Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/kd7whuBEM_ZZUUCcr6jCB7e8QH0.roa
File: kd7whuBEM_ZZUUCcr6jCB7e8QH0.roa (raw, json)
Hash identifier: m5leDSdmApy83OSoLa9RDfZ12GcUlYovN6twqq2z2Q4=
Subject key identifier: 91:DE:F0:86:E0:44:33:F6:59:51:40:9C:AF:A8:C2:07:B7:BC:40:7D
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018C24692C7FD3570D0BD81CAB5F26050072
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/kd7whuBEM_ZZUUCcr6jCB7e8QH0.roa
Signing time: Fri 01 Dec 2023 08:05:21 +0000
ROA not before: Fri 01 Dec 2023 08:05:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 89.34.202.0/24 maxlen: 24
188.214.107.0/24 maxlen: 24
89.35.119.0/24 maxlen: 24
89.35.130.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 04 Dec 2023 08:53:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:24:69:2c:7f:d3:57:0d:0b:d8:1c:ab:5f:26:05:00:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Dec 1 08:05:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91def086e04433f65951409cafa8c207b7bc407d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:95:7d:2a:a8:6b:64:9d:3e:66:a6:22:f9:81:
71:0a:5e:71:86:d7:f1:fa:0e:ae:4c:3b:a9:97:52:
b0:07:15:ba:79:25:a6:45:54:c3:e4:5a:a8:5a:38:
68:16:72:c2:94:20:2b:1b:68:7c:cc:73:7c:1e:1e:
58:48:e3:af:ba:db:f4:d4:53:31:c0:be:94:d1:88:
2b:78:6d:0f:ad:4b:cb:a4:d9:95:08:f9:eb:5d:e9:
94:08:5e:50:0b:b1:06:1d:9a:fb:c8:d3:3b:73:60:
e3:76:c6:a5:5f:2f:fa:45:3a:c8:37:77:cd:89:00:
01:74:da:f3:16:eb:45:08:88:84:1f:e1:2f:0d:38:
30:9d:cf:a5:9b:67:b1:66:a8:43:ba:e4:b1:5b:7d:
78:ca:04:a3:f7:32:39:15:c4:74:50:1b:76:79:13:
e0:b7:66:ad:a8:a5:70:00:be:14:d8:a3:de:6e:85:
12:67:cd:b1:44:7d:a4:5c:70:b9:68:07:6e:87:0c:
1c:a9:db:f3:11:1d:24:5a:f4:fa:e7:ea:dc:51:2a:
ad:45:75:8e:07:7d:09:ff:bb:83:2e:ac:7f:f8:41:
05:54:71:42:34:e8:67:62:23:d0:8e:db:42:67:8a:
93:c7:a9:5e:9f:79:c5:54:6d:de:94:03:9a:fb:92:
f3:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:DE:F0:86:E0:44:33:F6:59:51:40:9C:AF:A8:C2:07:B7:BC:40:7D
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/kd7whuBEM_ZZUUCcr6jCB7e8QH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.202.0/24
89.35.119.0/24
89.35.130.0/23
188.214.107.0/24
Signature Algorithm: sha256WithRSAEncryption
65:d3:58:14:6f:32:51:54:6f:12:16:e2:88:3e:86:1a:5a:62:
e1:01:5b:9e:3d:af:a7:66:ee:1e:2d:48:02:c4:60:5d:5c:7a:
4a:f8:61:4e:fc:81:ed:14:77:22:55:8e:8e:5b:04:33:b1:8a:
19:45:0f:d8:bd:43:a8:cc:49:5a:88:fa:b0:fc:08:d6:21:b9:
52:b8:d9:e9:2d:89:7d:d0:d4:31:50:08:56:06:65:aa:a1:c0:
95:f6:33:e8:3d:4e:59:c5:09:39:7e:59:3e:e2:ab:1d:9d:b1:
c3:e2:d8:62:63:3b:34:b1:30:62:20:47:89:af:a7:b7:e9:e5:
73:15:53:9c:76:19:90:a3:2d:98:36:08:73:66:b6:5d:e8:07:
e7:ab:02:a1:20:1c:f8:84:ec:9b:8e:20:84:1e:82:95:d5:b1:
93:09:8b:d4:f1:8f:c0:77:a9:21:77:b3:4b:82:f9:2b:8c:58:
8f:f3:5b:68:13:ef:11:f7:7d:6f:8f:d6:7b:77:67:30:05:ad:
38:ac:bb:e2:31:17:16:25:33:7e:9b:81:96:74:82:11:06:09:
98:50:cc:a6:6b:19:9f:31:4b:c2:c1:46:f1:3c:e8:b4:39:a6:
16:4e:77:af:02:e2:c9:4c:47:99:6b:ed:89:ee:a4:e7:dd:92:
5c:bf:13:f3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYwkaSx/01cNC9gcq18mBQByMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMxMjAxMDgwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWRlZjA4NmUwNDQzM2Y2NTk1MTQwOWNhZmE4YzIwN2I3YmM0MDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5V9KqhrZJ0+ZqYi+YFxCl5xhtfx
+g6uTDupl1KwBxW6eSWmRVTD5FqoWjhoFnLClCArG2h8zHN8Hh5YSOOvutv01FMx
wL6U0YgreG0PrUvLpNmVCPnrXemUCF5QC7EGHZr7yNM7c2DjdsalXy/6RTrIN3fN
iQABdNrzFutFCIiEH+EvDTgwnc+lm2exZqhDuuSxW314ygSj9zI5FcR0UBt2eRPg
t2atqKVwAL4U2KPeboUSZ82xRH2kXHC5aAduhwwcqdvzER0kWvT65+rcUSqtRXWO
B30J/7uDLqx/+EEFVHFCNOhnYiPQjttCZ4qTx6len3nFVG3elAOa+5LzcQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJHe8IbgRDP2WVFAnK+owge3vEB9MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEva2Q3d2h1QkVNX1paVVVDY3I2akNCN2U4UUgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWSLKAwQA
WSN3AwQBWSOCAwQAvNZrMA0GCSqGSIb3DQEBCwUAA4IBAQBl01gUbzJRVG8SFuKI
PoYaWmLhAVuePa+nZu4eLUgCxGBdXHpK+GFO/IHtFHciVY6OWwQzsYoZRQ/YvUOo
zElaiPqw/AjWIblSuNnpLYl90NQxUAhWBmWqocCV9jPoPU5ZxQk5flk+4qsdnbHD
4thiYzs0sTBiIEeJr6e36eVzFVOcdhmQoy2YNghzZrZd6AfnqwKhIBz4hOybjiCE
HoKV1bGTCYvU8Y/Ad6khd7NLgvkrjFiP81toE+8R931vj9Z7d2cwBa04rLviMRcW
JTN+m4GWdIIRBgmYUMymaxmfMUvCwUbxPOi0OaYWTnevAuLJTEeZa+2J7qTn3ZJc
vxPz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:14 2024 by rpki-client on console-ams.rpki-client.org