Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/jHigTDQ601kqiI9ua5ulU9xLIvA.roa
File: jHigTDQ601kqiI9ua5ulU9xLIvA.roa (raw, json)
Hash identifier: p/DU1ER4vA5VNE//HmsFj94k87BoZ45ob80rvf8EeAM=
Subject key identifier: 8C:78:A0:4C:34:3A:D3:59:2A:88:8F:6E:6B:9B:A5:53:DC:4B:22:F0
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018CC4933B4836B4FC044AEFA2CD019A56F9
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/jHigTDQ601kqiI9ua5ulU9xLIvA.roa
Signing time: Mon 01 Jan 2024 10:30:32 +0000
ROA not before: Mon 01 Jan 2024 10:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 149977
IP address blocks: 89.34.202.0/24 maxlen: 24
89.37.192.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.35.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jan 2024 13:16:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:3b:48:36:b4:fc:04:4a:ef:a2:cd:01:9a:56:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 1 10:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c78a04c343ad3592a888f6e6b9ba553dc4b22f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4d:6f:3a:6c:15:9c:00:fd:00:9a:f7:57:c5:
04:80:ca:03:8b:d7:65:36:89:da:00:14:5d:d9:27:
ec:b1:a2:b3:04:c8:4a:8e:54:dd:35:e0:30:6f:48:
cc:8b:22:53:1a:5c:b6:d9:d0:9b:db:b7:4d:f7:2f:
e9:b3:15:7f:5e:af:8e:8e:6f:d1:3c:3c:2c:29:60:
f4:4d:7d:ca:11:0d:e1:5c:7a:91:54:89:3c:ec:2e:
0c:47:48:d4:c7:be:0f:a5:df:8b:c5:34:25:95:4c:
24:bd:54:cc:70:06:1e:bc:00:ff:2c:cc:ac:ed:d2:
f4:d9:23:06:95:22:bd:ca:ec:71:5d:37:77:c8:dd:
60:16:2c:ad:1b:00:f4:bf:06:1b:13:cd:54:d2:99:
1e:9d:6f:d9:69:d6:1e:a2:e3:12:a9:36:2d:43:e3:
99:82:90:bb:76:8d:1f:30:2f:fb:62:8e:2b:a2:e2:
6e:ab:b6:63:2e:5e:8f:54:c5:d7:5f:ce:4d:ad:fd:
89:8b:85:78:76:47:0f:96:26:0f:ad:2f:8d:9e:2d:
f4:8e:2e:8c:6d:87:5f:c1:9f:8d:e1:02:9d:ce:60:
59:7e:81:a9:2f:e8:fe:e5:2d:0b:b6:ff:6c:34:ca:
b8:16:57:ec:7b:96:1c:1e:9f:73:11:35:7c:1a:ad:
a1:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:78:A0:4C:34:3A:D3:59:2A:88:8F:6E:6B:9B:A5:53:DC:4B:22:F0
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/jHigTDQ601kqiI9ua5ulU9xLIvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.106.0/24
89.34.202.0/24
89.35.131.0/24
89.37.192.0/24
Signature Algorithm: sha256WithRSAEncryption
14:11:15:f2:87:9c:34:29:28:2b:cb:33:14:3b:14:46:3f:a2:
c2:52:de:62:67:fd:cb:aa:ac:1c:f6:ec:b2:27:aa:89:62:24:
f4:54:d6:b3:a6:20:6c:75:c8:d1:80:d4:a0:de:f4:1d:63:f7:
d1:d4:a9:29:cd:5b:51:39:c6:c5:8e:9f:ab:63:32:4e:89:69:
59:a0:cb:45:68:9b:e1:6b:dd:8d:db:52:1f:fd:79:d4:64:c4:
25:cf:ec:dc:07:c6:14:34:59:2b:86:ff:03:8f:44:75:ec:a1:
4f:a6:6d:b8:ff:b0:ed:fc:9d:2c:8c:2d:a7:34:b7:9d:c6:88:
95:16:50:62:a3:eb:7a:f5:4c:ca:39:9c:dc:3d:fc:a0:6d:49:
96:15:af:0b:2f:ae:53:9d:a3:ed:25:bb:02:0a:a8:f4:eb:15:
3e:22:b7:ca:c6:38:10:d6:32:db:f2:c6:de:1a:71:6f:e2:83:
fb:11:17:58:21:b7:04:fc:54:a0:66:60:8f:a9:6a:3f:f4:14:
1d:68:ac:94:6d:bf:99:fd:96:de:e9:b1:21:cd:36:65:6f:78:
6c:36:2f:0c:9f:1b:a8:a5:ef:06:56:c5:a4:86:af:f5:b6:c7:
7c:9e:03:b2:84:70:8b:7c:96:ac:5e:5a:c8:50:af:80:f4:e9:
ee:37:b3:51
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEkztINrT8BErvos0Bmlb5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwMTAxMTAzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yzc4YTA0YzM0M2FkMzU5MmE4ODhmNmU2YjliYTU1M2RjNGIyMmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiU1vOmwVnAD9AJr3V8UEgMoDi9dl
NonaABRd2SfssaKzBMhKjlTdNeAwb0jMiyJTGly22dCb27dN9y/psxV/Xq+Ojm/R
PDwsKWD0TX3KEQ3hXHqRVIk87C4MR0jUx74Ppd+LxTQllUwkvVTMcAYevAD/LMys
7dL02SMGlSK9yuxxXTd3yN1gFiytGwD0vwYbE81U0pkenW/ZadYeouMSqTYtQ+OZ
gpC7do0fMC/7Yo4rouJuq7ZjLl6PVMXXX85Nrf2Ji4V4dkcPliYPrS+Nni30ji6M
bYdfwZ+N4QKdzmBZfoGpL+j+5S0Ltv9sNMq4Flfse5YcHp9zETV8Gq2h8QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIx4oEw0OtNZKoiPbmubpVPcSyLwMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvakhpZ1REUTYwMWtxaUk5dWE1dWxVOXhMSXZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWSJqAwQA
WSLKAwQAWSODAwQAWSXAMA0GCSqGSIb3DQEBCwUAA4IBAQAUERXyh5w0KSgryzMU
OxRGP6LCUt5iZ/3Lqqwc9uyyJ6qJYiT0VNazpiBsdcjRgNSg3vQdY/fR1KkpzVtR
OcbFjp+rYzJOiWlZoMtFaJvha92N21If/XnUZMQlz+zcB8YUNFkrhv8Dj0R17KFP
pm24/7Dt/J0sjC2nNLedxoiVFlBio+t69UzKOZzcPfygbUmWFa8LL65TnaPtJbsC
Cqj06xU+IrfKxjgQ1jLb8sbeGnFv4oP7ERdYIbcE/FSgZmCPqWo/9BQdaKyUbb+Z
/Zbe6bEhzTZlb3hsNi8Mnxuope8GVsWkhq/1tsd8ngOyhHCLfJasXlrIUK+A9Onu
N7NR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:10 2024 by rpki-client on console-fra.rpki-client.org