Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/c63c94-e569-41b8-8e2b-d18b09cf3a1d/1/iftsiHoPhgORWMrzblI3WA1CFEY.roa
File: iftsiHoPhgORWMrzblI3WA1CFEY.roa (raw, json)
Hash identifier: ozkM2ZQUyaD+dhMGQL7t4hIuUyvnScJuosZZPgfpHvA=
Subject key identifier: 89:FB:6C:88:7A:0F:86:03:91:58:CA:F3:6E:52:37:58:0D:42:14:46
Certificate issuer: /CN=cb1383473e8aa8727068fc752e060e3dbf63e0ef
Certificate serial: 01898C5286A4E945824FE9D8C72FE96E75D9
Authority key identifier: CB:13:83:47:3E:8A:A8:72:70:68:FC:75:2E:06:0E:3D:BF:63:E0:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yxODRz6KqHJwaPx1LgYOPb9j4O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/c63c94-e569-41b8-8e2b-d18b09cf3a1d/1/iftsiHoPhgORWMrzblI3WA1CFEY.roa
Signing time: Tue 25 Jul 2023 09:12:45 +0000
ROA not before: Tue 25 Jul 2023 09:12:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33915
IP address blocks: 194.34.199.0/24 maxlen: 24
194.35.73.0/24 maxlen: 24
194.35.75.0/24 maxlen: 24
194.104.99.0/24 maxlen: 24
2a00:7940::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 25 Jul 2023 09:13:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8c:52:86:a4:e9:45:82:4f:e9:d8:c7:2f:e9:6e:75:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb1383473e8aa8727068fc752e060e3dbf63e0ef
Validity
Not Before: Jul 25 09:12:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89fb6c887a0f86039158caf36e5237580d421446
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:06:84:9b:e4:ae:0f:37:86:ff:e0:16:50:53:
f2:cc:20:05:f1:d7:a5:44:e9:e6:15:62:f1:6a:51:
62:2e:bc:cc:05:ef:85:ae:10:35:27:fa:1b:c6:ac:
9f:24:ed:9c:39:55:cb:56:f0:36:85:99:dd:ac:07:
7f:05:85:e6:fa:a2:5b:6c:02:1c:ef:e8:63:09:3f:
c9:3d:de:1a:3d:22:69:c6:8a:f5:51:a6:22:f3:69:
aa:df:14:71:9e:53:91:06:48:2d:70:e5:00:eb:24:
89:ee:1a:51:c2:2b:be:98:d4:ec:a2:f0:fa:6e:04:
53:1d:d0:f7:f8:f8:01:02:df:82:eb:e8:ff:43:55:
48:df:e7:e2:83:a5:c0:3e:f8:4f:48:92:b3:a7:b7:
44:fa:49:20:02:89:bd:83:c0:c4:86:f5:6e:48:44:
c7:bb:77:65:db:65:6a:15:2f:5d:25:0f:7a:11:a7:
dd:6b:a4:40:2e:6d:4c:95:72:e6:59:39:08:71:0b:
68:a8:08:1b:d6:c6:6d:3b:c2:0f:65:94:74:96:b6:
10:30:fd:09:ce:88:04:a1:92:6e:8c:4e:37:fb:a9:
85:6c:43:84:f6:85:96:2a:ee:35:9d:04:3a:30:37:
a1:e8:9c:d2:74:5e:ea:95:1f:31:aa:2e:16:e3:ea:
89:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:FB:6C:88:7A:0F:86:03:91:58:CA:F3:6E:52:37:58:0D:42:14:46
X509v3 Authority Key Identifier:
keyid:CB:13:83:47:3E:8A:A8:72:70:68:FC:75:2E:06:0E:3D:BF:63:E0:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yxODRz6KqHJwaPx1LgYOPb9j4O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/c63c94-e569-41b8-8e2b-d18b09cf3a1d/1/iftsiHoPhgORWMrzblI3WA1CFEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/c63c94-e569-41b8-8e2b-d18b09cf3a1d/1/yxODRz6KqHJwaPx1LgYOPb9j4O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.199.0/24
