Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/e348f1-bb70-4b34-be12-219e79d84e43/1/iKDoJpwDmON8yBU6_eZ9EK05VuM.roa
File: iKDoJpwDmON8yBU6_eZ9EK05VuM.roa (raw, json)
Hash identifier: Of3+2GU0OLaIiyWeOBBmkJ81MYHDP7lg2SwpLvM0f8w=
Subject key identifier: 88:A0:E8:26:9C:03:98:E3:7C:C8:15:3A:FD:E6:7D:10:AD:39:56:E3
Certificate issuer: /CN=c4cc02f8fa74cf0da81e8ce2943ea7f9ed2a85f4
Certificate serial: 018B0BB9707D13A5DFA7F42102702AC34C4E
Authority key identifier: C4:CC:02:F8:FA:74:CF:0D:A8:1E:8C:E2:94:3E:A7:F9:ED:2A:85:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xMwC-Pp0zw2oHozilD6n-e0qhfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/e348f1-bb70-4b34-be12-219e79d84e43/1/iKDoJpwDmON8yBU6_eZ9EK05VuM.roa
Signing time: Sat 07 Oct 2023 19:59:44 +0000
ROA not before: Sat 07 Oct 2023 19:59:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57069
IP address blocks: 89.22.64.0/24 maxlen: 24
89.22.66.0/23 maxlen: 23
89.22.68.0/22 maxlen: 22
89.22.72.0/21 maxlen: 21
89.22.84.0/22 maxlen: 22
89.22.83.0/24 maxlen: 24
89.22.88.0/21 maxlen: 21
Validation: Failed, certificate revoked on Sat 30 Dec 2023 11:18:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:0b:b9:70:7d:13:a5:df:a7:f4:21:02:70:2a:c3:4c:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4cc02f8fa74cf0da81e8ce2943ea7f9ed2a85f4
Validity
Not Before: Oct 7 19:59:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88a0e8269c0398e37cc8153afde67d10ad3956e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e5:96:75:53:ae:8b:86:b3:93:17:44:10:bc:
09:8b:f0:8e:6f:cc:06:cd:4c:99:89:01:a4:05:49:
68:e5:ac:49:f8:f1:bf:c9:f4:04:17:0f:39:67:45:
de:46:e5:8d:f9:bc:1f:d0:f8:6c:da:c2:de:d3:a4:
92:6c:37:4c:b7:bd:68:da:23:49:d6:60:12:74:3a:
e0:e6:04:fd:36:de:d8:dd:26:16:1d:d4:8a:e2:79:
bf:37:15:96:82:d8:ab:a3:9b:c5:68:42:76:35:4f:
45:b9:3e:ad:44:d1:d1:2b:b1:f8:cd:07:bf:70:4c:
9d:67:2f:ec:7e:bc:4b:ec:54:44:3b:32:aa:b2:e9:
40:c4:9c:a1:31:07:dc:eb:0c:c5:e6:9d:ef:94:59:
20:be:71:b4:9a:c9:31:e8:d5:e9:42:ca:e2:d1:72:
7f:51:4b:88:f2:9a:dd:64:0f:25:08:9e:78:bd:96:
b7:72:46:1c:f0:2c:ce:d6:22:69:f9:4d:e2:98:1c:
c8:cd:59:61:2e:c2:ac:53:9b:dd:73:4d:c6:97:8f:
9d:e8:26:ea:71:3e:ef:57:a3:05:f8:aa:73:00:22:
a5:3f:01:a0:94:69:16:24:cf:b1:ca:69:bd:5d:2c:
0c:2c:f0:95:5c:d6:ce:71:f1:ca:67:36:7b:33:37:
ca:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:A0:E8:26:9C:03:98:E3:7C:C8:15:3A:FD:E6:7D:10:AD:39:56:E3
X509v3 Authority Key Identifier:
keyid:C4:CC:02:F8:FA:74:CF:0D:A8:1E:8C:E2:94:3E:A7:F9:ED:2A:85:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xMwC-Pp0zw2oHozilD6n-e0qhfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e348f1-bb70-4b34-be12-219e79d84e43/1/iKDoJpwDmON8yBU6_eZ9EK05VuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e348f1-bb70-4b34-be12-219e79d84e43/1/xMwC-Pp0zw2oHozilD6n-e0qhfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.22.64.0/24
