Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/i7ERsIVh4JqI0BPdrql5Uya8P0U.roa
File: i7ERsIVh4JqI0BPdrql5Uya8P0U.roa (raw, json)
Hash identifier: PvKdXcbo3XoV1aAe7sC6nxYH53Ce6PUYjda59s6N02g=
Subject key identifier: 8B:B1:11:B0:85:61:E0:9A:88:D0:13:DD:AE:A9:79:53:26:BC:3F:45
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0191F90B3CCAD1AA6848F89D53B6A0DAEC85
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/i7ERsIVh4JqI0BPdrql5Uya8P0U.roa
Signing time: Mon 16 Sep 2024 04:15:48 +0000
ROA not before: Mon 16 Sep 2024 04:15:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215224
IP address blocks: 89.40.70.0/24 maxlen: 24
93.113.255.0/24 maxlen: 24
93.115.104.0/24 maxlen: 24
185.141.218.0/24 maxlen: 24
185.198.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 06 Oct 2024 16:32:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f9:0b:3c:ca:d1:aa:68:48:f8:9d:53:b6:a0:da:ec:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Sep 16 04:15:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8bb111b08561e09a88d013ddaea9795326bc3f45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:80:a8:72:cc:97:8f:57:f3:4f:54:de:21:8b:
20:10:cf:bd:2a:db:25:92:e6:0b:90:df:af:67:6f:
be:72:79:db:c6:5c:6f:d9:2d:6a:14:03:d5:06:34:
79:0b:2b:10:cd:9f:0f:23:eb:3b:3d:dc:71:38:13:
7b:64:c7:4a:8e:72:28:20:05:76:42:f6:91:6e:cf:
2f:49:93:e7:19:b7:5f:7d:af:52:b8:d3:0d:e8:37:
f3:58:64:e9:e5:33:72:18:6a:95:f6:da:e1:ff:b9:
11:4f:6a:44:0b:89:22:57:83:b0:10:69:0a:68:1f:
61:a3:0e:47:3a:bb:20:8f:b1:1a:b0:0d:76:fa:64:
d9:64:c1:a8:76:6c:f6:54:cf:5b:1e:f4:66:c6:b3:
ad:e8:0b:0f:2e:40:3f:21:25:2f:2e:77:8d:c2:45:
91:0c:8b:48:d0:6a:f5:87:88:bd:7b:81:8b:7b:ae:
2f:77:88:a7:f7:5e:da:8d:04:f8:ee:88:ac:f5:6d:
f7:6a:78:47:a1:d6:4b:51:48:fd:38:fc:0d:e4:20:
9c:98:f7:6a:57:ef:de:9e:f6:38:d5:f2:b6:41:57:
bf:55:78:c8:24:39:6e:2b:df:70:9d:10:9a:38:61:
12:e6:01:32:df:25:25:24:3e:96:10:34:5d:bf:70:
fa:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:B1:11:B0:85:61:E0:9A:88:D0:13:DD:AE:A9:79:53:26:BC:3F:45
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/i7ERsIVh4JqI0BPdrql5Uya8P0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.70.0/24
93.113.255.0/24
93.115.104.0/24
185.141.218.0/24
185.198.235.0/24
Signature Algorithm: sha256WithRSAEncryption
26:5b:51:75:e7:15:8e:6b:bf:9d:fa:9c:98:d2:6c:34:9d:18:
3c:67:80:93:43:ff:af:4c:d8:0c:98:d9:91:a4:b0:8b:c6:66:
cd:94:db:7e:c2:be:54:be:16:ad:b4:0c:bf:b5:9b:93:47:2d:
cc:df:8c:a8:73:60:57:91:d8:81:be:29:fb:8f:6e:f8:3e:a2:
b0:9e:02:6d:fb:63:58:b7:5d:83:f9:74:70:e8:39:03:40:bd:
d2:36:9c:53:d7:83:1e:ed:6b:a4:f2:89:71:30:67:fc:fb:a9:
d9:60:c9:f8:7c:52:d2:37:14:38:03:3e:36:a8:68:3e:14:6e:
67:89:33:dc:f9:ff:8e:7b:2b:16:4c:53:2f:2d:1c:0e:58:97:
bc:3e:38:fa:6c:45:4a:2b:bb:06:80:e0:3c:10:a0:56:66:81:
87:c7:7f:08:2d:6c:3e:ff:7d:39:ab:62:31:19:c3:71:f0:09:
f0:7c:00:61:12:c3:eb:b5:0b:2b:b1:2c:07:de:c8:8b:ad:64:
ff:90:9e:50:55:5f:a6:ca:a5:2d:a4:f2:15:cf:52:be:df:a9:
2e:ae:e8:6f:43:ac:0c:48:23:bc:24:28:48:c0:59:56:3b:fa:
91:59:23:a1:9c:0d:04:fd:8a:a1:1a:28:03:55:95:95:af:24:
47:68:12:37
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZH5CzzK0apoSPidU7ag2uyFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwOTE2MDQxNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmIxMTFiMDg1NjFlMDlhODhkMDEzZGRhZWE5Nzk1MzI2YmMzZjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoCocsyXj1fzT1TeIYsgEM+9Ktsl
kuYLkN+vZ2++cnnbxlxv2S1qFAPVBjR5CysQzZ8PI+s7PdxxOBN7ZMdKjnIoIAV2
QvaRbs8vSZPnGbdffa9SuNMN6DfzWGTp5TNyGGqV9trh/7kRT2pEC4kiV4OwEGkK
aB9how5HOrsgj7EasA12+mTZZMGodmz2VM9bHvRmxrOt6AsPLkA/ISUvLneNwkWR
DItI0Gr1h4i9e4GLe64vd4in917ajQT47ois9W33anhHodZLUUj9OPwN5CCcmPdq
V+/envY41fK2QVe/VXjIJDluK99wnRCaOGES5gEy3yUlJD6WEDRdv3D6jQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIuxEbCFYeCaiNAT3a6peVMmvD9FMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvaTdFUnNJVmg0SnFJMEJQZHJxbDVVeWE4UDBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWShGAwQA
XXH/AwQAXXNoAwQAuY3aAwQAucbrMA0GCSqGSIb3DQEBCwUAA4IBAQAmW1F15xWO
a7+d+pyY0mw0nRg8Z4CTQ/+vTNgMmNmRpLCLxmbNlNt+wr5UvhattAy/tZuTRy3M
34yoc2BXkdiBvin7j274PqKwngJt+2NYt12D+XRw6DkDQL3SNpxT14Me7Wuk8olx
MGf8+6nZYMn4fFLSNxQ4Az42qGg+FG5niTPc+f+OeysWTFMvLRwOWJe8Pjj6bEVK
K7sGgOA8EKBWZoGHx38ILWw+/305q2IxGcNx8AnwfABhEsPrtQsrsSwH3siLrWT/
kJ5QVV+myqUtpPIVz1K+36kuruhvQ6wMSCO8JChIwFlWO/qRWSOhnA0E/YqhGigD
VZWVryRHaBI3
-----END CERTIFICATE-----
Generated at Sun Oct 6 21:05:55 2024 by rpki-client on console-ams.rpki-client.org