Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/aOzwS3q-w8TeROJJjjMn8vxhWt4.roa
File: aOzwS3q-w8TeROJJjjMn8vxhWt4.roa (raw, json)
Hash identifier: MxNAnaz+Fw8eURZWFs4lxVwa20c2yYT1BpzjKJyMiLI=
Subject key identifier: 68:EC:F0:4B:7A:BE:C3:C4:DE:44:E2:49:8E:33:27:F2:FC:61:5A:DE
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018DDFBD1A5AC6151B118DBB8915DF01FB99
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/aOzwS3q-w8TeROJJjjMn8vxhWt4.roa
Signing time: Sun 25 Feb 2024 10:08:48 +0000
ROA not before: Sun 25 Feb 2024 10:08:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 89.34.106.0/24 maxlen: 24
89.37.192.0/24 maxlen: 24
89.40.215.0/24 maxlen: 24
89.46.42.0/24 maxlen: 24
89.47.36.0/24 maxlen: 24
185.198.233.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Feb 2024 08:07:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:df:bd:1a:5a:c6:15:1b:11:8d:bb:89:15:df:01:fb:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Feb 25 10:08:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68ecf04b7abec3c4de44e2498e3327f2fc615ade
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:46:cb:86:e6:e6:0c:2e:8b:7f:8b:06:1b:e9:
da:93:92:1c:d6:b1:36:e9:4c:19:13:51:84:e5:22:
4c:4c:ff:6c:bb:48:b9:a5:b1:4f:be:64:cf:ae:28:
26:03:ff:a8:88:cf:15:35:3a:ed:e5:fa:d4:e3:11:
e6:86:87:4b:1e:af:d9:0f:6b:c5:06:3d:65:dd:74:
11:a4:a4:a8:77:f5:6f:42:ab:90:88:03:d5:42:d2:
b5:fa:57:0a:73:63:28:2e:5c:fd:32:41:4d:d1:7e:
1d:15:b0:52:24:76:ae:76:26:30:92:69:f8:be:0a:
6c:7b:96:b0:f2:5b:ed:0f:08:2b:30:3e:39:ee:ff:
31:bf:d2:d8:00:3f:12:64:75:d7:88:65:77:2c:05:
de:9c:c5:3b:0b:7b:32:9f:a1:0b:df:be:95:b1:e5:
3f:87:a2:76:20:0f:d7:02:6d:8b:9d:db:5e:0a:ab:
38:42:42:52:9e:ef:3f:e3:81:4f:e1:5a:95:41:e3:
0e:62:1a:24:20:7e:7a:c4:9e:a9:d9:26:3b:34:3c:
89:a8:73:57:42:91:0e:8a:00:19:3d:87:a8:4b:d8:
32:0a:12:a0:94:a5:a8:8d:64:87:88:a4:15:34:19:
1d:76:bf:78:6e:73:f8:69:96:34:5a:ee:41:fc:db:
78:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:EC:F0:4B:7A:BE:C3:C4:DE:44:E2:49:8E:33:27:F2:FC:61:5A:DE
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/aOzwS3q-w8TeROJJjjMn8vxhWt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.106.0/24
89.37.192.0/24
89.40.215.0/24
89.46.42.0/24
89.47.36.0/24
185.198.233.0/24
Signature Algorithm: sha256WithRSAEncryption
70:7c:69:5c:89:1c:c0:40:fc:97:35:9f:dd:88:ac:7f:6d:36:
b1:03:ea:66:18:2a:53:4d:97:4e:30:42:6c:1e:54:8c:67:80:
8d:60:c4:08:c4:86:be:00:98:78:19:81:d6:1e:ce:bb:33:9e:
d5:4e:f9:23:a7:fb:05:3e:af:0b:22:77:1e:7d:ac:b8:c2:99:
8e:00:0e:31:02:a8:dc:62:b1:5f:0c:f4:78:de:c8:51:da:bd:
49:b5:76:27:8c:68:88:e0:f9:4e:1e:fd:5a:27:4a:55:e0:cd:
57:66:ec:cd:45:02:bd:80:e2:20:ca:47:49:a2:8b:77:d2:e6:
2c:b3:c5:9d:7f:ba:87:b7:ed:c5:a1:4c:7b:17:3f:75:a2:f0:
af:0e:b5:b1:ca:d8:1c:d7:da:69:8f:29:a4:fd:f0:a3:61:d8:
60:f8:9a:b5:c2:fd:89:0d:69:eb:8c:0d:27:01:02:bd:41:51:
62:7e:4c:06:8d:58:d9:d7:0a:a6:01:a8:db:61:bd:91:60:de:
f2:15:bf:03:48:62:06:3e:2c:ff:79:b8:a9:2a:c4:f8:2a:fc:
ff:84:0b:6a:1a:86:bb:5f:3b:f2:60:16:7d:04:fb:b9:cb:84:
49:b0:8c:13:a1:56:b5:31:e8:c9:ad:4c:88:b8:5a:81:17:bb:
d6:3d:31:ce
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY3fvRpaxhUbEY27iRXfAfuZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwMjI1MTAwODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGVjZjA0YjdhYmVjM2M0ZGU0NGUyNDk4ZTMzMjdmMmZjNjE1YWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEbLhubmDC6Lf4sGG+nak5Ic1rE2
6UwZE1GE5SJMTP9su0i5pbFPvmTPrigmA/+oiM8VNTrt5frU4xHmhodLHq/ZD2vF
Bj1l3XQRpKSod/VvQquQiAPVQtK1+lcKc2MoLlz9MkFN0X4dFbBSJHaudiYwkmn4
vgpse5aw8lvtDwgrMD457v8xv9LYAD8SZHXXiGV3LAXenMU7C3syn6EL376VseU/
h6J2IA/XAm2LndteCqs4QkJSnu8/44FP4VqVQeMOYhokIH56xJ6p2SY7NDyJqHNX
QpEOigAZPYeoS9gyChKglKWojWSHiKQVNBkddr94bnP4aZY0Wu5B/Nt4twIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGjs8Et6vsPE3kTiSY4zJ/L8YVreMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvYU96d1MzcS13OFRlUk9KSmpqTW44dnhoV3Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAWSJqAwQA
WSXAAwQAWSjXAwQAWS4qAwQAWS8kAwQAucbpMA0GCSqGSIb3DQEBCwUAA4IBAQBw
fGlciRzAQPyXNZ/diKx/bTaxA+pmGCpTTZdOMEJsHlSMZ4CNYMQIxIa+AJh4GYHW
Hs67M57VTvkjp/sFPq8LIncefay4wpmOAA4xAqjcYrFfDPR43shR2r1JtXYnjGiI
4PlOHv1aJ0pV4M1XZuzNRQK9gOIgykdJoot30uYss8Wdf7qHt+3FoUx7Fz91ovCv
DrWxytgc19ppjymk/fCjYdhg+Jq1wv2JDWnrjA0nAQK9QVFifkwGjVjZ1wqmAajb
Yb2RYN7yFb8DSGIGPiz/ebipKsT4Kvz/hAtqGoa7XzvyYBZ9BPu5y4RJsIwToVa1
MejJrUyIuFqBF7vWPTHO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:07 2024 by rpki-client on console-fra.rpki-client.org