Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/4r_85dApWIe4su7TyiuZNz0BOgs.roa
File: 4r_85dApWIe4su7TyiuZNz0BOgs.roa (raw, json)
Hash identifier: nORIdMMQKewKFezonH1CFZ+6ocxipRxOr6nDaWREtBw=
Subject key identifier: E2:BF:FC:E5:D0:29:58:87:B8:B2:EE:D3:CA:2B:99:37:3D:01:3A:0B
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0190A6C433AE3AB898024B6D0DF7CBB9FB31
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/4r_85dApWIe4su7TyiuZNz0BOgs.roa
Signing time: Fri 12 Jul 2024 11:46:34 +0000
ROA not before: Fri 12 Jul 2024 11:46:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211014
IP address blocks: 89.40.70.0/24 maxlen: 24
93.113.255.0/24 maxlen: 24
185.141.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jul 2024 17:19:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a6:c4:33:ae:3a:b8:98:02:4b:6d:0d:f7:cb:b9:fb:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jul 12 11:46:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2bffce5d0295887b8b2eed3ca2b99373d013a0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:50:c7:a3:d7:8d:0f:a1:47:49:ea:6a:ae:ed:
f6:7a:aa:c3:b1:b0:49:09:31:5e:e9:1d:14:2b:e7:
04:92:85:01:35:52:49:d9:6b:e0:8d:6e:b9:7b:2f:
9e:d2:36:08:1e:2f:5c:cf:9e:b2:68:ba:af:bc:82:
34:20:eb:6a:66:62:63:ec:2c:56:30:c3:db:53:a9:
26:66:aa:c5:c8:40:e5:49:50:ef:02:7c:dd:eb:05:
29:48:bb:69:bc:15:d3:a1:d9:cb:77:48:a1:58:3e:
6c:42:e9:2c:5f:a4:a6:2a:5c:26:32:29:ae:db:5f:
af:c7:01:67:92:5b:62:2b:2b:82:e4:e7:7d:ba:e9:
f8:5d:55:57:f0:0b:f0:e6:c2:d1:e4:4b:99:94:87:
34:85:aa:17:82:dc:49:0e:bf:b4:dc:a0:9c:39:b2:
a9:87:e4:f4:05:f5:59:29:59:fb:03:77:c3:05:38:
19:77:75:6e:66:91:21:f4:a5:8b:dd:e8:ad:1e:23:
51:f6:64:06:05:64:39:ff:4b:d9:30:5b:e9:e8:dd:
e5:41:31:86:14:8e:3e:66:9c:a6:38:ff:8e:de:6d:
f7:84:2b:8b:b5:21:c8:e1:4b:b1:69:c9:98:1a:42:
74:3a:78:15:e3:8b:d5:24:a4:07:1e:a5:ac:17:96:
9c:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:BF:FC:E5:D0:29:58:87:B8:B2:EE:D3:CA:2B:99:37:3D:01:3A:0B
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/4r_85dApWIe4su7TyiuZNz0BOgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.70.0/24
93.113.255.0/24
185.141.217.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:71:1f:5b:c4:7b:5c:a7:f7:8e:84:7a:bc:65:0c:95:e6:0a:
6f:e0:f6:11:8d:57:95:d8:9b:01:42:59:2c:7f:6c:bd:c1:db:
08:7a:dc:dd:9c:77:04:ff:7f:67:10:98:b6:7a:c4:3e:b9:7c:
95:ec:fc:6b:cc:e5:c1:ef:8e:f5:14:27:4d:08:7d:db:12:23:
e0:3a:6c:1b:96:2b:5c:0a:cd:d9:c0:30:7a:b5:c1:b2:74:bf:
df:e1:ea:91:6a:5c:56:5b:90:c9:7d:09:d7:7c:35:20:80:31:
d8:99:cc:3c:aa:80:db:c2:6b:f3:62:3f:1e:b0:63:30:14:36:
a4:a3:70:58:0f:e0:aa:97:a9:40:96:ef:47:da:bf:db:2d:4f:
9a:9e:1d:3d:b2:0e:fb:63:4c:bd:bb:12:7b:8f:35:cc:45:30:
95:40:f8:bf:66:0d:83:54:f5:80:36:3e:a0:08:dd:78:09:f3:
bd:23:ed:0e:57:ec:d9:81:af:7c:51:3e:07:bb:fa:7e:76:56:
1d:39:16:9f:c6:f1:b7:d1:b4:0b:37:e2:5e:2b:e4:48:97:c2:
78:4a:43:db:b0:ee:4d:6b:2c:99:b9:0c:02:88:76:50:4a:3a:
83:d9:ab:fc:8a:3e:74:14:24:dc:1a:73:31:6a:65:ba:84:30:
eb:60:67:6a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZCmxDOuOriYAkttDffLufsxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwNzEyMTE0NjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmJmZmNlNWQwMjk1ODg3YjhiMmVlZDNjYTJiOTkzNzNkMDEzYTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7VDHo9eND6FHSepqru32eqrDsbBJ
CTFe6R0UK+cEkoUBNVJJ2WvgjW65ey+e0jYIHi9cz56yaLqvvII0IOtqZmJj7CxW
MMPbU6kmZqrFyEDlSVDvAnzd6wUpSLtpvBXTodnLd0ihWD5sQuksX6SmKlwmMimu
21+vxwFnkltiKyuC5Od9uun4XVVX8Avw5sLR5EuZlIc0haoXgtxJDr+03KCcObKp
h+T0BfVZKVn7A3fDBTgZd3VuZpEh9KWL3eitHiNR9mQGBWQ5/0vZMFvp6N3lQTGG
FI4+ZpymOP+O3m33hCuLtSHI4UuxacmYGkJ0OngV44vVJKQHHqWsF5aciQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOK//OXQKViHuLLu08ormTc9AToLMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvNHJfODVkQXBXSWU0c3U3VHlpdVpOejBCT2dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWShGAwQA
XXH/AwQAuY3ZMA0GCSqGSIb3DQEBCwUAA4IBAQAecR9bxHtcp/eOhHq8ZQyV5gpv
4PYRjVeV2JsBQlksf2y9wdsIetzdnHcE/39nEJi2esQ+uXyV7PxrzOXB7471FCdN
CH3bEiPgOmwblitcCs3ZwDB6tcGydL/f4eqRalxWW5DJfQnXfDUggDHYmcw8qoDb
wmvzYj8esGMwFDako3BYD+Cql6lAlu9H2r/bLU+anh09sg77Y0y9uxJ7jzXMRTCV
QPi/Zg2DVPWANj6gCN14CfO9I+0OV+zZga98UT4Hu/p+dlYdORafxvG30bQLN+Je
K+RIl8J4SkPbsO5NayyZuQwCiHZQSjqD2av8ij50FCTcGnMxamW6hDDrYGdq
-----END CERTIFICATE-----
Generated at Mon Jul 15 21:32:10 2024 by rpki-client on console-ams.rpki-client.org