89.22.66.0-89.22.79.255
89.22.83.0-89.22.95.255
Signature Algorithm: sha256WithRSAEncryption
32:6f:ed:43:8b:4e:05:0d:f0:26:a5:9b:35:3b:cd:ba:e2:00:
2e:3c:c6:12:c8:c3:22:57:c4:e0:1a:62:4e:ce:9c:ee:3c:ce:
0b:7e:d7:6b:1d:4e:64:45:98:2b:f0:c2:84:1d:4e:15:06:44:
d8:67:cc:f3:68:10:12:3a:92:2b:d7:7c:7e:4f:ff:fb:51:5b:
d1:34:49:0c:fd:8b:32:c1:fa:3f:bf:6b:48:8d:b0:b5:80:f1:
5c:64:60:b8:8f:3e:c0:67:16:02:a2:66:1c:d6:f8:9b:58:49:
52:19:f5:19:41:f9:a7:85:88:e5:a8:92:dc:5f:13:28:8a:8d:
81:7d:c5:d1:80:c1:54:a6:37:d3:4f:b5:00:cb:11:67:79:19:
8a:43:0a:37:18:71:18:c0:8c:af:66:f2:07:1c:f0:24:d9:6e:
7b:1e:d1:e7:f0:41:f8:81:cb:2c:7a:4b:69:4f:8a:5f:13:ea:
45:40:18:65:b1:37:84:33:6f:9d:b3:1c:c8:a2:bf:e4:ad:e5:
f3:98:ba:7d:01:c9:78:87:90:c5:81:77:55:4c:da:c7:ce:d0:
b0:f1:11:21:36:7c:c4:d0:a7:d5:52:58:74:67:c5:7b:bd:4b:
3b:00:92:56:17:da:fe:26:11:5b:af:09:24:d8:17:23:4f:3f:
bf:37:4d:a4
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYsLuXB9E6Xfp/QhAnAqw0xOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Y2MwMmY4ZmE3NGNmMGRhODFlOGNlMjk0M2VhN2Y5ZWQy
YTg1ZjQwHhcNMjMxMDA3MTk1OTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGEwZTgyNjljMDM5OGUzN2NjODE1M2FmZGU2N2QxMGFkMzk1NmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleWWdVOui4azkxdEELwJi/COb8wG
zUyZiQGkBUlo5axJ+PG/yfQEFw85Z0XeRuWN+bwf0Phs2sLe06SSbDdMt71o2iNJ
1mASdDrg5gT9Nt7Y3SYWHdSK4nm/NxWWgtiro5vFaEJ2NU9FuT6tRNHRK7H4zQe/
cEydZy/sfrxL7FREOzKqsulAxJyhMQfc6wzF5p3vlFkgvnG0mskx6NXpQsri0XJ/
UUuI8prdZA8lCJ54vZa3ckYc8CzO1iJp+U3imBzIzVlhLsKsU5vdc03Gl4+d6Cbq
cT7vV6MF+KpzACKlPwGglGkWJM+xymm9XSwMLPCVXNbOcfHKZzZ7MzfKpQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIig6CacA5jjfMgVOv3mfRCtOVbjMB8GA1UdIwQY
MBaAFMTMAvj6dM8NqB6M4pQ+p/ntKoX0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveE13Qy1QcDB6dzJvSG96aWxENm4tZTBxaGZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lMzQ4ZjEtYmI3MC00YjM0LWJlMTIt
MjE5ZTc5ZDg0ZTQzLzEvaUtEb0pwd0RtT044eUJVNl9lWjlFSzA1VnVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9lMzQ4ZjEtYmI3MC00YjM0LWJlMTItMjE5ZTc5ZDg0ZTQz
LzEveE13Qy1QcDB6dzJvSG96aWxENm4tZTBxaGZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQAWRZAMAwD
BAFZFkIDBARZFkAwDAMEAFkWUwMEBVkWQDANBgkqhkiG9w0BAQsFAAOCAQEAMm/t
Q4tOBQ3wJqWbNTvNuuIALjzGEsjDIlfE4BpiTs6c7jzOC37Xax1OZEWYK/DChB1O
FQZE2GfM82gQEjqSK9d8fk//+1Fb0TRJDP2LMsH6P79rSI2wtYDxXGRguI8+wGcW
AqJmHNb4m1hJUhn1GUH5p4WI5aiS3F8TKIqNgX3F0YDBVKY300+1AMsRZ3kZikMK
NxhxGMCMr2byBxzwJNluex7R5/BB+IHLLHpLaU+KXxPqRUAYZbE3hDNvnbMcyKK/
5K3l85i6fQHJeIeQxYF3VUzax87QsPERITZ8xNCn1VJYdGfFe71LOwCSVhfa/iYR
W68JJNgXI08/vzdNpA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:07 2024 by rpki-client on console-ams.rpki-client.org