Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/OQJ--hwxjHSRma9HUp8NhBRosgM.roa
File: OQJ--hwxjHSRma9HUp8NhBRosgM.roa (raw, json)
Hash identifier: Qb0X4TadMzdU5kc++LK6zj0ydsquLRdhuUbn20Ofh3k=
Subject key identifier: 39:02:7E:FA:1C:31:8C:74:91:99:AF:47:52:9F:0D:84:14:68:B2:03
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018AF92321953A2E88ECF38791DEA1C465C8
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/OQJ--hwxjHSRma9HUp8NhBRosgM.roa
Signing time: Wed 04 Oct 2023 05:22:23 +0000
ROA not before: Wed 04 Oct 2023 05:22:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 89.40.70.0/24 maxlen: 24
2.57.243.0/24 maxlen: 24
94.198.171.0/24 maxlen: 24
94.177.106.0/24 maxlen: 24
93.90.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Oct 2023 06:33:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f9:23:21:95:3a:2e:88:ec:f3:87:91:de:a1:c4:65:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Oct 4 05:22:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39027efa1c318c749199af47529f0d841468b203
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b9:0d:61:37:db:e1:11:26:61:7f:4b:e7:c5:
65:8c:92:96:00:25:f8:70:c6:4b:69:59:03:0b:d2:
1a:8b:88:67:2f:7e:e7:99:d2:dc:64:72:c5:6b:e9:
e2:ba:a8:0a:4f:89:da:f0:c1:f2:fa:6e:d3:61:ef:
7b:fa:5d:3a:66:4d:4d:98:27:41:76:c5:68:da:2a:
c8:a4:a4:59:cc:05:de:06:e9:7f:b3:4f:f3:d2:f6:
81:bb:53:a7:f3:05:61:cf:44:51:cf:9b:b3:25:4f:
73:05:75:85:76:c8:92:e0:19:90:6e:07:9f:88:3f:
d7:da:79:04:76:1d:33:06:8d:56:d5:af:f7:53:ea:
9a:1a:f4:47:dc:a5:57:5a:6e:93:ef:ec:90:da:e7:
37:a0:e3:ab:8e:fb:ff:55:a0:e5:c4:88:03:5d:ed:
ca:36:7b:20:d2:37:b7:db:88:62:d3:a2:60:1a:21:
0c:ca:3e:ff:f3:a5:de:09:24:c5:62:23:fe:b1:3c:
e1:f9:09:75:18:d1:7c:be:32:0c:b0:4d:f0:77:15:
8a:65:1c:76:32:1c:23:2c:35:1b:54:f8:93:d8:a9:
cb:21:f3:cc:45:ae:85:de:00:03:8a:36:95:91:54:
b3:71:6d:b5:07:74:1f:15:53:2d:b2:66:de:ee:01:
77:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:02:7E:FA:1C:31:8C:74:91:99:AF:47:52:9F:0D:84:14:68:B2:03
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/OQJ--hwxjHSRma9HUp8NhBRosgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.243.0/24
89.40.70.0/24
93.90.74.0/24
94.177.106.0/24
94.198.171.0/24
Signature Algorithm: sha256WithRSAEncryption
96:e3:75:be:69:16:93:98:1c:44:78:43:5e:f0:49:ec:d9:9e:
90:f3:f2:7b:f2:12:7d:1b:f6:da:d3:e2:90:88:5a:f3:84:42:
b6:25:d1:8b:2a:cf:df:08:05:b6:f5:9f:79:38:2b:60:2f:41:
f1:39:23:8b:9b:de:1e:91:40:82:77:e4:9e:6b:3b:eb:52:0c:
ab:db:2e:fd:93:0d:a2:f7:a0:9c:04:3c:63:bd:f2:8e:d3:8a:
23:e8:6f:91:38:e3:b5:ac:b5:5a:63:10:ef:2e:d9:a1:12:b7:
88:e5:f1:42:63:17:27:5b:94:c9:24:a0:83:53:63:c9:24:11:
4a:07:cc:64:92:6f:46:39:2b:90:4b:4c:36:fc:a6:3c:15:b9:
5f:7d:d7:0a:5b:90:7f:73:24:95:e7:88:0c:b8:92:78:7b:9c:
58:4a:36:8d:e2:3f:a6:0f:3b:db:f9:39:14:8f:68:60:6b:55:
d1:7e:30:83:80:c1:dc:24:2e:43:3e:25:7e:0d:00:7b:5e:0e:
b7:26:13:e3:ed:74:9f:00:fe:89:99:ae:97:d2:e3:b8:b6:2d:
d4:c5:71:60:ab:35:0b:a7:6d:72:2d:ea:07:08:14:78:14:ae:
76:f7:5f:f0:0a:c9:86:cb:f2:8a:39:ac:e8:c9:59:7d:94:d4:
ae:52:85:18
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYr5IyGVOi6I7POHkd6hxGXIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMxMDA0MDUyMjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTAyN2VmYTFjMzE4Yzc0OTE5OWFmNDc1MjlmMGQ4NDE0NjhiMjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLkNYTfb4REmYX9L58VljJKWACX4
cMZLaVkDC9Iai4hnL37nmdLcZHLFa+niuqgKT4na8MHy+m7TYe97+l06Zk1NmCdB
dsVo2irIpKRZzAXeBul/s0/z0vaBu1On8wVhz0RRz5uzJU9zBXWFdsiS4BmQbgef
iD/X2nkEdh0zBo1W1a/3U+qaGvRH3KVXWm6T7+yQ2uc3oOOrjvv/VaDlxIgDXe3K
Nnsg0je324hi06JgGiEMyj7/86XeCSTFYiP+sTzh+Ql1GNF8vjIMsE3wdxWKZRx2
MhwjLDUbVPiT2KnLIfPMRa6F3gADijaVkVSzcW21B3QfFVMtsmbe7gF3ZQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDkCfvocMYx0kZmvR1KfDYQUaLIDMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvT1FKLS1od3hqSFNSbWE5SFVwOE5oQlJvc2dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjnzAwQA
WShGAwQAXVpKAwQAXrFqAwQAXsarMA0GCSqGSIb3DQEBCwUAA4IBAQCW43W+aRaT
mBxEeENe8Ens2Z6Q8/J78hJ9G/ba0+KQiFrzhEK2JdGLKs/fCAW29Z95OCtgL0Hx
OSOLm94ekUCCd+SeazvrUgyr2y79kw2i96CcBDxjvfKO04oj6G+ROOO1rLVaYxDv
LtmhEreI5fFCYxcnW5TJJKCDU2PJJBFKB8xkkm9GOSuQS0w2/KY8FblffdcKW5B/
cySV54gMuJJ4e5xYSjaN4j+mDzvb+TkUj2hga1XRfjCDgMHcJC5DPiV+DQB7Xg63
JhPj7XSfAP6Jma6X0uO4ti3UxXFgqzULp21yLeoHCBR4FK5291/wCsmGy/KKOazo
yVl9lNSuUoUY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:13 2024 by rpki-client on console-ams.rpki-client.org