Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/iMaGQhYtHRv2HSF49yrbHg418oA.roa
File: iMaGQhYtHRv2HSF49yrbHg418oA.roa (raw, json)
Hash identifier: hrTObI5ppQLP2D+AGcprVSd5fjgabxhCrzdpiJy9IFk=
Subject key identifier: 88:C6:86:42:16:2D:1D:1B:F6:1D:21:78:F7:2A:DB:1E:0E:35:F2:80
Certificate issuer: /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Certificate serial: 018DB0E7DD10A7C68D6F6B3579D4B2E0231F
Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/iMaGQhYtHRv2HSF49yrbHg418oA.roa
Signing time: Fri 16 Feb 2024 07:53:21 +0000
ROA not before: Fri 16 Feb 2024 07:53:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57888
IP address blocks: 89.111.200.0/24 maxlen: 24
89.111.246.0/24 maxlen: 24
94.250.18.0/24 maxlen: 24
94.250.116.0/22 maxlen: 22
94.250.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b0:e7:dd:10:a7:c6:8d:6f:6b:35:79:d4:b2:e0:23:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Validity
Not Before: Feb 16 07:53:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88c68642162d1d1bf61d2178f72adb1e0e35f280
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:9e:d1:ca:18:15:39:4c:ad:45:15:10:85:69:
10:87:97:38:c1:4a:b6:3f:0e:18:74:c8:8f:16:6e:
52:3f:91:da:d8:68:ae:76:3d:86:88:32:21:9b:77:
b7:05:3f:71:00:d6:c1:00:33:08:6d:68:f4:0a:d9:
4b:5d:4b:14:33:c0:ae:11:14:64:16:a9:9a:82:23:
1c:a7:f4:96:75:15:d7:04:d6:5a:aa:45:9e:ae:ab:
52:4a:e4:b6:b7:0d:d5:b6:dd:90:0d:4e:ac:44:2d:
3c:b0:2e:14:0b:4b:1a:98:10:af:17:08:b0:95:09:
56:0f:52:da:f5:1c:f8:e1:ef:0a:13:25:63:ad:b6:
ee:fe:dd:98:89:19:40:92:c3:e1:ce:b6:85:a8:1d:
7d:23:2b:a4:0a:6a:40:2f:32:12:aa:34:5c:33:37:
d7:77:b4:aa:62:fe:ff:50:78:ee:a7:97:e4:30:cf:
03:72:11:34:e7:18:40:2c:a7:77:b0:92:a4:f2:4d:
5c:16:95:fa:f5:ec:c1:0c:ac:58:e1:40:e3:f9:47:
60:42:a1:7c:29:1f:8a:73:72:a6:0b:26:62:6c:af:
57:12:29:87:f1:fd:c5:ae:09:d4:28:3e:ee:e5:aa:
69:fb:c7:88:17:75:41:30:b8:f4:2b:30:d1:c8:c1:
4c:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:C6:86:42:16:2D:1D:1B:F6:1D:21:78:F7:2A:DB:1E:0E:35:F2:80
X509v3 Authority Key Identifier:
keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/iMaGQhYtHRv2HSF49yrbHg418oA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.111.200.0/24
89.111.246.0/24
94.250.18.0/24
94.250.116.0-94.250.120.255
Signature Algorithm: sha256WithRSAEncryption
6d:d6:b7:87:88:be:4e:6c:ee:0a:fb:cd:f1:20:cf:fd:c6:90:
9f:1e:c5:50:66:9f:1f:62:92:45:8d:97:2a:ea:b0:48:84:65:
78:28:d5:a9:ff:8b:f8:1b:d5:42:9f:bd:be:c7:6d:4d:de:79:
3b:a8:f9:90:a9:b7:fe:e1:0c:79:58:38:2d:c2:3d:46:37:d5:
bc:e5:59:8f:a1:5c:27:11:ba:53:8e:b3:20:28:8c:59:b3:90:
ab:2b:35:bb:7d:48:0d:4b:54:0e:c8:b7:f4:cf:85:87:ad:2c:
ef:e6:f8:64:19:4b:c6:5b:52:5e:a6:fe:2c:53:3c:25:65:90:
52:6a:74:97:19:5c:77:07:92:42:a1:17:59:cf:ae:2d:37:69:
c7:e5:09:49:7d:e5:b7:df:f4:ff:31:55:49:a6:8e:4a:6e:44:
e2:b2:51:de:3a:bb:bc:e2:fb:8a:86:2c:f4:3d:d2:94:a2:fe:
1a:60:7c:ed:1d:92:fe:61:ec:ba:00:74:fd:70:91:30:4c:70:
7f:85:d9:e8:c4:bc:b7:e2:a8:e4:a5:4a:99:3d:ba:0a:3e:7f:
d5:e9:ce:4e:e1:96:52:96:53:ca:9c:4e:d5:78:d5:92:45:94:
26:41:57:ca:46:99:13:b6:df:8b:c0:2f:f0:5f:95:7a:3c:5c:
9c:95:cf:f0
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY2w590Qp8aNb2s1edSy4CMfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1
ZGVlZTgwHhcNMjQwMjE2MDc1MzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGM2ODY0MjE2MmQxZDFiZjYxZDIxNzhmNzJhZGIxZTBlMzVmMjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZ7RyhgVOUytRRUQhWkQh5c4wUq2
Pw4YdMiPFm5SP5Ha2Giudj2GiDIhm3e3BT9xANbBADMIbWj0CtlLXUsUM8CuERRk
FqmagiMcp/SWdRXXBNZaqkWerqtSSuS2tw3Vtt2QDU6sRC08sC4UC0samBCvFwiw
lQlWD1La9Rz44e8KEyVjrbbu/t2YiRlAksPhzraFqB19IyukCmpALzISqjRcMzfX
d7SqYv7/UHjup5fkMM8DchE05xhALKd3sJKk8k1cFpX69ezBDKxY4UDj+UdgQqF8
KR+Kc3KmCyZibK9XEimH8f3FrgnUKD7u5app+8eIF3VBMLj0KzDRyMFM5QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIjGhkIWLR0b9h0hePcq2x4ONfKAMB8GA1UdIwQY
MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt
ZDliNTMzZjdmYmMzLzEvaU1hR1FoWXRIUnYySFNGNDl5cmJIZzQxOG9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz
LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAWW/IAwQA
WW/2AwQAXvoSMAwDBAJe+nQDBABe+ngwDQYJKoZIhvcNAQELBQADggEBAG3Wt4eI
vk5s7gr7zfEgz/3GkJ8exVBmnx9ikkWNlyrqsEiEZXgo1an/i/gb1UKfvb7HbU3e
eTuo+ZCpt/7hDHlYOC3CPUY31bzlWY+hXCcRulOOsyAojFmzkKsrNbt9SA1LVA7I
t/TPhYetLO/m+GQZS8ZbUl6m/ixTPCVlkFJqdJcZXHcHkkKhF1nPri03acflCUl9
5bff9P8xVUmmjkpuROKyUd46u7zi+4qGLPQ90pSi/hpgfO0dkv5h7LoAdP1wkTBM
cH+F2ejEvLfiqOSlSpk9ugo+f9Xpzk7hllKWU8qcTtV41ZJFlCZBV8pGmRO234vA
L/BflXo8XJyVz/A=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:32 2025 by rpki-client