Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/gNZpZe8r3Gpx5qOs-Zkmn0O9y4g.roa
File: gNZpZe8r3Gpx5qOs-Zkmn0O9y4g.roa (raw, json)
Hash identifier: BC2MXQYmRP8bYCsTFyEWTzZJOWB/ZNLAOita6KcEm2U=
Subject key identifier: 80:D6:69:65:EF:2B:DC:6A:71:E6:A3:AC:F9:99:26:9F:43:BD:CB:88
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018B42C4A9B0C8ABF490E11EA86C51D0D416
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/gNZpZe8r3Gpx5qOs-Zkmn0O9y4g.roa
Signing time: Wed 18 Oct 2023 12:31:06 +0000
ROA not before: Wed 18 Oct 2023 12:31:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60117
IP address blocks: 89.37.193.0/24 maxlen: 24
89.36.140.0/24 maxlen: 24
94.177.51.0/24 maxlen: 24
94.176.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 Nov 2023 08:53:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:42:c4:a9:b0:c8:ab:f4:90:e1:1e:a8:6c:51:d0:d4:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Oct 18 12:31:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80d66965ef2bdc6a71e6a3acf999269f43bdcb88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:1a:07:57:24:00:99:a0:d0:64:6d:0f:54:9f:
4b:b1:19:06:3e:b4:34:ca:eb:da:83:4e:d9:64:a2:
19:a6:88:1c:ad:8d:9f:07:a2:fe:84:1f:5a:23:1d:
a1:e6:f2:46:e0:93:24:5e:cc:48:9f:4c:1e:55:79:
1b:aa:ba:d9:7a:c3:90:0d:c7:14:32:6d:93:90:27:
0f:cf:39:5d:4b:f8:fb:b9:75:0c:37:0a:75:09:dd:
f6:6b:d9:b2:0c:05:cf:a5:dc:40:d9:1b:0c:82:0b:
f9:90:ba:b8:e2:63:66:1f:1f:10:1a:5b:5a:f4:98:
be:15:be:37:02:d5:75:e6:11:07:cb:f9:1a:4c:1c:
d8:51:44:f8:bf:b5:71:48:11:70:f3:d0:42:1f:1b:
74:16:45:54:65:9b:12:c3:63:20:ff:49:42:47:04:
a5:0c:37:c2:12:b9:e2:5f:e1:ae:c2:b4:df:d7:61:
04:8b:2b:b2:41:57:ad:94:00:63:76:19:cd:87:2f:
27:01:3f:ce:bf:fb:06:3f:8e:c7:a6:5c:32:a4:d0:
4e:12:2e:78:ad:26:d1:d6:bf:48:99:ec:51:5d:24:
5f:6c:22:0f:79:bc:63:6d:41:33:4d:9f:f1:b3:40:
c0:36:45:f4:55:45:1b:72:f1:33:b7:79:c8:b9:8f:
46:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:D6:69:65:EF:2B:DC:6A:71:E6:A3:AC:F9:99:26:9F:43:BD:CB:88
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/gNZpZe8r3Gpx5qOs-Zkmn0O9y4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.140.0/24
89.37.193.0/24
94.176.214.0/24
94.177.51.0/24
Signature Algorithm: sha256WithRSAEncryption
24:af:6a:18:5c:e7:19:33:bd:22:be:c1:5a:c7:17:1f:a5:11:
be:f0:8b:a6:9d:20:62:d5:30:7d:2d:75:d4:ed:69:b9:fa:9b:
da:79:9a:29:c7:23:7b:14:44:c2:fb:30:b6:ca:a7:ad:3a:13:
5c:94:60:db:ae:40:bb:c7:31:0c:ca:5c:5c:5e:c8:bf:3d:ea:
d6:1f:cd:7d:0a:f4:7d:97:11:b2:19:4f:5a:de:6c:8c:62:a8:
0b:fa:76:aa:af:c6:b2:3f:92:e1:d2:96:2c:4c:5e:de:b5:3f:
9c:7b:45:82:d8:65:5e:62:b3:58:76:a1:b0:11:fc:20:de:61:
fb:95:7f:ec:27:c9:c7:a9:ec:ee:46:b1:40:66:5e:47:06:fe:
1a:4c:52:8b:a8:7b:9d:58:f0:19:26:b5:fc:c2:93:2b:41:06:
df:eb:d2:24:86:e8:72:99:d6:60:df:ed:2e:f5:01:77:77:5e:
18:08:21:b7:89:ca:4c:17:e1:15:6e:f8:30:e1:b3:ff:08:fc:
6a:b2:67:3d:1e:0d:df:20:11:2e:ba:fa:fe:be:c2:77:b0:80:
ed:6e:4a:0f:0f:73:08:a8:9e:02:f2:51:0d:5d:98:09:ec:db:
ff:c4:5e:4b:83:35:f6:24:7a:ab:6e:29:08:f7:4b:81:96:f3:
a6:e9:e2:6c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYtCxKmwyKv0kOEeqGxR0NQWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMxMDE4MTIzMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGQ2Njk2NWVmMmJkYzZhNzFlNmEzYWNmOTk5MjY5ZjQzYmRjYjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhoHVyQAmaDQZG0PVJ9LsRkGPrQ0
yuvag07ZZKIZpogcrY2fB6L+hB9aIx2h5vJG4JMkXsxIn0weVXkbqrrZesOQDccU
Mm2TkCcPzzldS/j7uXUMNwp1Cd32a9myDAXPpdxA2RsMggv5kLq44mNmHx8QGlta
9Ji+Fb43AtV15hEHy/kaTBzYUUT4v7VxSBFw89BCHxt0FkVUZZsSw2Mg/0lCRwSl
DDfCErniX+GuwrTf12EEiyuyQVetlABjdhnNhy8nAT/Ov/sGP47HplwypNBOEi54
rSbR1r9ImexRXSRfbCIPebxjbUEzTZ/xs0DANkX0VUUbcvEzt3nIuY9GgwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIDWaWXvK9xqceajrPmZJp9DvcuIMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvZ05acFplOHIzR3B4NXFPcy1aa21uME85eTRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWSSMAwQA
WSXBAwQAXrDWAwQAXrEzMA0GCSqGSIb3DQEBCwUAA4IBAQAkr2oYXOcZM70ivsFa
xxcfpRG+8IumnSBi1TB9LXXU7Wm5+pvaeZopxyN7FETC+zC2yqetOhNclGDbrkC7
xzEMylxcXsi/PerWH819CvR9lxGyGU9a3myMYqgL+naqr8ayP5Lh0pYsTF7etT+c
e0WC2GVeYrNYdqGwEfwg3mH7lX/sJ8nHqezuRrFAZl5HBv4aTFKLqHudWPAZJrX8
wpMrQQbf69IkhuhymdZg3+0u9QF3d14YCCG3icpMF+EVbvgw4bP/CPxqsmc9Hg3f
IBEuuvr+vsJ3sIDtbkoPD3MIqJ4C8lENXZgJ7Nv/xF5LgzX2JHqrbikI90uBlvOm
6eJs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:10 2024 by rpki-client on console-fra.rpki-client.org