Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/8qHqnUu-rpOYhUrcqv0mOYOt0QY.roa
File: 8qHqnUu-rpOYhUrcqv0mOYOt0QY.roa (raw, json)
Hash identifier: DTKM7rmMa8LjvimAHiZb6HF9bPgUs845Y++b+1/oSQ0=
Subject key identifier: F2:A1:EA:9D:4B:BE:AE:93:98:85:4A:DC:AA:FD:26:39:83:AD:D1:06
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018DCB6930807E5E6D2DD32BB60A2D1E501D
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/8qHqnUu-rpOYhUrcqv0mOYOt0QY.roa
Signing time: Wed 21 Feb 2024 11:24:44 +0000
ROA not before: Wed 21 Feb 2024 11:24:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 89.34.106.0/24 maxlen: 24
89.37.192.0/24 maxlen: 24
89.46.42.0/24 maxlen: 24
89.47.36.0/24 maxlen: 24
185.198.233.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 25 Feb 2024 10:08:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cb:69:30:80:7e:5e:6d:2d:d3:2b:b6:0a:2d:1e:50:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Feb 21 11:24:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2a1ea9d4bbeae9398854adcaafd263983add106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:2c:86:69:d2:fb:25:28:32:18:1e:8b:fb:51:
01:20:45:54:bb:e5:ff:4f:59:25:9a:89:68:62:10:
28:cb:8f:14:f6:47:9b:fa:22:05:f2:64:5b:8d:3f:
d6:49:3a:00:e6:7f:7f:43:fd:45:77:9f:54:c5:04:
5f:8c:df:08:cc:ba:18:d7:58:b1:ba:bd:45:5e:7a:
cb:bb:92:a9:a3:12:b7:43:4c:27:fc:c0:22:0c:2c:
4b:92:e3:05:e7:b6:cb:73:63:7d:b8:c6:2c:bd:61:
27:64:87:0a:2f:9c:76:12:ab:94:e8:c0:73:96:d9:
31:df:4d:1f:76:1c:da:ce:32:bb:0a:de:8e:96:85:
b3:3a:d3:0c:0a:45:dc:42:7f:e9:e2:68:51:b3:9e:
64:32:17:8d:a0:33:76:46:39:92:36:70:58:ab:e6:
b4:9b:1d:c3:bc:cb:1e:a7:b1:92:a8:c2:cc:75:67:
86:17:23:d6:3a:fc:af:f9:1a:5a:bf:bb:42:dd:fa:
a2:bf:ac:70:00:00:c9:14:87:b0:e9:40:d3:c6:64:
63:99:6e:c8:56:06:2a:2e:d2:2e:86:ea:6f:5a:e9:
71:56:52:d2:24:19:2e:b5:1a:5c:37:e8:96:a1:b5:
13:f5:5f:9b:f6:d1:a4:20:d4:18:27:8b:f3:be:88:
51:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:A1:EA:9D:4B:BE:AE:93:98:85:4A:DC:AA:FD:26:39:83:AD:D1:06
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/8qHqnUu-rpOYhUrcqv0mOYOt0QY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.106.0/24
89.37.192.0/24
89.46.42.0/24
89.47.36.0/24
185.198.233.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:39:f7:5c:8e:40:b2:a5:3b:e4:02:d5:fd:af:47:df:72:ba:
2b:66:17:22:f5:f6:47:7d:1d:2d:81:ab:82:ff:0c:1c:7e:25:
95:db:57:96:9c:3d:03:18:fa:3f:08:1b:85:e9:98:6b:0f:b4:
af:f6:c8:7a:43:74:c4:f4:2b:bd:8f:4c:0f:43:10:5d:e2:e6:
a3:ee:1e:a7:62:76:51:40:ec:d8:c0:44:52:4d:75:cd:19:4c:
da:eb:9e:24:75:44:48:9f:c0:b7:ec:16:4f:9a:0e:47:91:69:
e0:e3:6e:ad:13:0e:69:cb:07:1a:46:35:2d:aa:00:f3:3b:aa:
d8:cd:2c:16:7d:a1:b3:77:e5:a1:1f:ef:1b:37:63:b4:99:16:
a2:08:b2:33:de:ff:32:8a:78:02:b4:34:24:39:58:fb:e1:ef:
35:5a:3b:36:56:11:0f:c4:83:a7:7e:04:e6:72:61:ad:ce:99:
80:01:73:1d:1a:c6:11:3e:df:97:66:40:42:fc:ae:c1:21:20:
de:61:87:2f:b0:59:40:75:6a:a1:be:08:b6:9d:49:22:5e:8a:
02:6c:53:1b:12:9a:b9:54:b9:b8:98:25:91:46:cc:3b:54:bf:
0b:18:3b:e9:60:8f:d7:2a:e5:74:0d:20:8d:69:22:64:39:e7:
19:8f:68:88
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY3LaTCAfl5tLdMrtgotHlAdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwMjIxMTEyNDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmExZWE5ZDRiYmVhZTkzOTg4NTRhZGNhYWZkMjYzOTgzYWRkMTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyyGadL7JSgyGB6L+1EBIEVUu+X/
T1klmoloYhAoy48U9keb+iIF8mRbjT/WSToA5n9/Q/1Fd59UxQRfjN8IzLoY11ix
ur1FXnrLu5KpoxK3Q0wn/MAiDCxLkuMF57bLc2N9uMYsvWEnZIcKL5x2EquU6MBz
ltkx300fdhzazjK7Ct6OloWzOtMMCkXcQn/p4mhRs55kMheNoDN2RjmSNnBYq+a0
mx3DvMsep7GSqMLMdWeGFyPWOvyv+Rpav7tC3fqiv6xwAADJFIew6UDTxmRjmW7I
VgYqLtIuhupvWulxVlLSJBkutRpcN+iWobUT9V+b9tGkINQYJ4vzvohRxQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPKh6p1Lvq6TmIVK3Kr9JjmDrdEGMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvOHFIcW5VdS1ycE9ZaFVyY3F2MG1PWU90MFFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWSJqAwQA
WSXAAwQAWS4qAwQAWS8kAwQAucbpMA0GCSqGSIb3DQEBCwUAA4IBAQBbOfdcjkCy
pTvkAtX9r0ffcrorZhci9fZHfR0tgauC/wwcfiWV21eWnD0DGPo/CBuF6ZhrD7Sv
9sh6Q3TE9Cu9j0wPQxBd4uaj7h6nYnZRQOzYwERSTXXNGUza654kdURIn8C37BZP
mg5HkWng426tEw5pywcaRjUtqgDzO6rYzSwWfaGzd+WhH+8bN2O0mRaiCLIz3v8y
ingCtDQkOVj74e81Wjs2VhEPxIOnfgTmcmGtzpmAAXMdGsYRPt+XZkBC/K7BISDe
YYcvsFlAdWqhvgi2nUkiXooCbFMbEpq5VLm4mCWRRsw7VL8LGDvpYI/XKuV0DSCN
aSJkOecZj2iI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:12 2024 by rpki-client on console-ams.rpki-client.org