Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/a90a_djZkHPuXI81Y0yDe3VHKYc.roa
File: a90a_djZkHPuXI81Y0yDe3VHKYc.roa (raw, json)
Hash identifier: CUowfmUzCVVU8CY+YzgFMAiedpEW50hIiAviweGAjy0=
Subject key identifier: 6B:DD:1A:FD:D8:D9:90:73:EE:5C:8F:35:63:4C:83:7B:75:47:29:87
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 019118CB570632241E672D322F59E2E248CC
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/a90a_djZkHPuXI81Y0yDe3VHKYc.roa
Signing time: Sat 03 Aug 2024 15:11:04 +0000
ROA not before: Sat 03 Aug 2024 15:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200436
IP address blocks: 89.42.44.0/24 maxlen: 24
89.42.45.0/24 maxlen: 24
89.42.46.0/24 maxlen: 24
185.3.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 19 Oct 2024 09:12:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:18:cb:57:06:32:24:1e:67:2d:32:2f:59:e2:e2:48:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Aug 3 15:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6bdd1afdd8d99073ee5c8f35634c837b75472987
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:94:e6:35:76:7a:7c:87:3e:56:7a:66:68:ec:
19:b3:85:55:b5:ce:b7:a4:fe:2d:eb:27:d2:1f:6f:
ec:56:9d:0a:22:49:90:50:10:0d:e9:c3:0d:52:3c:
a5:b6:aa:36:4a:f5:1b:6d:5d:aa:cf:65:29:27:9c:
cb:51:15:e4:1a:f0:fc:fd:4a:98:97:d0:ca:13:98:
9e:62:74:fc:3f:59:99:d4:65:36:ca:ec:a1:94:92:
a8:d5:0a:8e:64:a2:6c:07:48:84:33:61:f0:4a:3a:
67:8f:31:2c:3c:dc:ff:d6:2a:50:b3:74:8d:48:23:
2c:42:6c:c5:53:e5:05:11:fa:ba:77:9b:e0:72:c5:
65:71:45:e1:ed:22:cd:b3:0a:f7:b1:08:e3:fb:2e:
ed:ab:ee:df:8f:e9:d0:d7:32:5a:5f:78:b2:93:51:
53:19:93:96:55:0e:1a:f5:fd:4f:02:6a:91:6c:79:
ef:3d:95:46:88:cc:25:fb:2e:61:2d:93:6c:2f:31:
8f:74:67:2e:74:8f:4b:99:0a:e5:7b:53:73:09:f1:
bf:9c:2a:e6:08:3c:84:db:34:12:31:db:c3:c3:11:
a0:3f:7b:11:d7:c8:5a:aa:ed:28:04:0e:db:53:00:
52:28:a4:d6:4b:9c:45:04:ac:f7:de:b7:3f:2e:4e:
3c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:DD:1A:FD:D8:D9:90:73:EE:5C:8F:35:63:4C:83:7B:75:47:29:87
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/a90a_djZkHPuXI81Y0yDe3VHKYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.44.0-89.42.46.255
185.3.200.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:d8:49:0c:39:3e:14:b5:86:3c:45:8d:bd:d5:12:70:6e:15:
cd:91:95:7c:aa:c6:c2:72:7c:14:35:3a:67:7d:29:a1:26:fb:
6d:16:8b:4e:85:aa:07:ca:f1:01:c1:0e:26:b4:68:47:98:a6:
83:58:8f:f2:92:32:ce:00:0c:18:f5:58:21:0c:2f:3f:d6:c9:
f4:7d:81:4f:e1:7a:31:25:4d:fc:f9:47:6d:fe:df:82:8c:3d:
d5:db:15:24:5b:73:9d:b5:ab:0e:89:1b:72:d2:6e:b4:50:01:
a5:90:3a:67:5e:d5:77:da:66:1a:61:3e:70:b3:11:f0:54:ce:
6b:8d:2a:99:2f:fd:fc:9a:a8:db:e3:e4:e9:fd:4d:00:63:a7:
30:ad:d3:9b:e9:c0:c4:5d:e2:cc:6a:b5:5c:06:e4:2b:b9:44:
60:2f:86:68:da:69:e1:3a:10:cf:18:d8:2a:7d:31:f8:dc:62:
80:9c:eb:2d:be:9e:7d:47:f3:16:74:3d:7b:55:b0:17:b9:35:
c9:0d:3f:fc:4a:76:36:df:5a:1f:3b:b1:5e:19:20:cf:41:46:
21:73:f3:c1:d2:6b:d7:cf:a2:99:fc:23:98:4a:82:3b:88:da:
25:9c:5d:15:0b:c9:70:2b:28:41:ea:d7:73:e3:75:43:94:cd:
b9:f2:40:f6
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZEYy1cGMiQeZy0yL1ni4kjMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQwODAzMTUxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmRkMWFmZGQ4ZDk5MDczZWU1YzhmMzU2MzRjODM3Yjc1NDcyOTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZTmNXZ6fIc+VnpmaOwZs4VVtc63
pP4t6yfSH2/sVp0KIkmQUBAN6cMNUjyltqo2SvUbbV2qz2UpJ5zLURXkGvD8/UqY
l9DKE5ieYnT8P1mZ1GU2yuyhlJKo1QqOZKJsB0iEM2HwSjpnjzEsPNz/1ipQs3SN
SCMsQmzFU+UFEfq6d5vgcsVlcUXh7SLNswr3sQjj+y7tq+7fj+nQ1zJaX3iyk1FT
GZOWVQ4a9f1PAmqRbHnvPZVGiMwl+y5hLZNsLzGPdGcudI9LmQrle1NzCfG/nCrm
CDyE2zQSMdvDwxGgP3sR18haqu0oBA7bUwBSKKTWS5xFBKz33rc/Lk487wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGvdGv3Y2ZBz7lyPNWNMg3t1RymHMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvYTkwYV9kalprSFB1WEk4MVkweURlM1ZIS1ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAJZKiwD
BABZKi4DBAC5A8gwDQYJKoZIhvcNAQELBQADggEBAI3YSQw5PhS1hjxFjb3VEnBu
Fc2RlXyqxsJyfBQ1Omd9KaEm+20Wi06FqgfK8QHBDia0aEeYpoNYj/KSMs4ADBj1
WCEMLz/WyfR9gU/hejElTfz5R23+34KMPdXbFSRbc521qw6JG3LSbrRQAaWQOmde
1XfaZhphPnCzEfBUzmuNKpkv/fyaqNvj5On9TQBjpzCt05vpwMRd4sxqtVwG5Cu5
RGAvhmjaaeE6EM8Y2Cp9MfjcYoCc6y2+nn1H8xZ0PXtVsBe5NckNP/xKdjbfWh87
sV4ZIM9BRiFz88HSa9fPopn8I5hKgjuI2iWcXRULyXArKEHq13PjdUOUzbnyQPY=
-----END CERTIFICATE-----
Generated at Sat Oct 19 10:24:28 2024 by rpki-client on console-ams.rpki-client.org