Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/mjN0qWVDsmqNQfWJbN1Qldz_alA.roa
File: mjN0qWVDsmqNQfWJbN1Qldz_alA.roa (raw, json)
Hash identifier: S6iSY8OuZGNvEveh0mtQo8Sq9r4YAZjx4OPH4LvOHoY=
Subject key identifier: 9A:33:74:A9:65:43:B2:6A:8D:41:F5:89:6C:DD:50:95:DC:FF:6A:50
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01889A7B4D3227D90A828B1BFE8BF42C87A4
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/mjN0qWVDsmqNQfWJbN1Qldz_alA.roa
Signing time: Thu 08 Jun 2023 10:09:11 +0000
ROA not before: Thu 08 Jun 2023 10:09:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51722
IP address blocks: 89.37.194.0/24 maxlen: 24
89.34.219.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Jun 2023 09:08:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9a:7b:4d:32:27:d9:0a:82:8b:1b:fe:8b:f4:2c:87:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jun 8 10:09:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a3374a96543b26a8d41f5896cdd5095dcff6a50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:94:46:ea:53:89:91:d7:8c:22:2f:16:52:44:
0d:77:64:18:6f:f2:92:b8:0d:6a:8a:11:0b:ab:97:
6a:e8:a3:d4:39:49:41:36:36:b5:0b:b2:96:99:65:
b8:8e:1e:a8:1f:81:ae:f1:dc:4e:36:67:c0:a2:ff:
3f:7c:c6:35:66:03:89:1f:2d:6d:6f:a2:ff:4d:7a:
b4:72:2a:5c:bd:ad:5c:8c:59:87:74:2f:d0:d3:7b:
63:ca:51:17:71:bb:05:2e:79:1c:48:50:ec:c6:94:
56:a2:17:eb:ee:87:c2:bc:4e:d6:27:52:da:70:f1:
42:94:16:64:4d:20:84:28:33:0b:bd:57:68:52:e2:
10:1b:1c:be:d6:b2:35:18:02:a9:18:f2:77:a3:19:
90:17:31:ae:92:39:30:21:c1:22:18:6a:61:51:de:
29:ba:61:1c:26:18:86:21:8b:da:e7:65:36:2f:73:
5d:dc:18:cb:98:8a:ef:bf:c7:6a:9e:70:1d:f2:c9:
2e:e4:4f:81:22:fe:f2:7c:95:d1:72:5b:1b:b0:90:
cd:7a:f0:62:47:d9:8e:e2:17:12:20:d3:8c:6e:94:
61:c9:2b:d5:90:d2:c8:46:ab:14:44:bc:53:b7:e3:
dd:c6:2d:4e:3c:09:2b:9c:23:21:f5:8d:11:f9:5d:
e5:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:33:74:A9:65:43:B2:6A:8D:41:F5:89:6C:DD:50:95:DC:FF:6A:50
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/mjN0qWVDsmqNQfWJbN1Qldz_alA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.219.0/24
89.37.194.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:19:77:d1:ea:f2:82:2a:25:f8:25:bc:28:88:82:05:1a:ff:
54:aa:74:26:cf:c0:0c:c0:00:1e:61:4f:b3:d5:c3:0e:ad:11:
a0:94:82:fe:b5:fe:b2:ce:e1:21:85:d0:56:4f:f7:4d:4a:72:
b2:90:5d:5c:5b:86:58:5a:71:e5:bc:ae:76:23:12:c5:2a:ad:
03:b6:c2:bf:dc:df:55:89:e0:3d:b9:5b:7f:a6:f8:38:d0:76:
34:b5:cf:74:e7:80:ab:99:05:6f:ba:3e:ae:9e:09:b6:e8:e8:
b3:8f:b5:e9:ac:7a:45:cd:52:9d:0e:01:fe:da:c7:35:a8:6b:
b7:2a:45:1f:c3:a8:37:21:22:48:12:e3:08:85:26:f7:48:ca:
68:21:59:69:50:ea:88:08:cd:8e:cc:6b:35:e6:63:a9:83:16:
4a:a4:7a:7f:7c:3b:e3:21:1e:7d:75:3e:5a:7b:1f:30:d5:61:
7e:c9:28:2a:4f:de:f3:ed:fc:c3:90:5d:a3:47:f2:a3:bb:1d:
7d:60:5e:d4:7a:ef:b9:b3:51:96:5d:e5:c8:1f:45:b8:95:e9:
51:e1:cb:a3:80:f8:33:43:9e:eb:5d:37:31:83:d8:32:2d:ed:
e7:a1:10:d7:29:0e:9b:4b:35:dc:4b:49:fd:47:f6:3f:01:56:
88:63:82:69
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiae00yJ9kKgosb/ov0LIekMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwNjA4MTAwOTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTMzNzRhOTY1NDNiMjZhOGQ0MWY1ODk2Y2RkNTA5NWRjZmY2YTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZRG6lOJkdeMIi8WUkQNd2QYb/KS
uA1qihELq5dq6KPUOUlBNja1C7KWmWW4jh6oH4Gu8dxONmfAov8/fMY1ZgOJHy1t
b6L/TXq0cipcva1cjFmHdC/Q03tjylEXcbsFLnkcSFDsxpRWohfr7ofCvE7WJ1La
cPFClBZkTSCEKDMLvVdoUuIQGxy+1rI1GAKpGPJ3oxmQFzGukjkwIcEiGGphUd4p
umEcJhiGIYva52U2L3Nd3BjLmIrvv8dqnnAd8sku5E+BIv7yfJXRclsbsJDNevBi
R9mO4hcSINOMbpRhySvVkNLIRqsURLxTt+Pdxi1OPAkrnCMh9Y0R+V3lpwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJozdKllQ7JqjUH1iWzdUJXc/2pQMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvbWpOMHFXVkRzbXFOUWZXSmJOMVFsZHpfYWxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSLbAwQA
WSXCMA0GCSqGSIb3DQEBCwUAA4IBAQBsGXfR6vKCKiX4JbwoiIIFGv9UqnQmz8AM
wAAeYU+z1cMOrRGglIL+tf6yzuEhhdBWT/dNSnKykF1cW4ZYWnHlvK52IxLFKq0D
tsK/3N9VieA9uVt/pvg40HY0tc9054CrmQVvuj6ungm26Oizj7XprHpFzVKdDgH+
2sc1qGu3KkUfw6g3ISJIEuMIhSb3SMpoIVlpUOqICM2OzGs15mOpgxZKpHp/fDvj
IR59dT5aex8w1WF+ySgqT97z7fzDkF2jR/Kjux19YF7Ueu+5s1GWXeXIH0W4lelR
4cujgPgzQ57rXTcxg9gyLe3noRDXKQ6bSzXcS0n9R/Y/AVaIY4Jp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:10 2024 by rpki-client on console-fra.rpki-client.org