Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/AM7BTWRcdcxWdQa6otcs5Toct7M.roa
File: AM7BTWRcdcxWdQa6otcs5Toct7M.roa (raw, json)
Hash identifier: g1vBkVzJASSIFOJ8J3ghYFhQL1ol9usrSDPT5+wn7Qk=
Subject key identifier: 00:CE:C1:4D:64:5C:75:CC:56:75:06:BA:A2:D7:2C:E5:3A:1C:B7:B3
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 018AFA16447FDAD0D279E56B73132F6AB8F8
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/AM7BTWRcdcxWdQa6otcs5Toct7M.roa
Signing time: Wed 04 Oct 2023 09:47:57 +0000
ROA not before: Wed 04 Oct 2023 09:47:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48359
IP address blocks: 89.44.240.0/24 maxlen: 24
89.42.44.0/22 maxlen: 22
45.94.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 07 Oct 2023 08:16:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fa:16:44:7f:da:d0:d2:79:e5:6b:73:13:2f:6a:b8:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Oct 4 09:47:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00cec14d645c75cc567506baa2d72ce53a1cb7b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f0:40:52:db:20:a4:b4:f0:6d:44:48:2f:23:
50:08:e3:95:b6:d8:e5:dd:45:7d:3b:83:45:19:1a:
f7:34:08:b8:0e:92:d2:99:72:f6:61:3e:61:3c:0c:
50:7e:48:a7:ad:21:4f:64:e6:35:60:82:20:ca:54:
67:64:e3:0b:0d:a8:be:39:af:a5:e7:9f:4a:e3:7f:
c1:1e:72:a7:f5:0c:49:b1:43:63:35:d4:2d:27:47:
9a:d3:26:8f:af:e6:35:c7:d2:34:fe:6a:f1:60:65:
91:e4:f0:e3:bd:a9:b9:a8:0a:eb:4e:23:01:d0:f1:
59:28:9c:c0:ac:1d:e4:94:7a:e6:61:20:ef:11:66:
23:ad:91:5d:49:b1:04:4f:c6:d6:5b:92:f8:5e:15:
4e:44:32:0e:ad:b7:70:45:4c:d0:3a:b1:3c:14:a3:
1b:d9:e3:12:d7:38:57:ae:64:4b:0b:5a:e7:6a:cc:
78:af:22:41:d2:98:51:41:ae:ae:bb:35:8a:68:5b:
44:4a:48:10:2e:29:c5:00:bd:0a:4a:b5:94:0c:b0:
aa:75:da:b3:b3:0a:9b:66:5d:24:5f:d4:9d:e9:da:
d7:a2:56:2b:5c:66:6b:90:86:08:17:7d:df:7a:b8:
65:0c:92:19:6e:f0:22:d7:69:82:70:74:6a:4c:44:
58:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:CE:C1:4D:64:5C:75:CC:56:75:06:BA:A2:D7:2C:E5:3A:1C:B7:B3
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/AM7BTWRcdcxWdQa6otcs5Toct7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.214.0/24
89.42.44.0/22
89.44.240.0/24
Signature Algorithm: sha256WithRSAEncryption
62:6d:ee:14:67:5d:de:54:4d:58:11:6a:b5:a8:af:6a:40:83:
d1:93:8a:21:b7:5b:b1:ee:9e:10:47:55:5c:ff:4b:02:55:76:
56:70:d7:8b:08:d8:37:8d:f1:b8:23:97:a3:2e:b3:de:3b:32:
30:89:da:e1:c3:62:b7:fe:24:16:53:92:9f:b6:19:fe:33:c8:
5e:99:4e:cf:49:92:10:d6:ba:8a:b1:8d:30:52:33:df:d9:58:
6c:0a:99:39:5d:cc:41:44:0f:2e:5e:08:2d:f8:96:ec:7e:ce:
23:9d:8f:7a:7b:48:0e:df:fd:4a:1f:b2:8b:6d:8d:67:27:55:
aa:f3:7f:73:f5:98:65:a9:08:a5:40:e8:8a:63:4b:37:9c:26:
3e:ab:3a:b8:fc:b3:f4:1b:2e:07:f0:8f:47:a0:4c:39:ae:2e:
1e:12:11:fb:d2:e7:08:c2:b4:2e:11:25:2d:b8:79:63:57:83:
61:dc:ad:db:5a:d5:cb:6c:30:73:19:2b:e9:0b:4e:69:c2:8c:
40:5c:bf:7c:8b:7a:72:9a:2d:7c:9f:df:0f:08:64:16:b0:ed:
8d:ca:c2:3b:0c:ac:e5:a9:cc:90:5c:47:4c:c9:5d:68:af:8c:
02:4f:e8:12:06:40:34:6c:21:7b:81:75:dd:e3:05:0c:12:3e:
09:94:0e:9c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYr6FkR/2tDSeeVrcxMvarj4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMxMDA0MDk0NzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGNlYzE0ZDY0NWM3NWNjNTY3NTA2YmFhMmQ3MmNlNTNhMWNiN2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfBAUtsgpLTwbURILyNQCOOVttjl
3UV9O4NFGRr3NAi4DpLSmXL2YT5hPAxQfkinrSFPZOY1YIIgylRnZOMLDai+Oa+l
559K43/BHnKn9QxJsUNjNdQtJ0ea0yaPr+Y1x9I0/mrxYGWR5PDjvam5qArrTiMB
0PFZKJzArB3klHrmYSDvEWYjrZFdSbEET8bWW5L4XhVORDIOrbdwRUzQOrE8FKMb
2eMS1zhXrmRLC1rnasx4ryJB0phRQa6uuzWKaFtESkgQLinFAL0KSrWUDLCqddqz
swqbZl0kX9Sd6drXolYrXGZrkIYIF33ferhlDJIZbvAi12mCcHRqTERYiQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFADOwU1kXHXMVnUGuqLXLOU6HLezMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvQU03QlRXUmNkY3hXZFFhNm90Y3M1VG9jdDdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALV7WAwQC
WSosAwQAWSzwMA0GCSqGSIb3DQEBCwUAA4IBAQBibe4UZ13eVE1YEWq1qK9qQIPR
k4oht1ux7p4QR1Vc/0sCVXZWcNeLCNg3jfG4I5ejLrPeOzIwidrhw2K3/iQWU5Kf
thn+M8hemU7PSZIQ1rqKsY0wUjPf2VhsCpk5XcxBRA8uXggt+Jbsfs4jnY96e0gO
3/1KH7KLbY1nJ1Wq839z9ZhlqQilQOiKY0s3nCY+qzq4/LP0Gy4H8I9HoEw5ri4e
EhH70ucIwrQuESUtuHljV4Nh3K3bWtXLbDBzGSvpC05pwoxAXL98i3pymi18n98P
CGQWsO2NysI7DKzlqcyQXEdMyV1or4wCT+gSBkA0bCF7gXXd4wUMEj4JlA6c
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:51 2024 by rpki-client on console-fra.rpki-client.org