Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/IqE3nl1-o_klpNcYP3ZSKWtHWGs.roa
File: IqE3nl1-o_klpNcYP3ZSKWtHWGs.roa (raw, json)
Hash identifier: 792kolj9qgsnzu+uoutVmkBchrSsIYEsUZ8qhp/4mfQ=
Subject key identifier: 22:A1:37:9E:5D:7E:A3:F9:25:A4:D7:18:3F:76:52:29:6B:47:58:6B
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018CC4933E68A7473F19FC0674417D1FE66E
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/IqE3nl1-o_klpNcYP3ZSKWtHWGs.roa
Signing time: Mon 01 Jan 2024 10:30:33 +0000
ROA not before: Mon 01 Jan 2024 10:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207326
IP address blocks: 89.37.193.0/24 maxlen: 24
89.40.215.0/24 maxlen: 24
89.35.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Jan 2024 08:49:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:3e:68:a7:47:3f:19:fc:06:74:41:7d:1f:e6:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 1 10:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22a1379e5d7ea3f925a4d7183f7652296b47586b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:82:a8:e3:09:e1:c5:85:06:81:71:3f:c1:64:
a3:bb:2c:b6:84:e8:c5:cf:ac:c7:4d:91:20:c2:48:
43:c0:a9:5c:ab:9c:aa:b0:73:51:1f:f4:e7:f4:04:
aa:b5:20:53:55:ac:5d:2b:ac:7d:f9:03:80:c6:20:
8f:97:5c:ee:58:4f:45:d2:66:84:cb:7d:18:69:dd:
62:aa:df:5e:bb:01:60:f6:a0:f4:ac:16:49:c5:b1:
ab:96:53:7a:46:84:e2:ff:a6:40:c6:f7:1c:0b:62:
12:36:ee:c1:14:6b:d0:b6:8d:9b:ea:e6:53:bb:c7:
42:f0:6f:68:f7:b7:32:41:d7:d5:f4:a6:d7:19:5b:
2a:77:5e:57:a4:c9:54:d8:59:90:d4:d9:bf:ff:7b:
67:ec:b0:2f:b5:a5:00:04:a9:af:79:da:65:54:e7:
6f:05:d2:f9:4b:ba:ed:fc:27:a1:f8:5c:9f:44:59:
5d:a0:ba:5d:4b:ed:ce:06:c1:75:d5:64:f8:05:44:
a4:88:cb:f6:03:1d:df:02:cf:f6:7e:b3:b3:9f:84:
7a:a0:8b:60:f8:e4:db:1b:b5:f0:a3:a3:74:7b:41:
73:b6:bb:f3:75:69:c7:d6:de:f3:82:26:53:e6:a8:
5b:39:98:f0:1d:06:40:89:9f:70:50:87:24:39:67:
7e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:A1:37:9E:5D:7E:A3:F9:25:A4:D7:18:3F:76:52:29:6B:47:58:6B
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/IqE3nl1-o_klpNcYP3ZSKWtHWGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.129.0/24
89.37.193.0/24
89.40.215.0/24
Signature Algorithm: sha256WithRSAEncryption
16:d5:c7:07:44:ab:95:7c:a9:02:06:9a:2b:87:84:48:17:73:
0f:6d:6f:c3:06:e1:bb:d0:d2:3c:e5:85:c6:06:97:63:eb:63:
b9:c8:3b:29:0b:34:14:87:02:b2:11:31:da:e9:69:38:a6:9f:
dc:eb:a8:60:d5:cd:85:1c:52:f8:3a:e5:1a:30:12:b9:69:f8:
18:80:81:92:0d:27:61:ed:f4:08:75:df:a9:0f:3c:54:3b:10:
45:db:f6:f5:53:b7:d7:8c:44:24:07:fe:75:57:e5:5b:5b:a2:
3f:28:f2:75:0e:7f:73:4a:64:45:ec:85:79:a0:5a:a5:84:96:
1e:cd:38:ae:be:8d:3f:1d:b2:92:d9:ac:aa:d8:a1:b0:e1:d4:
6c:df:33:85:f6:1c:eb:03:a8:1a:a1:66:51:a2:8f:a1:c3:47:
9c:72:4e:c6:1a:9a:42:fa:b4:0a:a9:88:1e:87:78:1a:4a:dd:
80:e5:00:99:b2:63:ad:d0:43:0e:84:35:f4:a0:ff:a6:ed:83:
49:aa:50:72:b1:2f:95:aa:b5:ff:78:13:ed:75:e4:d6:1d:66:
84:5f:19:37:6a:40:bd:9b:67:5b:83:5c:06:0d:c4:77:2a:f5:
ae:d2:97:46:79:1a:b1:98:f7:96:6a:55:16:f6:57:37:fc:ca:
fd:76:f8:98
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzEkz5op0c/GfwGdEF9H+ZuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwMTAxMTAzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmExMzc5ZTVkN2VhM2Y5MjVhNGQ3MTgzZjc2NTIyOTZiNDc1ODZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIKo4wnhxYUGgXE/wWSjuyy2hOjF
z6zHTZEgwkhDwKlcq5yqsHNRH/Tn9ASqtSBTVaxdK6x9+QOAxiCPl1zuWE9F0maE
y30Yad1iqt9euwFg9qD0rBZJxbGrllN6RoTi/6ZAxvccC2ISNu7BFGvQto2b6uZT
u8dC8G9o97cyQdfV9KbXGVsqd15XpMlU2FmQ1Nm//3tn7LAvtaUABKmvedplVOdv
BdL5S7rt/Ceh+FyfRFldoLpdS+3OBsF11WT4BUSkiMv2Ax3fAs/2frOzn4R6oItg
+OTbG7Xwo6N0e0FztrvzdWnH1t7zgiZT5qhbOZjwHQZAiZ9wUIckOWd+ZwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCKhN55dfqP5JaTXGD92UilrR1hrMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvSXFFM25sMS1vX2tscE5jWVAzWlNLV3RIV0dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSOBAwQA
WSXBAwQAWSjXMA0GCSqGSIb3DQEBCwUAA4IBAQAW1ccHRKuVfKkCBporh4RIF3MP
bW/DBuG70NI85YXGBpdj62O5yDspCzQUhwKyETHa6Wk4pp/c66hg1c2FHFL4OuUa
MBK5afgYgIGSDSdh7fQIdd+pDzxUOxBF2/b1U7fXjEQkB/51V+VbW6I/KPJ1Dn9z
SmRF7IV5oFqlhJYezTiuvo0/HbKS2ayq2KGw4dRs3zOF9hzrA6gaoWZRoo+hw0ec
ck7GGppC+rQKqYgeh3gaSt2A5QCZsmOt0EMOhDX0oP+m7YNJqlBysS+VqrX/eBPt
deTWHWaEXxk3akC9m2dbg1wGDcR3KvWu0pdGeRqxmPeWalUW9lc3/Mr9dviY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:06 2024 by rpki-client on console-fra.rpki-client.org