Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/sKJ9Xp5262YclO9LAeL8W7bVpDA.roa
File: sKJ9Xp5262YclO9LAeL8W7bVpDA.roa (raw, json)
Hash identifier: fpWTic2ok99z45N+hmbP1+CDnoXRBR5fvkfHdPu9Hmw=
Subject key identifier: B0:A2:7D:5E:9E:76:EB:66:1C:94:EF:4B:01:E2:FC:5B:B6:D5:A4:30
Certificate issuer: /CN=ad52c28ef9a5b2291aba671ac9a65d8faadc5518
Certificate serial: 018A18F724C7B0EA3EA54056FE42F8833205
Authority key identifier: AD:52:C2:8E:F9:A5:B2:29:1A:BA:67:1A:C9:A6:5D:8F:AA:DC:55:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rVLCjvmlsikaumcayaZdj6rcVRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/sKJ9Xp5262YclO9LAeL8W7bVpDA.roa
Signing time: Mon 21 Aug 2023 16:39:24 +0000
ROA not before: Mon 21 Aug 2023 16:39:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29255
IP address blocks: 89.237.176.0/20 maxlen: 20
82.147.192.0/19 maxlen: 19
212.24.224.0/19 maxlen: 24
89.237.128.0/19 maxlen: 19
89.237.128.0/18 maxlen: 18
85.194.64.0/18 maxlen: 18
Validation: Failed, certificate revoked on Tue 12 Sep 2023 09:56:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:18:f7:24:c7:b0:ea:3e:a5:40:56:fe:42:f8:83:32:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad52c28ef9a5b2291aba671ac9a65d8faadc5518
Validity
Not Before: Aug 21 16:39:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0a27d5e9e76eb661c94ef4b01e2fc5bb6d5a430
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:e2:52:7d:72:cb:6a:9b:00:89:fe:56:68:f9:
1d:32:cb:3c:2e:5e:0f:b4:36:e5:1b:ef:f1:33:0a:
a2:6a:7e:26:c0:ed:80:84:75:b0:fc:98:fa:29:8c:
f3:97:b9:67:de:73:b8:9e:f2:96:2d:c4:d8:21:98:
8c:54:ec:c8:84:3c:55:46:40:1d:3e:5f:50:35:e6:
55:21:24:b2:ee:38:12:62:77:66:5d:18:27:49:51:
81:c2:73:79:87:97:a8:41:e7:c5:4e:ca:95:ab:68:
41:dc:60:c1:bf:9d:f5:c2:5f:55:31:e6:e0:50:e9:
a3:b9:3f:c7:db:6f:2a:4c:19:b9:88:81:db:cf:49:
b3:3b:54:b3:6a:7c:89:7d:77:0d:10:8d:72:93:e9:
5c:bc:48:46:32:ff:1c:38:c5:48:b6:17:3c:b5:23:
aa:52:0f:fb:d5:ab:32:f7:3e:d7:85:bb:e7:97:ea:
0d:d6:1c:4c:44:ad:9a:90:75:66:ec:2b:4e:a6:8e:
58:56:a6:a5:47:de:4a:a7:95:bc:cd:11:39:b5:3a:
44:0b:5b:b8:75:17:2d:7f:fd:34:12:0b:c7:0e:3a:
16:47:27:af:86:22:c1:27:04:cd:06:87:43:2d:eb:
49:84:55:ab:51:22:6d:cc:47:fb:63:a1:40:3e:d6:
1e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:A2:7D:5E:9E:76:EB:66:1C:94:EF:4B:01:E2:FC:5B:B6:D5:A4:30
X509v3 Authority Key Identifier:
keyid:AD:52:C2:8E:F9:A5:B2:29:1A:BA:67:1A:C9:A6:5D:8F:AA:DC:55:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rVLCjvmlsikaumcayaZdj6rcVRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/sKJ9Xp5262YclO9LAeL8W7bVpDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/rVLCjvmlsikaumcayaZdj6rcVRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.147.192.0/19
