Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/OtFI6HiIH4BEDQBgQGxt77pE3uM.roa
File: OtFI6HiIH4BEDQBgQGxt77pE3uM.roa (raw, json)
Hash identifier: hO06072iHEBOtHcneg/BQBZQAr2lnSCaZNVpQKR5j2s=
Subject key identifier: 3A:D1:48:E8:78:88:1F:80:44:0D:00:60:40:6C:6D:EF:BA:44:DE:E3
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018A0A0D67C7B821075B73A810128250FB8F
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/OtFI6HiIH4BEDQBgQGxt77pE3uM.roa
Signing time: Fri 18 Aug 2023 19:09:25 +0000
ROA not before: Fri 18 Aug 2023 19:09:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212219
IP address blocks: 89.34.106.0/24 maxlen: 24
89.34.219.0/24 maxlen: 24
89.47.36.0/24 maxlen: 24
89.47.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 20 Aug 2023 10:12:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:0a:0d:67:c7:b8:21:07:5b:73:a8:10:12:82:50:fb:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Aug 18 19:09:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ad148e878881f80440d0060406c6defba44dee3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d2:ec:24:f1:19:fd:f9:d4:81:50:4c:b7:61:
17:91:d4:40:c5:5c:4c:83:2b:19:7c:db:4e:88:0f:
b9:9e:07:23:d1:30:44:c0:13:8b:a0:0a:6a:98:d1:
f4:6d:35:3c:d7:aa:52:d0:5e:3e:1a:b4:53:e1:7c:
15:06:f1:91:c7:34:f5:82:95:83:1b:64:b9:32:4b:
7b:6b:ea:cf:f1:f4:cd:4a:23:12:18:42:51:cc:ed:
44:7a:85:af:fc:e7:f4:99:fb:03:b0:cf:79:00:8f:
85:11:17:bc:f9:ae:7c:bc:29:32:c9:b2:11:ff:07:
3b:42:9f:7a:14:c8:f8:fa:b5:20:b8:be:8d:ba:1e:
9e:80:fe:84:3c:21:90:6a:b5:91:1e:63:85:57:f4:
95:17:81:03:6c:3f:18:72:d4:c2:a7:3e:30:9e:04:
2c:b7:bb:b8:4c:d4:c9:85:a3:ce:14:2f:01:8a:19:
58:f7:3d:5f:73:cc:b3:98:b2:48:c5:0b:80:af:b9:
61:7f:75:e4:4b:70:00:cb:16:9c:1e:be:e9:a9:42:
f0:d8:82:14:e8:ad:cf:b2:d3:c0:7c:12:bb:2c:43:
ca:de:34:ea:93:41:de:5c:68:ef:09:2b:fe:96:bc:
c6:57:4b:17:3a:3a:09:1a:4f:2a:9d:5c:98:b0:30:
40:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:D1:48:E8:78:88:1F:80:44:0D:00:60:40:6C:6D:EF:BA:44:DE:E3
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/OtFI6HiIH4BEDQBgQGxt77pE3uM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.106.0/24
89.34.219.0/24
89.47.36.0/24
89.47.55.0/24
Signature Algorithm: sha256WithRSAEncryption
46:da:f1:1a:1f:9c:8f:31:73:18:79:0f:a3:a0:9c:15:de:31:
bf:75:26:14:11:0c:a2:c6:25:80:2c:b6:50:87:fe:4b:89:bf:
14:43:e5:03:a2:a4:e2:ce:7d:02:17:a1:fb:1e:1f:ec:01:63:
23:5c:7f:b3:9e:d9:c4:1d:69:aa:95:58:99:db:97:ad:83:46:
54:c4:a7:11:09:e2:7e:75:85:2d:02:31:f1:be:05:b9:b5:6c:
6a:1d:30:26:26:50:26:92:ed:3a:c6:38:ed:fa:f1:bb:4b:85:
d1:f7:88:01:4e:0e:fe:85:a5:53:ca:a2:fd:bf:01:84:1f:fd:
fa:07:1b:f5:69:ac:7f:6d:37:b8:c5:29:45:74:92:84:bc:07:
29:fe:25:a3:a1:d6:c4:da:68:b0:36:5b:10:ed:bb:2b:df:fa:
ba:f2:44:2c:19:23:b3:5f:2a:65:47:22:64:15:93:6c:2c:49:
57:c0:bd:ce:ac:69:b8:53:b6:f3:45:d3:60:18:57:43:7c:f0:
b7:e4:f8:46:3b:3e:e0:99:56:2a:5c:6e:ca:30:91:92:f8:e0:
21:fe:b2:e5:22:12:9a:1f:c0:27:8a:72:e1:de:ac:bc:e0:50:
cc:83:be:fc:56:4b:4a:eb:62:4c:ec:d1:4a:2e:00:ff:e2:08:
af:03:5f:d9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYoKDWfHuCEHW3OoEBKCUPuPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwODE4MTkwOTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWQxNDhlODc4ODgxZjgwNDQwZDAwNjA0MDZjNmRlZmJhNDRkZWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9LsJPEZ/fnUgVBMt2EXkdRAxVxM
gysZfNtOiA+5ngcj0TBEwBOLoApqmNH0bTU816pS0F4+GrRT4XwVBvGRxzT1gpWD
G2S5Mkt7a+rP8fTNSiMSGEJRzO1EeoWv/Of0mfsDsM95AI+FERe8+a58vCkyybIR
/wc7Qp96FMj4+rUguL6Nuh6egP6EPCGQarWRHmOFV/SVF4EDbD8YctTCpz4wngQs
t7u4TNTJhaPOFC8BihlY9z1fc8yzmLJIxQuAr7lhf3XkS3AAyxacHr7pqULw2IIU
6K3PstPAfBK7LEPK3jTqk0HeXGjvCSv+lrzGV0sXOjoJGk8qnVyYsDBAuQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDrRSOh4iB+ARA0AYEBsbe+6RN7jMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvT3RGSTZIaUlINEJFRFFCZ1FHeHQ3N3BFM3VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWSJqAwQA
WSLbAwQAWS8kAwQAWS83MA0GCSqGSIb3DQEBCwUAA4IBAQBG2vEaH5yPMXMYeQ+j
oJwV3jG/dSYUEQyixiWALLZQh/5Lib8UQ+UDoqTizn0CF6H7Hh/sAWMjXH+zntnE
HWmqlViZ25etg0ZUxKcRCeJ+dYUtAjHxvgW5tWxqHTAmJlAmku06xjjt+vG7S4XR
94gBTg7+haVTyqL9vwGEH/36Bxv1aax/bTe4xSlFdJKEvAcp/iWjodbE2miwNlsQ
7bsr3/q68kQsGSOzXyplRyJkFZNsLElXwL3OrGm4U7bzRdNgGFdDfPC35PhGOz7g
mVYqXG7KMJGS+OAh/rLlIhKaH8AninLh3qy84FDMg778VktK62JM7NFKLgD/4giv
A1/Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:06 2024 by rpki-client on console-fra.rpki-client.org