Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/738179-cf67-4199-b532-2fb2958ab8bb/1/RoGE0rsEdlc6vVEKwR_k49etgQM.roa
File: RoGE0rsEdlc6vVEKwR_k49etgQM.roa (raw, json)
Hash identifier: Ltjo0lXueQ5A5p8uLGv4uUGG1xtx4ZKs1roDfPM8c1w=
Subject key identifier: 46:81:84:D2:BB:04:76:57:3A:BD:51:0A:C1:1F:E4:E3:D7:AD:81:03
Certificate issuer: /CN=07a32999c47eb31d5fbf16ecc3872eaefd43bad7
Certificate serial: 018AF4AA3C8474BFB8269175FBA68D76E88B
Authority key identifier: 07:A3:29:99:C4:7E:B3:1D:5F:BF:16:EC:C3:87:2E:AE:FD:43:BA:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B6MpmcR-sx1fvxbsw4curv1Dutc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/738179-cf67-4199-b532-2fb2958ab8bb/1/RoGE0rsEdlc6vVEKwR_k49etgQM.roa
Signing time: Tue 03 Oct 2023 08:31:51 +0000
ROA not before: Tue 03 Oct 2023 08:31:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34914
IP address blocks: 89.222.34.0/23 maxlen: 23
89.222.32.0/23 maxlen: 23
89.222.2.0/23 maxlen: 23
89.222.0.0/17 maxlen: 24
89.222.0.0/19 maxlen: 19
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f4:aa:3c:84:74:bf:b8:26:91:75:fb:a6:8d:76:e8:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07a32999c47eb31d5fbf16ecc3872eaefd43bad7
Validity
Not Before: Oct 3 08:31:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=468184d2bb0476573abd510ac11fe4e3d7ad8103
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:61:74:41:b5:cc:0a:9c:8c:cf:bb:c3:ae:fc:
c8:62:9d:70:a7:05:aa:4d:fd:0b:f0:89:21:7a:f3:
08:29:9d:50:ac:57:56:61:cc:98:53:6a:de:6a:2f:
c0:f1:cf:f9:67:d0:af:27:74:e5:35:61:38:a6:ce:
1f:d7:63:78:d1:8c:39:a8:b9:0a:e7:f7:a6:65:96:
2e:13:6d:12:9a:aa:dc:07:49:bc:3f:19:b8:35:73:
f4:27:a3:d2:9b:87:ea:55:53:9e:46:89:58:ff:a4:
04:ff:a5:15:de:bb:bc:c9:43:f1:bd:18:d3:c2:ab:
e6:b1:9d:8d:87:47:c5:5d:99:55:d4:2a:80:dd:63:
72:9a:79:be:f7:5f:55:2e:8b:de:db:08:81:53:16:
0b:e6:79:08:2b:3b:1f:fb:5e:04:a9:98:3c:32:24:
94:fe:2e:7d:50:25:37:3c:b9:7b:b4:ca:dc:4a:72:
ce:a1:8d:af:d4:64:b3:5e:db:e4:01:ad:e2:e3:32:
99:2f:ae:aa:87:99:89:6b:c5:9e:ac:16:b0:71:0e:
98:b2:f8:8a:1b:cd:9c:a4:aa:6f:da:34:f2:e8:fa:
0f:09:49:81:09:2b:b8:67:03:e2:8d:2f:da:f8:cf:
7c:57:25:43:70:a8:5c:8d:f6:93:8e:9f:3a:36:0a:
d5:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:81:84:D2:BB:04:76:57:3A:BD:51:0A:C1:1F:E4:E3:D7:AD:81:03
X509v3 Authority Key Identifier:
keyid:07:A3:29:99:C4:7E:B3:1D:5F:BF:16:EC:C3:87:2E:AE:FD:43:BA:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B6MpmcR-sx1fvxbsw4curv1Dutc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/738179-cf67-4199-b532-2fb2958ab8bb/1/RoGE0rsEdlc6vVEKwR_k49etgQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/738179-cf67-4199-b532-2fb2958ab8bb/1/B6MpmcR-sx1fvxbsw4curv1Dutc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.222.0.0/17
