbnac.roa
File: IMRpK5G-mQnoc8wN7KSr8Apbnac.roa (raw, json)
Hash identifier: z/Er2ZZ0/vQZtYm4bcoImaqSougA/c8O8Gn3wL+wnMI=
Subject key identifier: 20:C4:69:2B:91:BE:99:09:E8:73:CC:0D:EC:A4:AB:F0:0A:5B:9D:A7
Certificate issuer: /CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
Certificate serial: 0185710BEE34D023FC7B1572F788B7D131BB
Authority key identifier: E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/IMRpK5G-mQnoc8wN7KSr8Apbnac.roa
Signing time: Mon 02 Jan 2023 05:54:45 +0000
ROA not before: Mon 02 Jan 2023 05:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35394
IP address blocks: 89.29.176.0/21 maxlen: 21
213.181.76.0/24 maxlen: 24
89.29.184.0/23 maxlen: 23
213.181.74.0/24 maxlen: 24
213.181.75.0/24 maxlen: 24
213.181.84.0/23 maxlen: 23
213.181.80.0/23 maxlen: 23
213.181.86.0/23 maxlen: 23
213.181.88.0/24 maxlen: 24
185.64.242.0/24 maxlen: 24
176.57.97.0/24 maxlen: 24
89.29.160.0/20 maxlen: 20
89.29.244.0/23 maxlen: 23
89.29.248.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0b:ee:34:d0:23:fc:7b:15:72:f7:88:b7:d1:31:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
Validity
Not Before: Jan 2 05:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20c4692b91be9909e873cc0deca4abf00a5b9da7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:f8:c3:ea:ad:18:9e:bc:c7:62:ab:a6:93:64:
f9:48:3a:45:40:a3:2e:e8:26:df:f4:02:6c:cc:56:
c1:8b:b9:33:49:cc:a4:e7:8d:87:42:0f:36:ba:55:
99:d2:27:3d:33:2c:e8:cd:76:32:ed:ee:db:38:48:
ba:99:3b:e8:42:d5:0f:83:3d:93:bd:ef:7b:92:44:
b5:93:0c:e1:6e:52:5b:5a:38:10:c8:2f:34:c5:d1:
08:18:c3:7e:71:42:60:9d:cd:d7:59:9b:7b:51:64:
64:00:62:cf:eb:ad:88:40:b2:b4:bf:2a:9f:d2:7f:
bc:96:d9:4d:95:44:98:05:d8:1e:71:72:7c:13:a9:
a2:d8:ff:67:cd:13:63:b8:67:47:f3:7f:d7:a7:d4:
d1:d6:84:93:e8:23:a7:9c:ce:a2:bc:ed:a0:c0:70:
8c:3b:e2:c7:bb:ce:e7:d2:af:69:65:88:1e:14:f0:
0c:bc:7d:1c:2e:3f:91:2e:b9:bf:bc:f4:35:89:42:
30:78:52:98:06:59:78:2e:32:50:29:88:0d:9b:0b:
a4:24:f3:c3:86:32:79:90:4e:a0:4b:05:ad:17:ef:
47:51:69:73:ba:5e:97:26:b3:55:3c:5f:b8:cc:0e:
41:2f:23:50:71:6e:40:3c:a6:93:89:8e:32:b0:3d:
2b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:C4:69:2B:91:BE:99:09:E8:73:CC:0D:EC:A4:AB:F0:0A:5B:9D:A7
X509v3 Authority Key Identifier:
keyid:E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/IMRpK5G-mQnoc8wN7KSr8Apbnac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.29.160.0-89.29.185.255
89.29.244.0/23
89.29.248.0/23
176.57.97.0/24
185.64.242.0/24
213.181.74.0-213.181.76.255
213.181.80.0/23
213.181.84.0-213.181.88.255
Signature Algorithm: sha256WithRSAEncryption
