Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/qKNFdKudLuWeLlv8TDjsITlZeMo.roa
File: qKNFdKudLuWeLlv8TDjsITlZeMo.roa (raw, json)
Hash identifier: mz6Tz/2pvwK4UxwAP6OVD5AusS4SapkZtGksiOOm3uk=
Subject key identifier: A8:A3:45:74:AB:9D:2E:E5:9E:2E:5B:FC:4C:38:EC:21:39:59:78:CA
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0190B76851C5F8749EFB5DC59234C8E01FE5
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/qKNFdKudLuWeLlv8TDjsITlZeMo.roa
Signing time: Mon 15 Jul 2024 17:19:45 +0000
ROA not before: Mon 15 Jul 2024 17:19:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211014
IP address blocks: 89.40.70.0/24 maxlen: 24
89.45.44.0/24 maxlen: 24
93.113.255.0/24 maxlen: 24
185.141.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jul 2024 11:06:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b7:68:51:c5:f8:74:9e:fb:5d:c5:92:34:c8:e0:1f:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jul 15 17:19:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8a34574ab9d2ee59e2e5bfc4c38ec21395978ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:50:f6:c4:a2:3a:95:85:86:f0:2f:5a:41:f7:
59:37:ac:e9:eb:65:f9:df:97:79:6e:f3:d8:49:4d:
d5:99:9c:02:e6:9e:25:ea:8a:9d:0e:05:7b:64:ef:
85:2e:df:f3:91:c0:91:b1:cf:d0:ce:39:2b:12:72:
76:ff:6f:aa:fc:72:e6:3b:99:9b:35:2e:fa:a6:3c:
0f:6a:7b:8c:71:40:c2:68:56:49:d0:fc:d2:f1:9f:
bc:db:89:ec:14:9d:d4:94:90:c4:95:35:3e:e4:53:
35:8f:72:82:b7:d7:f7:a2:d0:1c:2f:33:d1:83:f6:
7f:3c:a0:eb:3c:34:96:a7:c3:07:14:58:6f:8f:50:
88:84:d5:f1:24:b3:e3:d5:32:20:ba:85:98:e6:7c:
70:9d:13:30:b0:43:8b:f3:91:c6:de:2a:08:7b:a3:
ca:92:bb:af:3f:25:67:69:dd:2f:d4:07:7c:40:7e:
53:cd:48:62:ac:d3:13:47:d7:65:df:c3:44:d4:0d:
bb:bc:bf:ca:7c:33:13:1d:6b:18:fb:10:0a:f3:53:
db:3e:db:57:5d:e1:75:0a:f6:91:70:2b:3d:5c:9c:
b9:8f:60:54:fd:10:08:69:a7:66:40:fb:9f:21:5f:
c1:c4:13:ea:d4:a6:fe:ee:a8:d7:c5:16:09:0a:b9:
bc:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A3:45:74:AB:9D:2E:E5:9E:2E:5B:FC:4C:38:EC:21:39:59:78:CA
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/qKNFdKudLuWeLlv8TDjsITlZeMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.70.0/24
89.45.44.0/24
93.113.255.0/24
185.141.217.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:c1:fd:4e:a3:48:f7:d6:00:ef:ae:23:1d:09:e6:7f:05:06:
17:35:96:d0:1e:e6:79:c5:8b:07:e5:1e:c1:80:7d:00:c9:ed:
8e:e7:da:87:ec:c0:78:8c:4a:c6:d2:63:01:b0:9b:5c:1a:ec:
57:bc:91:2c:c9:d5:3d:8c:63:f7:ee:ff:3a:c6:4d:86:34:d2:
11:82:07:5f:5e:76:70:ff:81:8a:af:8a:a1:6f:1e:85:c9:0d:
49:e7:67:3a:8a:51:3c:93:18:ee:a4:22:bb:da:52:39:6d:72:
a1:56:3e:9a:82:63:e4:4e:c5:62:43:b8:91:cb:67:78:09:ff:
c4:7d:3c:db:95:63:c5:e3:54:c3:a9:49:84:72:b1:6e:a3:ae:
bc:33:07:81:df:b5:0f:a7:c2:41:3a:57:83:ea:5b:71:cc:ec:
8b:28:c6:78:e9:cd:79:22:ee:60:47:40:ee:0e:4b:3a:c8:10:
e2:d0:f4:8f:53:d5:24:ad:ea:b7:0b:9b:82:ee:09:7c:54:df:
f3:46:56:15:b5:ec:d0:1c:d9:0a:63:41:70:84:f6:77:e5:56:
45:aa:16:40:3a:2f:55:64:d5:00:6f:95:37:94:b3:f5:c7:2d:
32:2f:ee:76:3c:04:a7:ca:60:3e:49:79:a6:05:ee:91:d5:39:
5e:a1:85:82
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZC3aFHF+HSe+13FkjTI4B/lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwNzE1MTcxOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGEzNDU3NGFiOWQyZWU1OWUyZTViZmM0YzM4ZWMyMTM5NTk3OGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1FD2xKI6lYWG8C9aQfdZN6zp62X5
35d5bvPYSU3VmZwC5p4l6oqdDgV7ZO+FLt/zkcCRsc/QzjkrEnJ2/2+q/HLmO5mb
NS76pjwPanuMcUDCaFZJ0PzS8Z+824nsFJ3UlJDElTU+5FM1j3KCt9f3otAcLzPR
g/Z/PKDrPDSWp8MHFFhvj1CIhNXxJLPj1TIguoWY5nxwnRMwsEOL85HG3ioIe6PK
kruvPyVnad0v1Ad8QH5TzUhirNMTR9dl38NE1A27vL/KfDMTHWsY+xAK81PbPttX
XeF1CvaRcCs9XJy5j2BU/RAIaadmQPufIV/BxBPq1Kb+7qjXxRYJCrm8SQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKijRXSrnS7lni5b/Ew47CE5WXjKMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvcUtORmRLdWRMdVdlTGx2OFREanNJVGxaZU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWShGAwQA
WS0sAwQAXXH/AwQAuY3ZMA0GCSqGSIb3DQEBCwUAA4IBAQAawf1Oo0j31gDvriMd
CeZ/BQYXNZbQHuZ5xYsH5R7BgH0Aye2O59qH7MB4jErG0mMBsJtcGuxXvJEsydU9
jGP37v86xk2GNNIRggdfXnZw/4GKr4qhbx6FyQ1J52c6ilE8kxjupCK72lI5bXKh
Vj6agmPkTsViQ7iRy2d4Cf/EfTzblWPF41TDqUmEcrFuo668MweB37UPp8JBOleD
6ltxzOyLKMZ46c15Iu5gR0DuDks6yBDi0PSPU9Ukreq3C5uC7gl8VN/zRlYVtezQ
HNkKY0FwhPZ35VZFqhZAOi9VZNUAb5U3lLP1xy0yL+52PASnymA+SXmmBe6R1Tle
oYWC
-----END CERTIFICATE-----
Generated at Wed Jul 17 14:07:27 2024 by rpki-client on console-ams.rpki-client.org