85.194.64.0/18
89.237.128.0/18
212.24.224.0/19
Signature Algorithm: sha256WithRSAEncryption
2a:ed:01:87:aa:0f:0c:4e:79:c6:bd:7f:e8:03:16:1a:d1:ef:
7a:69:1d:64:ae:32:e9:d8:c9:ca:a6:87:9c:a3:93:dc:04:aa:
d6:1b:ec:5e:b1:5e:24:e2:d9:ff:28:a0:44:ef:b7:42:da:b0:
e1:54:8e:57:cb:e9:1f:42:28:f5:f3:ea:49:3f:b5:96:2f:a6:
ec:8e:e3:70:57:dc:4a:d0:7c:e7:70:e1:c7:4f:4e:6f:5d:2f:
cd:cf:55:30:90:26:cd:4d:2f:3f:15:6b:03:49:93:1e:32:04:
a2:26:49:91:d1:b5:05:e8:ea:80:12:26:ff:86:14:59:cf:7b:
31:4c:ec:85:46:ac:ff:aa:af:b7:71:90:40:49:1c:ac:14:9d:
d2:68:a3:f2:ce:e3:9a:2f:fc:b4:ba:b7:b1:57:39:a4:96:d0:
08:f1:de:c6:59:56:00:58:ab:c9:ee:72:cd:43:4e:39:74:ea:
47:53:f6:b7:0a:9d:d3:93:bc:0b:ad:0c:4f:00:b5:2c:18:4e:
dd:84:8d:ee:f7:28:2c:b8:2d:2c:ae:6c:76:1c:87:1e:e9:d5:
f9:f6:17:d9:ff:a4:e3:ec:6e:91:74:53:0f:bd:93:f2:e5:25:
3a:87:2d:07:a7:d9:ef:84:34:81:01:0a:ef:d5:ed:92:a0:82:
96:7b:b8:7a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYoY9yTHsOo+pUBW/kL4gzIFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNTJjMjhlZjlhNWIyMjkxYWJhNjcxYWM5YTY1ZDhmYWFk
YzU1MTgwHhcNMjMwODIxMTYzOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGEyN2Q1ZTllNzZlYjY2MWM5NGVmNGIwMWUyZmM1YmI2ZDVhNDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOJSfXLLapsAif5WaPkdMss8Ll4P
tDblG+/xMwqian4mwO2AhHWw/Jj6KYzzl7ln3nO4nvKWLcTYIZiMVOzIhDxVRkAd
Pl9QNeZVISSy7jgSYndmXRgnSVGBwnN5h5eoQefFTsqVq2hB3GDBv531wl9VMebg
UOmjuT/H228qTBm5iIHbz0mzO1SzanyJfXcNEI1yk+lcvEhGMv8cOMVIthc8tSOq
Ug/71asy9z7Xhbvnl+oN1hxMRK2akHVm7CtOpo5YVqalR95Kp5W8zRE5tTpEC1u4
dRctf/00EgvHDjoWRyevhiLBJwTNBodDLetJhFWrUSJtzEf7Y6FAPtYeeQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLCifV6edutmHJTvSwHi/Fu21aQwMB8GA1UdIwQY
MBaAFK1Swo75pbIpGrpnGsmmXY+q3FUYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclZMQ2p2bWxzaWthdW1jYXlhWmRqNnJjVlJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iYjNkNzMtY2EzZi00NDY3LWI2ZTgt
NzAyYmU0OGE1NTFlLzEvc0tKOVhwNTI2MlljbE85TEFlTDhXN2JWcERBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iYjNkNzMtY2EzZi00NDY3LWI2ZTgtNzAyYmU0OGE1NTFl
LzEvclZMQ2p2bWxzaWthdW1jYXlhWmRqNnJjVlJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFUpPAAwQG
VcJAAwQGWe2AAwQF1BjgMA0GCSqGSIb3DQEBCwUAA4IBAQAq7QGHqg8MTnnGvX/o
AxYa0e96aR1krjLp2MnKpoeco5PcBKrWG+xesV4k4tn/KKBE77dC2rDhVI5Xy+kf
Qij18+pJP7WWL6bsjuNwV9xK0HzncOHHT05vXS/Nz1UwkCbNTS8/FWsDSZMeMgSi
JkmR0bUF6OqAEib/hhRZz3sxTOyFRqz/qq+3cZBASRysFJ3SaKPyzuOaL/y0urex
VzmkltAI8d7GWVYAWKvJ7nLNQ045dOpHU/a3Cp3Tk7wLrQxPALUsGE7dhI3u9ygs
uC0srmx2HIce6dX59hfZ/6Tj7G6RdFMPvZPy5SU6hy0Hp9nvhDSBAQrv1e2SoIKW
e7h6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:19 2024 by rpki-client on console-fra.rpki-client.org