Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/738179-cf67-4199-b532-2fb2958ab8bb/1/iB8sHy3aisI4LmsYdsoCcaa4H9k.roa
File: iB8sHy3aisI4LmsYdsoCcaa4H9k.roa (raw, json)
Hash identifier: SRkGI6npqXOsHTxc4oXJMX/hh8PVnM+CNv+E3W0q2jQ=
Subject key identifier: 88:1F:2C:1F:2D:DA:8A:C2:38:2E:6B:18:76:CA:02:71:A6:B8:1F:D9
Certificate issuer: /CN=07a32999c47eb31d5fbf16ecc3872eaefd43bad7
Certificate serial: 018CC64AE3AF1CE51B23BDE537585B637DEF
Authority key identifier: 07:A3:29:99:C4:7E:B3:1D:5F:BF:16:EC:C3:87:2E:AE:FD:43:BA:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B6MpmcR-sx1fvxbsw4curv1Dutc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/738179-cf67-4199-b532-2fb2958ab8bb/1/iB8sHy3aisI4LmsYdsoCcaa4H9k.roa
Signing time: Mon 01 Jan 2024 18:30:45 +0000
ROA not before: Mon 01 Jan 2024 18:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 89.222.37.0/24 maxlen: 24
89.222.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 14:13:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:e3:af:1c:e5:1b:23:bd:e5:37:58:5b:63:7d:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07a32999c47eb31d5fbf16ecc3872eaefd43bad7
Validity
Not Before: Jan 1 18:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=881f2c1f2dda8ac2382e6b1876ca0271a6b81fd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:2a:40:a9:5c:c9:a7:49:70:08:e4:e9:24:11:
49:a4:3b:eb:a6:f1:95:c0:cc:5f:29:b6:14:60:36:
cb:09:b5:7b:b9:42:be:34:38:eb:3e:2e:e7:74:aa:
71:c3:1c:92:f5:52:31:d8:79:96:c9:4a:1b:6b:ac:
52:e3:57:d1:d1:6c:1e:7b:5a:77:95:d0:d0:2f:22:
22:91:78:fe:dc:1f:fc:b7:e3:9e:b5:f6:78:6a:30:
37:36:46:41:da:ad:45:00:ac:21:8a:dc:b7:9d:b9:
a5:9c:a2:1e:63:95:b6:14:11:42:35:7e:71:57:e0:
ef:18:b6:67:c1:c7:ac:06:3f:b5:fb:a8:63:83:b1:
ce:a9:95:38:6f:89:81:2f:21:17:30:53:83:78:6a:
83:8d:59:a5:f7:30:57:e1:0f:b4:50:25:4f:dc:7f:
75:b8:ef:aa:05:5e:d2:d1:fe:70:64:9c:30:cf:d7:
0e:d3:92:5d:4c:80:b0:05:9c:e3:b3:e1:da:06:62:
4d:ae:cf:be:04:63:4a:ff:db:c0:28:e6:4b:60:ae:
ab:97:cb:ef:61:3a:e1:a1:e9:f2:6a:fd:e4:d0:b6:
e9:2a:f2:ec:a3:7a:55:53:d2:d9:c5:1b:74:83:ca:
13:05:90:3f:8e:d0:54:95:71:7b:67:03:be:77:32:
17:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:1F:2C:1F:2D:DA:8A:C2:38:2E:6B:18:76:CA:02:71:A6:B8:1F:D9
X509v3 Authority Key Identifier:
keyid:07:A3:29:99:C4:7E:B3:1D:5F:BF:16:EC:C3:87:2E:AE:FD:43:BA:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B6MpmcR-sx1fvxbsw4curv1Dutc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/738179-cf67-4199-b532-2fb2958ab8bb/1/iB8sHy3aisI4LmsYdsoCcaa4H9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/738179-cf67-4199-b532-2fb2958ab8bb/1/B6MpmcR-sx1fvxbsw4curv1Dutc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.222.36.0/23
