Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/w67dvQvv2J_0BH7s8mcYzXmeshg.roa
File: w67dvQvv2J_0BH7s8mcYzXmeshg.roa (raw, json)
Hash identifier: x9tP36ETwq2+WoVVgPG/VhjHEuylqZEpcDDQOvJqfw8=
Subject key identifier: C3:AE:DD:BD:0B:EF:D8:9F:F4:04:7E:EC:F2:67:18:CD:79:9E:B2:18
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 0185718C32DCEE638F3D69D9018EF22AD44C
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/w67dvQvv2J_0BH7s8mcYzXmeshg.roa
Signing time: Mon 02 Jan 2023 08:14:51 +0000
ROA not before: Mon 02 Jan 2023 08:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207141
IP address blocks: 89.44.240.0/22 maxlen: 22
89.44.240.0/24 maxlen: 24
89.44.241.0/24 maxlen: 24
89.44.243.0/24 maxlen: 24
89.44.242.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Jul 2023 22:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:32:dc:ee:63:8f:3d:69:d9:01:8e:f2:2a:d4:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jan 2 08:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c3aeddbd0befd89ff4047eecf26718cd799eb218
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6c:47:90:01:9e:6c:83:2c:25:34:e5:39:9b:
e4:5d:c2:3a:80:b9:94:70:17:59:6b:b4:01:99:ff:
b0:96:36:9a:2b:1b:78:58:25:d5:e1:bc:e5:60:6f:
d8:c3:fd:e0:85:5a:96:c4:07:30:e0:2d:91:4b:3b:
c8:03:21:52:ef:c7:41:6f:a4:47:0f:00:65:7f:32:
9d:fa:ea:a3:4b:dc:ac:41:70:8e:d4:3e:96:4e:52:
07:c6:31:ac:4b:06:7b:8a:75:82:a9:7c:0e:ad:68:
5d:61:13:73:26:20:b1:0f:96:1b:31:b4:41:79:0c:
3a:9d:ae:b5:bb:5b:f5:54:c5:37:87:16:ec:96:74:
1d:57:ea:5f:54:04:ba:b0:b1:50:ef:52:8a:b5:08:
7c:26:4b:1b:31:2c:46:6c:0e:d3:57:55:87:d8:bf:
50:94:57:65:c0:d4:3a:3a:a5:d2:0b:96:c5:5b:07:
1e:6d:1d:75:44:02:01:6f:b0:4a:10:05:ce:86:9f:
35:95:e2:6f:a8:0e:f4:a5:83:b1:14:bb:f6:7e:29:
dc:d0:74:5d:5d:eb:94:f4:f0:4b:21:4b:00:18:8d:
f9:d0:ea:b7:ed:0d:fd:b5:2a:27:f4:ca:6c:20:d1:
31:49:75:1d:27:f9:bb:b8:22:4d:6a:7e:a1:b4:75:
fc:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:AE:DD:BD:0B:EF:D8:9F:F4:04:7E:EC:F2:67:18:CD:79:9E:B2:18
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/w67dvQvv2J_0BH7s8mcYzXmeshg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.240.0/22
Signature Algorithm: sha256WithRSAEncryption
98:27:1d:2d:22:f4:f6:9f:d6:40:97:00:eb:f9:91:43:11:49:
ac:6f:ce:92:e9:14:ca:a0:23:81:2f:5b:d6:5d:48:79:40:0c:
24:d7:08:b9:7e:a5:0a:8f:5d:9a:7b:40:0c:84:25:e4:65:38:
2e:18:bc:c3:d0:97:db:a0:75:55:29:b6:ab:f8:5b:e1:d5:46:
f5:60:e4:a8:96:44:a5:b6:c8:0d:0d:4f:2a:0c:88:35:8e:c7:
96:c4:3e:8f:b4:20:e6:5d:25:ec:be:99:b9:70:38:99:44:9c:
02:e0:2c:eb:29:8f:64:b6:c1:de:6a:65:22:40:69:99:b5:21:
7f:8c:eb:c4:de:1d:6f:f3:2a:4f:b1:a5:a9:03:d7:00:18:bf:
d1:0f:cd:48:af:6d:fb:7b:07:46:40:19:89:2c:60:1e:8a:21:
1b:63:38:04:1c:8b:88:a5:58:df:5e:a1:0f:2a:dc:23:83:5a:
29:b6:69:0c:06:25:bd:06:59:f5:da:1d:36:b1:ba:d1:c3:ff:
9a:12:78:8d:2b:28:d1:02:b5:cf:e1:8f:1b:c8:2f:51:3d:75:
60:ec:91:40:9e:d6:f4:2d:df:e0:fd:d6:9b:44:41:4d:15:71:
ce:4e:df:4a:67:82:59:07:14:b6:60:c2:c0:ab:2f:d0:57:cd:
a9:0d:5b:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxjDLc7mOPPWnZAY7yKtRMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMwMTAyMDgxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2FlZGRiZDBiZWZkODlmZjQwNDdlZWNmMjY3MThjZDc5OWViMjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWxHkAGebIMsJTTlOZvkXcI6gLmU
cBdZa7QBmf+wljaaKxt4WCXV4bzlYG/Yw/3ghVqWxAcw4C2RSzvIAyFS78dBb6RH
DwBlfzKd+uqjS9ysQXCO1D6WTlIHxjGsSwZ7inWCqXwOrWhdYRNzJiCxD5YbMbRB
eQw6na61u1v1VMU3hxbslnQdV+pfVAS6sLFQ71KKtQh8JksbMSxGbA7TV1WH2L9Q
lFdlwNQ6OqXSC5bFWwcebR11RAIBb7BKEAXOhp81leJvqA70pYOxFLv2finc0HRd
XeuU9PBLIUsAGI350Oq37Q39tSon9MpsINExSXUdJ/m7uCJNan6htHX8IQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMOu3b0L79if9AR+7PJnGM15nrIYMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvdzY3ZHZRdnYySl8wQkg3czhtY1l6WG1lc2hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWSzwMA0G
CSqGSIb3DQEBCwUAA4IBAQCYJx0tIvT2n9ZAlwDr+ZFDEUmsb86S6RTKoCOBL1vW
XUh5QAwk1wi5fqUKj12ae0AMhCXkZTguGLzD0JfboHVVKbar+Fvh1Ub1YOSolkSl
tsgNDU8qDIg1jseWxD6PtCDmXSXsvpm5cDiZRJwC4CzrKY9ktsHeamUiQGmZtSF/
jOvE3h1v8ypPsaWpA9cAGL/RD81Ir237ewdGQBmJLGAeiiEbYzgEHIuIpVjfXqEP
Ktwjg1optmkMBiW9Bln12h02sbrRw/+aEniNKyjRArXP4Y8byC9RPXVg7JFAntb0
Ld/g/dabREFNFXHOTt9KZ4JZBxS2YMLAqy/QV82pDVtD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:49 2024 by rpki-client on console-ams.rpki-client.org