77:e3:15:22:4b:e0:78:e2:70:0a:f0:70:9c:75:2e:49:11:dc:
e3:33:a3:34:fc:b5:72:e2:15:d6:03:f4:22:50:3e:bc:72:69:
92:95:de:bd:73:5b:03:61:e3:10:58:6f:a2:8f:88:f1:73:e5:
22:11:12:17:d9:08:c8:d1:06:87:5a:84:83:80:80:80:61:42:
68:c8:3e:8d:5f:9a:0c:ba:10:8e:1a:8a:3b:20:0d:57:3a:ea:
c6:b5:11:e5:49:83:e7:7a:af:c4:89:16:00:22:d2:23:e5:6f:
ad:84:f2:bf:5e:e0:53:8b:8a:b2:bc:63:6d:aa:55:cb:6b:f8:
ec:78:c0:bc:10:62:dc:a1:56:4f:b8:61:2a:c3:4d:3f:4e:ee:
32:8e:f0:c6:64:03:e1:e4:e6:01:da:c3:2c:74:83:c7:4c:a8:
39:03:ab:27:d3:e5:8b:6b:1f:c0:8c:9b:ac:30:69:2e:eb:9e:
09:bc:11:8a:9d:91:48:08:22:65:08:5c:d0:26:0d:6d:e0:e4:
bd:18:a3:77:71:47:4e:15:a4:f8:7e:b4:a1:dd:bf:ab:ef:82:
f8:ef:f9:69:33:a1:e1:62:3c:62:31:2b:a1:cd:4f:ec:14:c2:
3b:62:1d:c5:37:01:7c:d4:95:f4:e1:aa:d2:db:2f:8a:53:11:
cd:41:44:53
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYVxC+400CP8exVy94i30TG7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MmM0MTVkMTc3NWFlOTk5M2U5MDBhNzUzNmI0NmFiMTQ0
YTlhYTIwHhcNMjMwMTAyMDU1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGM0NjkyYjkxYmU5OTA5ZTg3M2NjMGRlY2E0YWJmMDBhNWI5ZGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0fjD6q0YnrzHYqumk2T5SDpFQKMu
6Cbf9AJszFbBi7kzScyk542HQg82ulWZ0ic9MyzozXYy7e7bOEi6mTvoQtUPgz2T
ve97kkS1kwzhblJbWjgQyC80xdEIGMN+cUJgnc3XWZt7UWRkAGLP662IQLK0vyqf
0n+8ltlNlUSYBdgecXJ8E6mi2P9nzRNjuGdH83/Xp9TR1oST6COnnM6ivO2gwHCM
O+LHu87n0q9pZYgeFPAMvH0cLj+RLrm/vPQ1iUIweFKYBll4LjJQKYgNmwukJPPD
hjJ5kE6gSwWtF+9HUWlzul6XJrNVPF+4zA5BLyNQcW5APKaTiY4ysD0rXQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFCDEaSuRvpkJ6HPMDeykq/AKW52nMB8GA1UdIwQY
MBaAFOksQV0Xda6Zk+kAp1NrRqsUSpqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlN4QlhSZDFycG1UNlFDblUydEdxeFJLbXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wODk4YmUtYjAzNy00MjlmLWI1MDQt
MWQ5MzRhMDQ4NDc0LzEvSU1ScEs1Ry1tUW5vYzh3TjdLU3I4QXBibmFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wODk4YmUtYjAzNy00MjlmLWI1MDQtMWQ5MzRhMDQ4NDc0
LzEvNlN4QlhSZDFycG1UNlFDblUydEdxeFJLbXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIMAwDBAVZHaAD
BAFZHbgDBAFZHfQDBAFZHfgDBACwOWEDBAC5QPIwDAMEAdW1SgMEANW1TAMEAdW1
UDAMAwQC1bVUAwQA1bVYMA0GCSqGSIb3DQEBCwUAA4IBAQB34xUiS+B44nAK8HCc
dS5JEdzjM6M0/LVy4hXWA/QiUD68cmmSld69c1sDYeMQWG+ij4jxc+UiERIX2QjI
0QaHWoSDgICAYUJoyD6NX5oMuhCOGoo7IA1XOurGtRHlSYPneq/EiRYAItIj5W+t
hPK/XuBTi4qyvGNtqlXLa/jseMC8EGLcoVZPuGEqw00/Tu4yjvDGZAPh5OYB2sMs
dIPHTKg5A6sn0+WLax/AjJusMGku654JvBGKnZFICCJlCFzQJg1t4OS9GKN3cUdO
FaT4frSh3b+r74L47/lpM6HhYjxiMSuhzU/sFMI7Yh3FNwF81JX04arS2y+KUxHN
QURT
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:43 2024 by rpki-client on console-fra.rpki-client.org