Signature Algorithm: sha256WithRSAEncryption
3d:4b:3a:7e:5d:9a:20:5d:2e:b2:92:4c:ee:58:ae:0c:64:70:
57:fd:7d:eb:87:22:8f:4f:db:5e:b5:5f:3e:7e:de:ca:b8:13:
3e:2b:0e:fe:c7:d6:ec:e5:c9:5a:43:6c:42:61:bb:43:aa:ce:
79:28:bf:de:16:a6:92:cd:dd:c3:53:f0:3a:8b:ea:22:c3:ed:
4d:d6:4d:09:9f:bd:07:cc:e7:61:f2:bb:0e:ec:92:42:30:77:
46:60:05:7d:9d:39:95:22:9d:8c:44:5f:c6:b2:12:5e:bb:3c:
04:57:19:f8:05:8c:32:27:dc:5c:d8:c4:42:44:36:43:8b:67:
92:4c:7c:ec:95:28:7a:ff:d2:60:1e:1b:df:3f:46:49:04:e4:
f5:b8:52:e5:d2:2a:dc:b5:56:44:0b:19:d3:c3:e2:05:b5:ee:
d0:af:66:fd:35:d7:13:78:c9:bb:ce:0a:fd:26:4a:66:21:09:
6b:21:fd:95:4f:94:76:b7:f7:33:36:eb:51:86:6d:77:4c:cd:
8c:52:c2:53:a1:15:e0:fb:7a:91:33:6c:64:da:dc:9c:a7:ff:
79:a5:f3:79:a1:cb:58:d0:04:dd:c3:b8:56:3d:b9:0d:c5:47:
55:e1:ac:bd:6c:9b:1a:b1:b5:bd:99:9e:15:f1:fc:32:5a:55:
0c:e5:55:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr0qjyEdL+4JpF1+6aNduiLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3YTMyOTk5YzQ3ZWIzMWQ1ZmJmMTZlY2MzODcyZWFlZmQ0
M2JhZDcwHhcNMjMxMDAzMDgzMTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjgxODRkMmJiMDQ3NjU3M2FiZDUxMGFjMTFmZTRlM2Q3YWQ4MTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WF0QbXMCpyMz7vDrvzIYp1wpwWq
Tf0L8IkhevMIKZ1QrFdWYcyYU2reai/A8c/5Z9CvJ3TlNWE4ps4f12N40Yw5qLkK
5/emZZYuE20SmqrcB0m8Pxm4NXP0J6PSm4fqVVOeRolY/6QE/6UV3ru8yUPxvRjT
wqvmsZ2Nh0fFXZlV1CqA3WNymnm+919VLove2wiBUxYL5nkIKzsf+14EqZg8MiSU
/i59UCU3PLl7tMrcSnLOoY2v1GSzXtvkAa3i4zKZL66qh5mJa8WerBawcQ6YsviK
G82cpKpv2jTy6PoPCUmBCSu4ZwPijS/a+M98VyVDcKhcjfaTjp86NgrVZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEaBhNK7BHZXOr1RCsEf5OPXrYEDMB8GA1UdIwQY
MBaAFAejKZnEfrMdX78W7MOHLq79Q7rXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjZNcG1jUi1zeDFmdnhic3c0Y3VydjFEdXRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83MzgxNzktY2Y2Ny00MTk5LWI1MzIt
MmZiMjk1OGFiOGJiLzEvUm9HRTByc0VkbGM2dlZFS3dSX2s0OWV0Z1FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83MzgxNzktY2Y2Ny00MTk5LWI1MzItMmZiMjk1OGFiOGJi
LzEvQjZNcG1jUi1zeDFmdnhic3c0Y3VydjFEdXRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHWd4AMA0G
CSqGSIb3DQEBCwUAA4IBAQA9Szp+XZogXS6ykkzuWK4MZHBX/X3rhyKPT9tetV8+
ft7KuBM+Kw7+x9bs5claQ2xCYbtDqs55KL/eFqaSzd3DU/A6i+oiw+1N1k0Jn70H
zOdh8rsO7JJCMHdGYAV9nTmVIp2MRF/GshJeuzwEVxn4BYwyJ9xc2MRCRDZDi2eS
THzslSh6/9JgHhvfP0ZJBOT1uFLl0irctVZECxnTw+IFte7Qr2b9NdcTeMm7zgr9
JkpmIQlrIf2VT5R2t/czNutRhm13TM2MUsJToRXg+3qRM2xk2tycp/95pfN5octY
0ATdw7hWPbkNxUdV4ay9bJsasbW9mZ4V8fwyWlUM5VXm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:07 2024 by rpki-client on console-fra.rpki-client.org