Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/GEvtT5iOpo4ndOHMuiGL-RhjFR8.roa
File: GEvtT5iOpo4ndOHMuiGL-RhjFR8.roa (raw, json)
Hash identifier: dzWaP6tVSEgKYM+p3uIiS2DJaLrKxP5M0MuQdx9EGpo=
Subject key identifier: 18:4B:ED:4F:98:8E:A6:8E:27:74:E1:CC:BA:21:8B:F9:18:63:15:1F
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0192F551A5826D84B58E53FB9E4B9AEA3AA8
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/GEvtT5iOpo4ndOHMuiGL-RhjFR8.roa
Signing time: Mon 04 Nov 2024 03:57:01 +0000
ROA not before: Mon 04 Nov 2024 03:57:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215224
IP address blocks: 89.40.70.0/24 maxlen: 24
185.198.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 17 Nov 2024 09:38:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f5:51:a5:82:6d:84:b5:8e:53:fb:9e:4b:9a:ea:3a:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Nov 4 03:57:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=184bed4f988ea68e2774e1ccba218bf91863151f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:68:7b:4f:b8:c0:36:04:de:3e:cf:0c:8f:9a:
6c:b4:ce:46:58:17:8f:c1:aa:f5:11:0c:ae:ec:84:
7e:21:9b:0f:d7:df:8f:dc:d9:fc:a3:b1:0a:f8:63:
8d:97:d9:4b:e9:b5:33:e7:61:73:5b:23:ee:90:ac:
72:e8:54:40:a8:9c:42:8f:05:d4:b9:05:3e:41:10:
6d:69:74:dd:b7:ce:1c:76:97:71:09:0d:54:3d:11:
03:c8:cc:41:5d:44:ce:fc:c0:b2:30:d8:ec:ac:81:
07:9d:a7:d0:45:be:dc:07:36:1d:f8:3d:b9:1d:21:
b3:46:9b:27:ea:4b:9c:c0:34:ec:ac:d7:c8:10:4e:
00:5b:b9:65:1f:64:33:72:f1:31:b1:6e:ef:37:f6:
a6:c2:5f:11:49:a6:9a:e0:60:36:ae:d6:2f:a6:76:
75:70:35:97:d1:80:f8:b5:40:71:74:b3:94:28:d6:
05:fe:10:c7:ec:63:e0:25:99:6a:49:19:84:be:6c:
63:c4:6e:07:11:a1:f1:55:56:13:23:49:2d:65:e3:
e6:f8:a9:bf:bd:45:bc:18:0e:9f:c0:e9:48:f2:d3:
67:b8:76:04:aa:d3:0a:c9:79:a8:b2:4d:2c:dd:b7:
8d:36:77:a6:54:5b:6c:83:b4:ed:dd:33:24:e8:2e:
cb:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:4B:ED:4F:98:8E:A6:8E:27:74:E1:CC:BA:21:8B:F9:18:63:15:1F
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/GEvtT5iOpo4ndOHMuiGL-RhjFR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.70.0/24
185.198.235.0/24
Signature Algorithm: sha256WithRSAEncryption
10:90:4d:89:0e:e0:57:42:c1:62:8c:2a:a6:e0:54:ea:77:96:
df:f6:4a:5f:93:fc:64:8c:ca:24:3f:c2:b2:84:bb:b1:93:7b:
3c:5c:ab:12:e4:fd:f3:25:e1:aa:02:ee:60:d4:cf:f8:cc:46:
9b:91:6d:a4:f8:de:94:7f:47:03:5b:89:ce:cc:76:9c:39:21:
a8:d0:77:47:1e:80:7f:f8:f8:64:6f:45:67:ba:91:2a:be:dc:
60:95:fb:2f:56:85:d3:a6:68:e1:15:0f:05:45:9b:3e:b6:98:
b8:ba:04:71:f0:30:87:8a:8b:ef:bd:02:0b:06:29:59:b5:34:
93:6a:d2:37:35:70:6f:2f:d3:a5:be:f5:75:6f:22:9a:11:c6:
d8:79:77:fd:d1:a8:14:79:a5:2b:5c:f6:02:07:99:70:9d:76:
92:b4:74:64:34:a8:73:29:9c:9f:09:34:0d:2f:0b:d8:f3:6f:
b1:9c:0a:5f:47:d3:7b:3e:1e:13:f7:2f:e4:0e:78:92:b9:04:
fe:48:3c:b2:ad:c4:3c:78:f1:3d:18:ca:89:51:9e:9a:89:19:
9a:d9:89:98:c7:27:99:51:97:3a:17:33:f3:4a:4d:d7:67:da:
89:95:4e:c3:45:7c:bd:99:e1:c2:e8:49:34:75:d5:99:c5:bb:
44:0f:4a:59
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZL1UaWCbYS1jlP7nkua6jqoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQxMTA0MDM1NzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODRiZWQ0Zjk4OGVhNjhlMjc3NGUxY2NiYTIxOGJmOTE4NjMxNTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2h7T7jANgTePs8Mj5pstM5GWBeP
war1EQyu7IR+IZsP19+P3Nn8o7EK+GONl9lL6bUz52FzWyPukKxy6FRAqJxCjwXU
uQU+QRBtaXTdt84cdpdxCQ1UPREDyMxBXUTO/MCyMNjsrIEHnafQRb7cBzYd+D25
HSGzRpsn6kucwDTsrNfIEE4AW7llH2QzcvExsW7vN/amwl8RSaaa4GA2rtYvpnZ1
cDWX0YD4tUBxdLOUKNYF/hDH7GPgJZlqSRmEvmxjxG4HEaHxVVYTI0ktZePm+Km/
vUW8GA6fwOlI8tNnuHYEqtMKyXmosk0s3beNNnemVFtsg7Tt3TMk6C7LLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBhL7U+YjqaOJ3ThzLohi/kYYxUfMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvR0V2dFQ1aU9wbzRuZE9ITXVpR0wtUmhqRlI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWShGAwQA
ucbrMA0GCSqGSIb3DQEBCwUAA4IBAQAQkE2JDuBXQsFijCqm4FTqd5bf9kpfk/xk
jMokP8KyhLuxk3s8XKsS5P3zJeGqAu5g1M/4zEabkW2k+N6Uf0cDW4nOzHacOSGo
0HdHHoB/+Phkb0VnupEqvtxglfsvVoXTpmjhFQ8FRZs+tpi4ugRx8DCHiovvvQIL
BilZtTSTatI3NXBvL9OlvvV1byKaEcbYeXf90agUeaUrXPYCB5lwnXaStHRkNKhz
KZyfCTQNLwvY82+xnApfR9N7Ph4T9y/kDniSuQT+SDyyrcQ8ePE9GMqJUZ6aiRma
2YmYxyeZUZc6FzPzSk3XZ9qJlU7DRXy9meHC6Ek0ddWZxbtED0pZ
-----END CERTIFICATE-----
Generated at Sun Nov 17 11:05:22 2024 by rpki-client on console-fra.rpki-client.org