Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/lY_QVlpNWhIP8X3LoQ-Tz9P2irc.roa
File: lY_QVlpNWhIP8X3LoQ-Tz9P2irc.roa (raw, json)
Hash identifier: 6Na/k5zlREBArJGxfDktVQd80B0SePZUS7SMvySpAP0=
Subject key identifier: 95:8F:D0:56:5A:4D:5A:12:0F:F1:7D:CB:A1:0F:93:CF:D3:F6:8A:B7
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0189FD1041F71EA8083A1D9536F94A568FF4
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/lY_QVlpNWhIP8X3LoQ-Tz9P2irc.roa
Signing time: Wed 16 Aug 2023 06:37:28 +0000
ROA not before: Wed 16 Aug 2023 06:37:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197450
IP address blocks: 188.212.121.0/24 maxlen: 24
89.35.73.0/24 maxlen: 24
93.113.171.0/24 maxlen: 24
92.114.32.0/24 maxlen: 24
89.45.162.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 18 Aug 2023 06:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fd:10:41:f7:1e:a8:08:3a:1d:95:36:f9:4a:56:8f:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Aug 16 06:37:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=958fd0565a4d5a120ff17dcba10f93cfd3f68ab7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:dc:46:f0:ce:ac:0e:c0:28:aa:c9:37:ef:88:
a9:24:62:70:17:73:07:56:4d:85:e8:97:af:51:61:
86:9c:36:fd:1b:41:84:12:10:48:0b:a2:39:56:f5:
18:4c:b3:9d:37:ad:74:86:2c:68:6b:75:60:5c:9b:
6e:06:d9:84:fd:20:69:c3:b1:11:10:ed:bb:99:1e:
73:f6:52:93:db:c5:ed:25:92:9b:7d:5d:f3:ab:08:
74:d9:39:20:33:f6:2c:c2:ba:6e:f0:de:c9:76:23:
36:7e:5c:68:b9:7a:0b:6b:1b:0b:84:1a:21:e0:2d:
bd:b1:6f:80:01:86:b6:da:2d:c5:fe:46:1c:37:c8:
5b:05:2b:7d:4b:52:1a:07:29:23:6d:ab:7d:a6:8b:
3e:79:c1:48:8a:97:55:f0:af:97:44:cf:f4:3c:89:
cc:0f:30:06:88:15:75:ab:63:96:cd:fd:1f:6d:8b:
ba:87:8f:61:58:32:1f:ad:39:b4:ca:91:9f:4a:b1:
b7:2c:28:c1:89:16:b2:9e:75:2c:be:e4:ab:9c:c6:
5c:33:dc:3f:ca:0c:bf:24:63:11:89:dc:e0:52:0d:
ac:d6:e8:0f:de:d6:8f:13:08:20:a1:4a:33:e2:28:
ef:03:bc:2c:b1:4c:db:f9:0d:07:6d:73:b4:59:3d:
83:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:8F:D0:56:5A:4D:5A:12:0F:F1:7D:CB:A1:0F:93:CF:D3:F6:8A:B7
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/lY_QVlpNWhIP8X3LoQ-Tz9P2irc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.73.0/24
89.45.162.0/24
92.114.32.0/24
93.113.171.0/24
188.212.121.0/24
Signature Algorithm: sha256WithRSAEncryption
33:65:db:62:53:9b:e4:b9:36:a6:5b:71:d8:7b:d5:87:b2:3c:
0e:f6:77:85:cf:71:f8:e2:8a:5c:b5:c3:f7:47:0c:cf:e2:76:
d9:21:55:e3:f6:87:18:45:26:c7:a2:9c:4c:97:92:0f:4e:71:
d9:7c:bd:36:2a:b6:58:73:88:fc:2e:24:07:63:bb:8a:db:19:
72:8b:0f:ec:c9:4f:4e:1f:5b:e5:a4:04:5e:11:82:32:11:9c:
1b:d6:22:89:a4:ca:f5:b8:ab:5c:b8:28:6a:e6:bd:06:13:20:
24:b4:88:0e:32:ff:e7:c3:6c:9b:b7:39:46:79:d8:2c:a3:7d:
24:3d:7c:3e:cf:aa:89:ea:dc:c6:32:a1:b9:83:da:9d:e1:f4:
77:dc:da:29:c5:eb:39:14:c5:b0:4b:a4:2b:5e:8a:c0:30:76:
df:77:cc:be:02:ae:a7:dd:ee:57:4f:ff:ac:8c:75:c2:fd:1a:
92:8d:17:56:79:1e:80:5b:43:63:64:28:66:8c:05:8c:fb:9d:
5b:2f:a0:27:c4:75:7f:a7:ce:63:69:34:20:fa:53:21:98:ea:
80:03:aa:23:e9:62:e3:2b:ba:1e:56:b9:d3:78:db:29:56:3b:
bb:29:a4:40:d8:01:2b:38:d2:10:17:4f:00:ad:11:f6:7e:80:
6d:94:de:5a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYn9EEH3HqgIOh2VNvlKVo/0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwODE2MDYzNzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NThmZDA1NjVhNGQ1YTEyMGZmMTdkY2JhMTBmOTNjZmQzZjY4YWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5dxG8M6sDsAoqsk374ipJGJwF3MH
Vk2F6JevUWGGnDb9G0GEEhBIC6I5VvUYTLOdN610hixoa3VgXJtuBtmE/SBpw7ER
EO27mR5z9lKT28XtJZKbfV3zqwh02TkgM/Yswrpu8N7JdiM2flxouXoLaxsLhBoh
4C29sW+AAYa22i3F/kYcN8hbBSt9S1IaBykjbat9pos+ecFIipdV8K+XRM/0PInM
DzAGiBV1q2OWzf0fbYu6h49hWDIfrTm0ypGfSrG3LCjBiRaynnUsvuSrnMZcM9w/
ygy/JGMRidzgUg2s1ugP3taPEwggoUoz4ijvA7wssUzb+Q0HbXO0WT2DGQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJWP0FZaTVoSD/F9y6EPk8/T9oq3MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvbFlfUVZscE5XaElQOFgzTG9RLVR6OVAyaXJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWSNJAwQA
WS2iAwQAXHIgAwQAXXGrAwQAvNR5MA0GCSqGSIb3DQEBCwUAA4IBAQAzZdtiU5vk
uTamW3HYe9WHsjwO9neFz3H44opctcP3RwzP4nbZIVXj9ocYRSbHopxMl5IPTnHZ
fL02KrZYc4j8LiQHY7uK2xlyiw/syU9OH1vlpAReEYIyEZwb1iKJpMr1uKtcuChq
5r0GEyAktIgOMv/nw2ybtzlGedgso30kPXw+z6qJ6tzGMqG5g9qd4fR33Nopxes5
FMWwS6QrXorAMHbfd8y+Aq6n3e5XT/+sjHXC/RqSjRdWeR6AW0NjZChmjAWM+51b
L6AnxHV/p85jaTQg+lMhmOqAA6oj6WLjK7oeVrnTeNspVju7KaRA2AErONIQF08A
rRH2foBtlN5a
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:14 2024 by rpki-client on console-ams.rpki-client.org