Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Im-_Bh5P90v0x2UlEoYw1nAArM0.roa
File: Im-_Bh5P90v0x2UlEoYw1nAArM0.roa (raw, json)
Hash identifier: VZuikzgomnnu/72dkqr0ceF9jc/PP6eYrePle+UcFFs=
Subject key identifier: 22:6F:BF:06:1E:4F:F7:4B:F4:C7:65:25:12:86:30:D6:70:00:AC:CD
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018CFCDCD817E31782272FF28A01F169F41F
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Im-_Bh5P90v0x2UlEoYw1nAArM0.roa
Signing time: Fri 12 Jan 2024 08:49:40 +0000
ROA not before: Fri 12 Jan 2024 08:49:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207326
IP address blocks: 89.37.193.0/24 maxlen: 24
91.132.51.0/24 maxlen: 24
89.40.215.0/24 maxlen: 24
89.35.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Jan 2024 09:53:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fc:dc:d8:17:e3:17:82:27:2f:f2:8a:01:f1:69:f4:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 12 08:49:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=226fbf061e4ff74bf4c76525128630d67000accd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:1a:95:39:b1:77:9a:01:4b:3f:6c:5f:b4:7c:
de:b6:b0:4f:46:05:5b:9d:83:5a:9e:ac:ad:20:33:
a7:d7:43:6c:b1:23:ce:91:e7:47:6e:bc:30:83:1c:
55:ec:4d:f3:74:02:a7:75:a3:9c:32:bf:8d:cc:df:
62:3b:de:a1:7b:20:90:1d:2c:5f:86:4c:a7:90:11:
36:22:ec:dc:05:76:40:f1:bb:61:5c:15:e2:67:26:
c9:89:11:38:4c:f0:e0:99:3a:79:fb:23:c7:ab:ad:
11:34:8e:bc:6d:00:f8:1e:fa:fa:04:18:a0:d8:47:
19:a3:7f:f3:8b:94:58:4f:1b:24:b0:ba:f7:2a:15:
31:8a:15:27:16:15:03:a0:96:e4:58:ff:0d:9b:4c:
50:16:69:5f:4c:03:88:47:43:07:48:61:4f:ac:b4:
28:26:1d:85:5d:9a:de:67:4c:33:0a:37:3f:46:54:
e3:58:92:19:86:58:c7:17:c8:99:1f:71:ee:29:11:
c4:cc:1a:6b:55:90:9e:8d:67:a3:93:be:aa:6f:3d:
26:3d:bb:8c:6b:98:3f:61:fc:7b:71:6f:9a:ea:bd:
63:64:ee:30:96:88:c9:16:5e:02:8c:3b:f8:7e:d6:
d9:98:25:f2:1d:e0:8d:ec:72:25:48:1b:6f:e4:fc:
02:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:6F:BF:06:1E:4F:F7:4B:F4:C7:65:25:12:86:30:D6:70:00:AC:CD
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Im-_Bh5P90v0x2UlEoYw1nAArM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.129.0/24
89.37.193.0/24
89.40.215.0/24
91.132.51.0/24
Signature Algorithm: sha256WithRSAEncryption
86:ed:a2:bb:e4:aa:df:87:53:d5:39:62:c3:c5:a0:21:79:ef:
23:17:8c:99:d1:9f:62:fa:7b:58:d0:7c:34:9a:c8:d0:98:d9:
89:d7:c2:54:82:e9:5d:3a:b0:22:9f:7d:90:5f:a3:d8:53:73:
34:14:f3:3f:bc:84:28:7f:73:c3:f7:c6:27:52:09:8c:0a:9a:
54:fd:f3:96:bc:5b:4c:14:a8:d6:0a:1c:89:d3:38:e4:80:a0:
3e:4c:27:1f:91:bd:fe:65:d6:a6:eb:d5:5b:1e:ca:52:f4:43:
a0:e1:d4:e4:55:da:dd:a5:f9:3d:18:2d:10:f4:74:1f:fe:91:
4b:2e:30:59:4a:d0:b6:5a:a2:c6:aa:c6:f2:b1:d8:ca:49:b4:
93:f9:c7:34:62:78:bf:c8:09:96:02:99:ee:46:e7:2e:48:1c:
3e:5d:24:65:3d:a4:56:b6:54:a6:fb:71:2f:8c:a0:ee:20:44:
0c:9f:d8:2d:96:ca:6e:12:01:6f:c5:18:b3:13:c0:c4:d0:94:
ab:7b:e9:29:89:e2:b2:89:10:c8:47:7e:eb:be:03:4d:26:d0:
2d:e7:f1:80:10:6c:23:05:db:cb:08:c8:31:3f:ae:83:a5:c2:
d1:64:c9:e4:0e:d4:d1:27:e6:16:a1:e1:8e:72:0e:88:0e:14:
94:14:f3:ba
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYz83NgX4xeCJy/yigHxafQfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwMTEyMDg0OTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjZmYmYwNjFlNGZmNzRiZjRjNzY1MjUxMjg2MzBkNjcwMDBhY2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRqVObF3mgFLP2xftHzetrBPRgVb
nYNanqytIDOn10NssSPOkedHbrwwgxxV7E3zdAKndaOcMr+NzN9iO96heyCQHSxf
hkynkBE2IuzcBXZA8bthXBXiZybJiRE4TPDgmTp5+yPHq60RNI68bQD4Hvr6BBig
2EcZo3/zi5RYTxsksLr3KhUxihUnFhUDoJbkWP8Nm0xQFmlfTAOIR0MHSGFPrLQo
Jh2FXZreZ0wzCjc/RlTjWJIZhljHF8iZH3HuKRHEzBprVZCejWejk76qbz0mPbuM
a5g/Yfx7cW+a6r1jZO4wlojJFl4CjDv4ftbZmCXyHeCN7HIlSBtv5PwCaQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCJvvwYeT/dL9MdlJRKGMNZwAKzNMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvSW0tX0JoNVA5MHYweDJVbEVvWXcxbkFBck0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWSOBAwQA
WSXBAwQAWSjXAwQAW4QzMA0GCSqGSIb3DQEBCwUAA4IBAQCG7aK75Krfh1PVOWLD
xaAhee8jF4yZ0Z9i+ntY0Hw0msjQmNmJ18JUguldOrAin32QX6PYU3M0FPM/vIQo
f3PD98YnUgmMCppU/fOWvFtMFKjWChyJ0zjkgKA+TCcfkb3+Zdam69VbHspS9EOg
4dTkVdrdpfk9GC0Q9HQf/pFLLjBZStC2WqLGqsbysdjKSbST+cc0Yni/yAmWApnu
RucuSBw+XSRlPaRWtlSm+3EvjKDuIEQMn9gtlspuEgFvxRizE8DE0JSre+kpieKy
iRDIR37rvgNNJtAt5/GAEGwjBdvLCMgxP66DpcLRZMnkDtTRJ+YWoeGOcg6IDhSU
FPO6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:06 2024 by rpki-client on console-fra.rpki-client.org