Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/v7D0V0UPoP3hwVG5j82orzV6tCY.roa
File: v7D0V0UPoP3hwVG5j82orzV6tCY.roa (raw, json)
Hash identifier: hkmCCBD9U7Fb+tkyUKRz84Vzu6Rds5x5FCwSlV1QvmM=
Subject key identifier: BF:B0:F4:57:45:0F:A0:FD:E1:C1:51:B9:8F:CD:A8:AF:35:7A:B4:26
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 0190D9A0E6BEA4E776A43F206177A258A327
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/v7D0V0UPoP3hwVG5j82orzV6tCY.roa
Signing time: Mon 22 Jul 2024 08:48:38 +0000
ROA not before: Mon 22 Jul 2024 08:48:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200436
IP address blocks: 89.42.44.0/24 maxlen: 24
89.42.45.0/24 maxlen: 24
89.42.46.0/24 maxlen: 24
185.3.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 27 Jul 2024 08:44:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:d9:a0:e6:be:a4:e7:76:a4:3f:20:61:77:a2:58:a3:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jul 22 08:48:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bfb0f457450fa0fde1c151b98fcda8af357ab426
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f7:eb:f6:4d:da:9e:16:81:19:da:74:f1:6c:
86:f1:60:54:b4:cb:06:0b:d0:c0:75:7b:8b:5b:92:
52:a7:f3:72:3e:ca:bd:92:0b:7e:89:3b:e4:a8:ff:
13:14:e6:09:b8:e1:19:8f:4b:c0:2b:4b:1e:f2:9a:
11:ad:25:c8:50:a9:7d:43:dc:00:7a:ba:49:b1:87:
ad:8d:0e:ea:88:71:05:c9:32:f6:c9:6f:2b:a4:d7:
18:78:4b:46:86:69:11:f8:bc:fb:ec:32:6c:9e:1c:
d3:99:54:0e:ff:a5:8c:73:77:97:20:fe:03:0a:cd:
34:bd:f7:7f:8a:5e:d2:5a:67:30:1f:fb:d6:11:27:
b2:88:17:51:7b:1d:65:ee:a5:ed:94:55:0e:fc:b0:
28:ad:91:8f:3b:40:5e:e4:9c:a9:3b:05:a0:c3:52:
24:d7:87:fc:6a:e6:cf:7c:51:86:b7:9b:49:ac:eb:
76:8a:82:b6:2e:a7:73:78:d4:fe:36:b6:4e:8d:26:
c7:1e:87:ae:d0:8b:0c:8c:67:50:c4:9d:a0:f1:c7:
b6:46:f8:85:ea:77:3e:75:2b:24:14:d1:6d:2d:64:
29:04:94:d5:b6:dc:05:51:78:4a:37:90:ae:92:1e:
2a:ca:a9:4c:82:6b:b1:01:fb:82:20:f1:10:d8:1d:
ec:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:B0:F4:57:45:0F:A0:FD:E1:C1:51:B9:8F:CD:A8:AF:35:7A:B4:26
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/v7D0V0UPoP3hwVG5j82orzV6tCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.44.0-89.42.46.255
185.3.200.0/24
Signature Algorithm: sha256WithRSAEncryption
48:bd:5f:06:00:4e:81:9e:c4:75:e8:22:88:f3:63:5f:41:a5:
39:94:e0:f7:d1:c7:d9:0f:71:c9:ff:5f:e3:ca:9a:f4:d1:2f:
6a:32:95:ee:28:87:e8:8a:61:c9:87:4c:8a:67:ab:d3:e6:f6:
f9:4c:83:ca:cb:5a:b2:31:fe:1d:d0:e0:c0:7c:1f:c8:d5:54:
e3:4d:cd:11:77:8d:c0:c5:14:80:24:87:ec:40:98:33:f9:09:
f8:74:5a:f1:20:36:c8:92:e5:99:69:f5:00:dd:69:d4:66:3e:
ac:54:5d:19:ac:68:c0:9d:d9:67:27:55:53:40:c2:77:b1:5e:
26:a0:97:6e:10:83:31:bd:c0:ca:e6:5a:26:8d:69:4c:6d:e6:
8a:2d:91:0d:77:19:27:5e:2d:df:7d:5b:2c:c0:0d:3d:a4:3a:
fd:87:62:11:bf:ad:5f:84:56:53:fd:2d:f6:9d:ae:95:17:04:
87:fe:09:8b:35:e2:08:0d:63:62:08:da:ac:39:b4:a0:c0:b0:
3f:0c:82:94:89:d9:a6:f9:d2:24:db:d8:06:9c:f3:af:50:29:
49:83:2d:60:8a:35:7a:fb:6f:78:51:a5:16:0e:bf:0a:b6:e8:
4e:7f:f9:f4:39:18:d6:3d:88:2e:35:a2:8c:f7:4d:6a:59:a4:
94:46:e0:d1
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZDZoOa+pOd2pD8gYXeiWKMnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQwNzIyMDg0ODM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmIwZjQ1NzQ1MGZhMGZkZTFjMTUxYjk4ZmNkYThhZjM1N2FiNDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPfr9k3anhaBGdp08WyG8WBUtMsG
C9DAdXuLW5JSp/NyPsq9kgt+iTvkqP8TFOYJuOEZj0vAK0se8poRrSXIUKl9Q9wA
erpJsYetjQ7qiHEFyTL2yW8rpNcYeEtGhmkR+Lz77DJsnhzTmVQO/6WMc3eXIP4D
Cs00vfd/il7SWmcwH/vWESeyiBdRex1l7qXtlFUO/LAorZGPO0Be5JypOwWgw1Ik
14f8aubPfFGGt5tJrOt2ioK2LqdzeNT+NrZOjSbHHoeu0IsMjGdQxJ2g8ce2RviF
6nc+dSskFNFtLWQpBJTVttwFUXhKN5Cukh4qyqlMgmuxAfuCIPEQ2B3sIQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFL+w9FdFD6D94cFRuY/NqK81erQmMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvdjdEMFYwVVBvUDNod1ZHNWo4Mm9yelY2dENZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAJZKiwD
BABZKi4DBAC5A8gwDQYJKoZIhvcNAQELBQADggEBAEi9XwYAToGexHXoIojzY19B
pTmU4PfRx9kPccn/X+PKmvTRL2oyle4oh+iKYcmHTIpnq9Pm9vlMg8rLWrIx/h3Q
4MB8H8jVVONNzRF3jcDFFIAkh+xAmDP5Cfh0WvEgNsiS5Zlp9QDdadRmPqxUXRms
aMCd2WcnVVNAwnexXiagl24QgzG9wMrmWiaNaUxt5ootkQ13GSdeLd99WyzADT2k
Ov2HYhG/rV+EVlP9LfadrpUXBIf+CYs14ggNY2II2qw5tKDAsD8MgpSJ2ab50iTb
2Aac869QKUmDLWCKNXr7b3hRpRYOvwq26E5/+fQ5GNY9iC41ooz3TWpZpJRG4NE=
-----END CERTIFICATE-----
Generated at Sat Jul 27 09:48:36 2024 by rpki-client on console-fra.rpki-client.org