Signature Algorithm: sha256WithRSAEncryption
57:b9:8f:71:b5:d7:33:a7:a7:e8:9d:c3:a4:12:12:43:6e:d7:
28:7b:75:48:9c:92:c2:5e:93:94:d2:1b:70:45:43:bc:5f:f3:
b1:c6:78:4e:bf:51:62:8c:95:fe:eb:ed:e0:b8:a7:f2:b7:8a:
c8:0f:98:41:14:2c:ed:06:c1:0c:fe:c6:6b:20:f3:d7:16:82:
b3:ae:60:8d:2d:5f:e8:51:30:63:ff:a9:b5:c4:e9:49:8b:c8:
8c:e5:6b:ed:ef:10:24:0f:f4:0f:30:9f:28:c7:b4:70:94:22:
0d:63:64:e4:41:fd:af:93:8d:8b:b9:ec:ad:82:86:c5:77:e2:
9e:32:50:36:21:e1:dc:f2:03:1e:b0:7b:10:de:03:97:70:b5:
55:a6:73:57:ec:a2:5e:42:5c:44:ab:19:6f:3c:7e:de:da:95:
fa:c9:8d:a6:37:52:6b:6d:1e:02:d5:b1:1b:c6:bd:fa:bd:b9:
1e:54:0a:49:52:32:40:c0:06:e3:f5:67:9a:b5:c7:6e:0f:c7:
61:f3:f2:94:b2:c0:ac:f0:be:23:75:e4:a8:f9:72:4b:04:06:
7b:40:58:38:bb:ae:ce:13:82:93:ee:f8:34:bb:65:64:b2:d3:
b9:25:e7:6d:61:9a:35:65:18:5e:06:6a:7e:3b:d5:10:9c:00:
a8:4d:0f:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSuOvHOUbI73lN1hbY33vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3YTMyOTk5YzQ3ZWIzMWQ1ZmJmMTZlY2MzODcyZWFlZmQ0
M2JhZDcwHhcNMjQwMTAxMTgzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODFmMmMxZjJkZGE4YWMyMzgyZTZiMTg3NmNhMDI3MWE2YjgxZmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCpAqVzJp0lwCOTpJBFJpDvrpvGV
wMxfKbYUYDbLCbV7uUK+NDjrPi7ndKpxwxyS9VIx2HmWyUoba6xS41fR0Wwee1p3
ldDQLyIikXj+3B/8t+OetfZ4ajA3NkZB2q1FAKwhity3nbmlnKIeY5W2FBFCNX5x
V+DvGLZnwcesBj+1+6hjg7HOqZU4b4mBLyEXMFODeGqDjVml9zBX4Q+0UCVP3H91
uO+qBV7S0f5wZJwwz9cO05JdTICwBZzjs+HaBmJNrs++BGNK/9vAKOZLYK6rl8vv
YTrhoenyav3k0LbpKvLso3pVU9LZxRt0g8oTBZA/jtBUlXF7ZwO+dzIXdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIgfLB8t2orCOC5rGHbKAnGmuB/ZMB8GA1UdIwQY
MBaAFAejKZnEfrMdX78W7MOHLq79Q7rXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjZNcG1jUi1zeDFmdnhic3c0Y3VydjFEdXRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83MzgxNzktY2Y2Ny00MTk5LWI1MzIt
MmZiMjk1OGFiOGJiLzEvaUI4c0h5M2Fpc0k0TG1zWWRzb0NjYWE0SDlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83MzgxNzktY2Y2Ny00MTk5LWI1MzItMmZiMjk1OGFiOGJi
LzEvQjZNcG1jUi1zeDFmdnhic3c0Y3VydjFEdXRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWd4kMA0G
CSqGSIb3DQEBCwUAA4IBAQBXuY9xtdczp6foncOkEhJDbtcoe3VInJLCXpOU0htw
RUO8X/OxxnhOv1FijJX+6+3guKfyt4rID5hBFCztBsEM/sZrIPPXFoKzrmCNLV/o
UTBj/6m1xOlJi8iM5Wvt7xAkD/QPMJ8ox7RwlCINY2TkQf2vk42LueytgobFd+Ke
MlA2IeHc8gMesHsQ3gOXcLVVpnNX7KJeQlxEqxlvPH7e2pX6yY2mN1JrbR4C1bEb
xr36vbkeVApJUjJAwAbj9WeatcduD8dh8/KUssCs8L4jdeSo+XJLBAZ7QFg4u67O
E4KT7vg0u2VkstO5JedtYZo1ZRheBmp+O9UQnACoTQ+p
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:51 2024 by rpki-client on console-ams.rpki-client.org