Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/9UF0e2zdwqaNlVb2yLSnS0Jn2FY.roa
File: 9UF0e2zdwqaNlVb2yLSnS0Jn2FY.roa (raw, json)
Hash identifier: /7lVZvc+h1czY4MSlF7nZyebtANwi2gvMkl1bbC0oUo=
Subject key identifier: F5:41:74:7B:6C:DD:C2:A6:8D:95:56:F6:C8:B4:A7:4B:42:67:D8:56
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018D1790FC5EF534656328CA2AA6D123212C
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/9UF0e2zdwqaNlVb2yLSnS0Jn2FY.roa
Signing time: Wed 17 Jan 2024 13:16:34 +0000
ROA not before: Wed 17 Jan 2024 13:16:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 149977
IP address blocks: 89.34.106.0/24 maxlen: 24
89.34.202.0/24 maxlen: 24
89.35.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jan 2024 13:25:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:17:90:fc:5e:f5:34:65:63:28:ca:2a:a6:d1:23:21:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 17 13:16:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f541747b6cddc2a68d9556f6c8b4a74b4267d856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b8:a3:2e:91:d8:f5:a8:0e:9c:4d:07:dd:6f:
4b:d3:71:ca:da:15:1e:61:29:52:6d:f7:87:40:33:
c6:5a:fa:6c:24:f9:1c:0d:62:ae:d2:75:a8:55:bf:
b0:60:95:22:dd:a6:85:d2:68:13:e0:3c:b8:5d:94:
51:15:e4:33:e4:62:77:32:8e:22:0e:87:ed:72:7b:
ca:11:ff:1b:b5:60:4a:d8:1c:87:66:f3:bc:8d:a1:
57:74:13:d1:7b:41:80:7d:e2:9f:8b:fe:a9:f6:b0:
5f:22:a1:a5:aa:73:89:d9:af:fc:c5:59:9f:2e:93:
74:05:70:97:9a:f1:b9:ff:60:f1:31:87:98:05:ca:
9f:28:4b:a7:54:45:98:34:9b:fc:46:0a:9e:e3:b7:
00:4a:c9:4d:33:1b:bd:10:75:2e:5a:d4:e1:2b:bf:
42:e4:80:4e:e8:b8:ac:cd:3c:38:b5:cb:c1:03:5c:
35:a1:3f:1f:d7:6b:03:fb:74:c7:d4:00:32:3b:d9:
d8:a8:a0:c8:92:61:ef:96:cd:72:bf:88:90:29:f6:
76:2d:95:6e:f5:1f:e4:fa:00:24:e5:23:a8:1f:7b:
40:8b:36:8f:12:0b:f5:0a:f9:c5:f0:94:79:f5:23:
cc:a2:bb:9c:95:d4:7a:02:02:03:e3:cb:b3:0f:c2:
ea:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:41:74:7B:6C:DD:C2:A6:8D:95:56:F6:C8:B4:A7:4B:42:67:D8:56
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/9UF0e2zdwqaNlVb2yLSnS0Jn2FY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.106.0/24
89.34.202.0/24
89.35.131.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:31:8f:1a:d2:6b:80:ae:74:a5:a4:87:0e:a3:d3:c0:8e:59:
19:0b:62:7b:7c:fb:1b:48:0a:b8:1d:bb:7c:b1:8b:c1:7a:38:
99:8d:71:95:21:76:79:a2:27:31:ef:1a:9c:2a:28:c8:3b:05:
56:e7:14:8d:d6:25:73:75:40:93:43:b6:f0:aa:e8:59:56:e6:
92:d6:af:24:a7:02:e3:4c:0c:83:c4:6c:ca:32:2b:cf:6c:45:
84:58:5d:b6:54:1a:51:8a:a2:a8:91:fc:b0:2a:2a:d4:fe:c4:
73:fb:9c:98:83:a5:a4:fc:c0:20:9e:ba:16:3b:77:00:b9:91:
86:8d:51:8b:de:e3:92:1e:09:64:2b:88:a8:8f:b6:ce:c7:ee:
46:0b:c5:5a:8a:38:22:54:13:d7:67:68:61:fb:d2:9c:8d:90:
99:fb:6f:23:d9:69:f4:86:63:3f:4f:be:e1:0d:9d:f7:06:3f:
f8:3e:d1:4d:79:12:5b:a3:17:e4:01:1c:68:aa:8f:02:e4:8a:
f8:db:b8:52:07:39:57:50:40:02:d6:5d:5a:6b:54:be:62:cf:
97:82:16:9f:45:39:0f:6c:53:3e:0a:e2:02:28:3f:36:e1:8a:
c9:82:e3:78:d6:dc:76:e0:3a:5b:08:43:8a:7f:62:5f:26:d6:
b2:6d:a8:c6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY0XkPxe9TRlYyjKKqbRIyEsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwMTE3MTMxNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTQxNzQ3YjZjZGRjMmE2OGQ5NTU2ZjZjOGI0YTc0YjQyNjdkODU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLijLpHY9agOnE0H3W9L03HK2hUe
YSlSbfeHQDPGWvpsJPkcDWKu0nWoVb+wYJUi3aaF0mgT4Dy4XZRRFeQz5GJ3Mo4i
DoftcnvKEf8btWBK2ByHZvO8jaFXdBPRe0GAfeKfi/6p9rBfIqGlqnOJ2a/8xVmf
LpN0BXCXmvG5/2DxMYeYBcqfKEunVEWYNJv8Rgqe47cASslNMxu9EHUuWtThK79C
5IBO6LiszTw4tcvBA1w1oT8f12sD+3TH1AAyO9nYqKDIkmHvls1yv4iQKfZ2LZVu
9R/k+gAk5SOoH3tAizaPEgv1CvnF8JR59SPMorucldR6AgID48uzD8LqSQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPVBdHts3cKmjZVW9si0p0tCZ9hWMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvOVVGMGUyemR3cWFObFZiMnlMU25TMEpuMkZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSJqAwQA
WSLKAwQAWSODMA0GCSqGSIb3DQEBCwUAA4IBAQA6MY8a0muArnSlpIcOo9PAjlkZ
C2J7fPsbSAq4Hbt8sYvBejiZjXGVIXZ5oicx7xqcKijIOwVW5xSN1iVzdUCTQ7bw
quhZVuaS1q8kpwLjTAyDxGzKMivPbEWEWF22VBpRiqKokfywKirU/sRz+5yYg6Wk
/MAgnroWO3cAuZGGjVGL3uOSHglkK4ioj7bOx+5GC8VaijgiVBPXZ2hh+9KcjZCZ
+28j2Wn0hmM/T77hDZ33Bj/4PtFNeRJboxfkARxoqo8C5Ir427hSBzlXUEAC1l1a
a1S+Ys+XghafRTkPbFM+CuICKD824YrJguN41tx24DpbCEOKf2JfJtaybajG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:06 2024 by rpki-client on console-fra.rpki-client.org