Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/F9QAKz5DmphyHJzS3oz6AdRHgr4.roa
File: F9QAKz5DmphyHJzS3oz6AdRHgr4.roa (raw, json)
Hash identifier: TzpDN/FxuTdc03BB3iNUglnot3IaoxQsLmmKh3QS87w=
Subject key identifier: 17:D4:00:2B:3E:43:9A:98:72:1C:9C:D2:DE:8C:FA:01:D4:47:82:BE
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 018AF9C61820D409CDEFA912D33E159720DF
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/F9QAKz5DmphyHJzS3oz6AdRHgr4.roa
Signing time: Wed 04 Oct 2023 08:20:23 +0000
ROA not before: Wed 04 Oct 2023 08:20:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48359
IP address blocks: 89.44.240.0/24 maxlen: 24
89.42.44.0/22 maxlen: 22
45.94.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Oct 2023 09:46:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f9:c6:18:20:d4:09:cd:ef:a9:12:d3:3e:15:97:20:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Oct 4 08:20:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17d4002b3e439a98721c9cd2de8cfa01d44782be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:88:d9:01:27:7e:fb:dc:bf:17:ce:76:a4:87:
bb:df:68:d5:4f:84:1c:d7:71:c5:0b:34:bf:60:fa:
35:78:61:ef:e8:62:31:30:82:0b:b2:51:18:32:4b:
5e:28:59:ee:f2:a4:5c:90:2d:5d:13:c6:d4:3a:e8:
ef:99:41:39:7c:cd:6d:f9:df:51:fa:8b:94:d4:bc:
48:2c:53:3d:7f:d5:63:7b:9a:58:61:e7:6b:79:92:
a7:d7:0d:ee:5e:19:1b:07:56:b7:f9:56:c6:0c:6b:
3e:69:e0:7c:9a:3a:e7:87:dc:a3:77:44:26:72:24:
d7:5a:02:71:95:90:45:aa:3c:76:12:14:55:3b:55:
bc:79:dd:cf:69:ef:72:cf:5b:15:34:33:db:85:02:
1c:96:bb:f7:0d:18:3f:9b:e0:c3:6e:7e:91:55:5c:
dc:21:c8:fd:d9:c6:32:eb:7f:3d:e5:40:4e:9c:07:
b4:a1:6a:ae:88:4a:97:18:db:fc:b5:d0:e1:0b:a7:
33:cd:0c:62:fc:4e:f8:62:9d:55:11:7b:1f:89:e9:
03:5a:52:c8:73:d8:76:ed:09:11:a7:5c:91:5d:56:
8e:f6:87:8e:d0:fa:4f:87:36:ea:d8:96:be:f0:76:
9e:b4:e9:12:aa:bd:33:1b:98:e8:40:7f:c8:28:a4:
99:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:D4:00:2B:3E:43:9A:98:72:1C:9C:D2:DE:8C:FA:01:D4:47:82:BE
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/F9QAKz5DmphyHJzS3oz6AdRHgr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.214.0/24
89.42.44.0/22
89.44.240.0/24
Signature Algorithm: sha256WithRSAEncryption
93:95:30:70:12:36:22:da:29:ab:1c:05:df:3a:ef:ee:2d:98:
e1:56:f2:5c:39:f4:8a:a5:68:ec:eb:1e:51:22:37:4f:60:15:
68:73:01:ea:b7:83:aa:06:e5:06:b0:7c:38:55:54:26:b4:ee:
38:1f:db:92:02:55:67:9e:e7:36:93:69:44:f1:15:fc:f8:7d:
36:74:4b:f4:13:e4:81:f0:8a:02:10:fe:42:24:2f:ea:ef:37:
f8:dc:8f:69:fa:73:c2:d1:04:19:09:08:72:56:c9:c1:60:05:
24:04:cc:40:fd:d6:ac:6d:52:e0:9c:16:b4:c9:06:da:93:c0:
8d:f6:5f:8c:ae:e6:dd:4c:c1:df:bb:7f:4a:8a:bf:95:8d:dc:
3d:07:07:ac:46:f0:1e:1e:36:80:7a:84:97:c3:7e:d4:7d:39:
01:e7:af:d2:a6:87:7f:ed:af:95:41:22:01:10:e9:a4:d3:43:
47:ff:c4:d2:2d:31:95:97:84:d5:61:63:2a:a9:e9:8a:85:ec:
8f:00:4c:5d:60:d7:76:95:f4:b4:4b:1d:0a:7e:43:b8:65:50:
64:45:a6:ce:24:43:05:7f:50:e7:19:3a:8d:56:b2:e7:bc:07:
95:e4:72:4f:77:8a:77:75:9c:e5:3f:ab:91:e1:ee:33:c3:49:
fb:a9:f8:3b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYr5xhgg1AnN76kS0z4VlyDfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMxMDA0MDgyMDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2Q0MDAyYjNlNDM5YTk4NzIxYzljZDJkZThjZmEwMWQ0NDc4MmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYjZASd++9y/F852pIe732jVT4Qc
13HFCzS/YPo1eGHv6GIxMIILslEYMkteKFnu8qRckC1dE8bUOujvmUE5fM1t+d9R
+ouU1LxILFM9f9Vje5pYYedreZKn1w3uXhkbB1a3+VbGDGs+aeB8mjrnh9yjd0Qm
ciTXWgJxlZBFqjx2EhRVO1W8ed3Pae9yz1sVNDPbhQIclrv3DRg/m+DDbn6RVVzc
Icj92cYy63895UBOnAe0oWquiEqXGNv8tdDhC6czzQxi/E74Yp1VEXsfiekDWlLI
c9h27QkRp1yRXVaO9oeO0PpPhzbq2Ja+8HaetOkSqr0zG5joQH/IKKSZOwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBfUACs+Q5qYchyc0t6M+gHUR4K+MB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvRjlRQUt6NURtcGh5SEp6UzNvejZBZFJIZ3I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALV7WAwQC
WSosAwQAWSzwMA0GCSqGSIb3DQEBCwUAA4IBAQCTlTBwEjYi2imrHAXfOu/uLZjh
VvJcOfSKpWjs6x5RIjdPYBVocwHqt4OqBuUGsHw4VVQmtO44H9uSAlVnnuc2k2lE
8RX8+H02dEv0E+SB8IoCEP5CJC/q7zf43I9p+nPC0QQZCQhyVsnBYAUkBMxA/das
bVLgnBa0yQbak8CN9l+MrubdTMHfu39Kir+Vjdw9BwesRvAeHjaAeoSXw37UfTkB
56/Spod/7a+VQSIBEOmk00NH/8TSLTGVl4TVYWMqqemKheyPAExdYNd2lfS0Sx0K
fkO4ZVBkRabOJEMFf1DnGTqNVrLnvAeV5HJPd4p3dZzlP6uR4e4zw0n7qfg7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:49 2024 by rpki-client on console-ams.rpki-client.org