Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/OKuUaD3CdlBv6QUKdGr1gtUstLk.roa
File: OKuUaD3CdlBv6QUKdGr1gtUstLk.roa (raw, json)
Hash identifier: oCwLSk8Sp7PPQmmmkG5f9iVP/cV7NydPzz04S00Jp6c=
Subject key identifier: 38:AB:94:68:3D:C2:76:50:6F:E9:05:0A:74:6A:F5:82:D5:2C:B4:B9
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018DAD3D731971A0604241469C2C1F7B9711
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/OKuUaD3CdlBv6QUKdGr1gtUstLk.roa
Signing time: Thu 15 Feb 2024 14:48:21 +0000
ROA not before: Thu 15 Feb 2024 14:48:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 89.34.106.0/24 maxlen: 24
89.37.192.0/24 maxlen: 24
89.46.42.0/24 maxlen: 24
89.47.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Feb 2024 11:24:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ad:3d:73:19:71:a0:60:42:41:46:9c:2c:1f:7b:97:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Feb 15 14:48:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38ab94683dc276506fe9050a746af582d52cb4b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:7c:4b:64:c0:f7:f8:3c:ac:da:73:d6:72:a8:
d7:a5:19:2d:25:57:85:5c:cf:eb:06:7a:13:f4:c3:
fd:07:59:83:bc:0b:88:ad:0e:78:03:c5:4d:44:0e:
c4:39:d3:81:b7:07:b4:79:24:80:23:95:7e:08:bc:
28:8e:8f:79:2e:5a:01:4a:a9:24:24:f9:e4:9d:ef:
a9:03:9e:ce:a4:b1:4e:f9:d3:32:a5:2e:47:72:ce:
32:94:cf:3f:9b:56:cd:5c:82:ac:2b:2f:55:6d:62:
d8:b1:ad:07:9b:39:18:61:fd:06:a6:02:8b:50:ba:
3a:5d:5b:06:e2:8c:08:45:22:48:00:d7:a7:22:21:
1d:c1:1d:4f:9f:22:ab:71:a5:02:05:03:85:d7:b7:
0e:2c:5d:e7:73:d8:96:4d:23:49:2b:50:52:4d:b1:
bf:54:e9:7c:cb:29:20:4e:7e:7e:0a:ab:70:dc:e0:
cc:b3:87:db:e5:e7:af:a8:55:29:31:c6:52:d3:51:
c6:62:b7:7d:1f:c1:1d:29:db:a0:fd:a9:ae:6a:eb:
46:f8:b3:34:08:81:ed:cd:ea:6e:90:66:1f:10:6a:
07:b9:32:3c:dd:e8:7e:43:fe:31:83:b3:ff:69:22:
7e:ec:3a:94:1d:b3:f9:98:ec:93:c8:38:08:9a:3b:
01:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:AB:94:68:3D:C2:76:50:6F:E9:05:0A:74:6A:F5:82:D5:2C:B4:B9
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/OKuUaD3CdlBv6QUKdGr1gtUstLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.106.0/24
89.37.192.0/24
89.46.42.0/24
89.47.36.0/24
Signature Algorithm: sha256WithRSAEncryption
39:61:82:b4:82:52:37:9b:80:ef:32:67:35:7f:84:e4:cb:73:
68:72:01:9b:d4:b9:e7:e5:6f:92:ba:7a:04:20:71:b5:d4:cb:
06:a4:9e:77:1e:40:2f:de:07:77:da:e3:2b:54:44:b6:00:4f:
5f:5b:e4:64:f3:29:f1:45:55:76:43:b0:bc:ff:dd:e2:20:13:
3b:78:86:e5:50:52:26:ac:35:65:ec:61:d0:ba:52:b9:e6:66:
d6:8a:4f:f9:4d:7e:fa:90:59:16:8c:56:0c:74:59:a9:42:b4:
b2:2a:92:de:75:10:7e:9a:b0:d6:52:0f:73:0c:ba:e7:8f:d1:
a8:0e:67:54:6a:d5:20:79:f7:cb:b8:67:69:3f:34:e1:cf:ff:
85:cb:85:9b:99:e3:56:65:d1:2c:23:13:10:36:66:ed:03:6e:
08:c7:d0:92:29:6c:a4:f8:99:49:85:22:b9:0f:4b:57:f8:e9:
36:0b:8e:0a:6a:bb:e6:55:f7:68:45:b5:8c:6b:b3:93:17:27:
59:65:c6:f5:71:4f:40:ff:22:ff:fb:c3:ce:23:ac:35:89:19:
f4:b6:34:7b:f8:8d:85:82:dc:89:16:92:4f:15:b2:97:ca:b2:
68:85:5f:2a:c1:c3:c9:b8:4f:7a:52:10:c2:61:25:b4:bb:f3:
09:a1:aa:57
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY2tPXMZcaBgQkFGnCwfe5cRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwMjE1MTQ0ODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGFiOTQ2ODNkYzI3NjUwNmZlOTA1MGE3NDZhZjU4MmQ1MmNiNGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXxLZMD3+Dys2nPWcqjXpRktJVeF
XM/rBnoT9MP9B1mDvAuIrQ54A8VNRA7EOdOBtwe0eSSAI5V+CLwojo95LloBSqkk
JPnkne+pA57OpLFO+dMypS5Hcs4ylM8/m1bNXIKsKy9VbWLYsa0HmzkYYf0GpgKL
ULo6XVsG4owIRSJIANenIiEdwR1PnyKrcaUCBQOF17cOLF3nc9iWTSNJK1BSTbG/
VOl8yykgTn5+Cqtw3ODMs4fb5eevqFUpMcZS01HGYrd9H8EdKdug/amuautG+LM0
CIHtzepukGYfEGoHuTI83eh+Q/4xg7P/aSJ+7DqUHbP5mOyTyDgImjsBXwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDirlGg9wnZQb+kFCnRq9YLVLLS5MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvT0t1VWFEM0NkbEJ2NlFVS2RHcjFndFVzdExrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWSJqAwQA
WSXAAwQAWS4qAwQAWS8kMA0GCSqGSIb3DQEBCwUAA4IBAQA5YYK0glI3m4DvMmc1
f4Tky3NocgGb1Lnn5W+SunoEIHG11MsGpJ53HkAv3gd32uMrVES2AE9fW+Rk8ynx
RVV2Q7C8/93iIBM7eIblUFImrDVl7GHQulK55mbWik/5TX76kFkWjFYMdFmpQrSy
KpLedRB+mrDWUg9zDLrnj9GoDmdUatUgeffLuGdpPzThz/+Fy4WbmeNWZdEsIxMQ
NmbtA24Ix9CSKWyk+JlJhSK5D0tX+Ok2C44KarvmVfdoRbWMa7OTFydZZcb1cU9A
/yL/+8POI6w1iRn0tjR7+I2FgtyJFpJPFbKXyrJohV8qwcPJuE96UhDCYSW0u/MJ
oapX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:13 2024 by rpki-client on console-ams.rpki-client.org