194.35.73.0/24
194.35.75.0/24
194.104.99.0/24
IPv6:
2a00:7940::/32
Signature Algorithm: sha256WithRSAEncryption
4a:b4:2c:ca:c2:30:8c:d9:6c:36:3a:f8:6e:7a:b0:a7:9d:10:
28:35:04:1b:15:af:76:d8:ae:fb:11:f0:80:b3:df:21:fb:f6:
8d:e5:be:12:f6:e8:85:12:66:91:cc:b1:c6:20:67:05:f7:52:
38:9d:6b:b5:51:5c:c6:be:ff:be:54:8e:b5:a9:88:b1:7c:98:
b9:1d:a6:15:8b:66:44:bb:a9:de:df:cf:e4:8b:0a:d3:81:8d:
56:b1:79:b1:92:9b:55:05:8d:c4:a0:a2:81:59:cc:e7:7a:cf:
70:67:a5:e8:fd:09:72:db:fd:9b:d0:fc:55:d4:8c:39:c5:4d:
87:52:c5:1c:35:95:8d:0e:73:7e:8f:0c:59:b4:c9:01:79:26:
81:87:ce:05:aa:36:a8:71:8c:6b:c7:f4:ea:3e:b9:20:3c:6b:
42:15:e8:f4:88:b6:da:c4:61:0e:7f:f1:6f:e2:c3:f0:80:ef:
94:22:af:f4:9e:03:a5:14:59:d7:01:9e:83:85:84:4d:4f:e3:
72:f0:c4:c9:1f:ce:10:b0:3f:54:a0:62:16:fc:60:f0:e6:73:
6e:c3:a9:ec:25:4b:af:b3:f7:93:5f:0c:10:28:9f:e3:0f:25:
a7:3a:ea:27:ee:0e:1f:7e:c6:62:fd:ee:d7:ab:90:d8:ed:5a:
eb:7c:df:b8
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYmMUoak6UWCT+nYxy/pbnXZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMTM4MzQ3M2U4YWE4NzI3MDY4ZmM3NTJlMDYwZTNkYmY2
M2UwZWYwHhcNMjMwNzI1MDkxMjQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWZiNmM4ODdhMGY4NjAzOTE1OGNhZjM2ZTUyMzc1ODBkNDIxNDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQaEm+SuDzeG/+AWUFPyzCAF8del
ROnmFWLxalFiLrzMBe+FrhA1J/obxqyfJO2cOVXLVvA2hZndrAd/BYXm+qJbbAIc
7+hjCT/JPd4aPSJpxor1UaYi82mq3xRxnlORBkgtcOUA6ySJ7hpRwiu+mNTsovD6
bgRTHdD3+PgBAt+C6+j/Q1VI3+fig6XAPvhPSJKzp7dE+kkgAom9g8DEhvVuSETH
u3dl22VqFS9dJQ96Eafda6RALm1MlXLmWTkIcQtoqAgb1sZtO8IPZZR0lrYQMP0J
zogEoZJujE43+6mFbEOE9oWWKu41nQQ6MDeh6JzSdF7qlR8xqi4W4+qJ5QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIn7bIh6D4YDkVjK825SN1gNQhRGMB8GA1UdIwQY
MBaAFMsTg0c+iqhycGj8dS4GDj2/Y+DvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXhPRFJ6NktxSEp3YVB4MUxnWU9QYjlqNE84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9jNjNjOTQtZTU2OS00MWI4LThlMmIt
ZDE4YjA5Y2YzYTFkLzEvaWZ0c2lIb1BoZ09SV01yemJsSTNXQTFDRkVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9jNjNjOTQtZTU2OS00MWI4LThlMmItZDE4YjA5Y2YzYTFk
LzEveXhPRFJ6NktxSEp3YVB4MUxnWU9QYjlqNE84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwiLHAwQA
wiNJAwQAwiNLAwQAwmhjMA0EAgACMAcDBQAqAHlAMA0GCSqGSIb3DQEBCwUAA4IB
AQBKtCzKwjCM2Ww2OvhuerCnnRAoNQQbFa922K77EfCAs98h+/aN5b4S9uiFEmaR
zLHGIGcF91I4nWu1UVzGvv++VI61qYixfJi5HaYVi2ZEu6ne38/kiwrTgY1WsXmx
kptVBY3EoKKBWcznes9wZ6Xo/Qly2/2b0PxV1Iw5xU2HUsUcNZWNDnN+jwxZtMkB
eSaBh84FqjaocYxrx/TqPrkgPGtCFej0iLbaxGEOf/Fv4sPwgO+UIq/0ngOlFFnX
AZ6DhYRNT+Ny8MTJH84QsD9UoGIW/GDw5nNuw6nsJUuvs/eTXwwQKJ/jDyWnOuon
7g4ffsZi/e7Xq5DY7VrrfN+4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:15 2024 by rpki-client on console-fra.rpki-client.org