Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/FZgwWEGt2_ZH5zAG7Tgm9y5llwI.roa
File: FZgwWEGt2_ZH5zAG7Tgm9y5llwI.roa (raw, json)
Hash identifier: TEkLVSefXnEFoTxvII/nqnZI+zktzm3Ss8oynx7tMnA=
Subject key identifier: 15:98:30:58:41:AD:DB:F6:47:E7:30:06:ED:38:26:F7:2E:65:97:02
Certificate issuer: /CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Certificate serial: 018ED0F12010A3E2418F7F8326E34DC2D2CB
Authority key identifier: 9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/FZgwWEGt2_ZH5zAG7Tgm9y5llwI.roa
Signing time: Fri 12 Apr 2024 06:14:07 +0000
ROA not before: Fri 12 Apr 2024 06:14:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61002
IP address blocks: 89.44.246.0/24 maxlen: 24
185.170.11.0/24 maxlen: 24
188.211.166.0/24 maxlen: 24
193.3.55.0/24 maxlen: 24
193.56.144.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Apr 2024 08:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d0:f1:20:10:a3:e2:41:8f:7f:83:26:e3:4d:c2:d2:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Validity
Not Before: Apr 12 06:14:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1598305841addbf647e73006ed3826f72e659702
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:55:cd:da:48:77:73:fc:f1:84:a8:b5:22:1a:
27:63:07:0c:4d:84:02:d2:57:f5:b5:2a:85:fe:99:
40:21:c5:b1:ba:ab:f4:29:1a:d9:1d:bf:4d:47:c5:
c4:d4:d7:e7:8d:66:55:5e:c9:9e:66:d5:b2:1f:e0:
dc:88:7c:08:b3:74:1e:78:5a:76:d2:ce:f6:ce:1a:
86:c3:ad:10:32:3d:b2:06:d7:d4:c3:86:36:56:eb:
c9:fa:e3:8f:04:15:fc:05:c3:d3:ba:24:ae:ca:71:
e3:13:e3:f4:c9:8a:9a:21:96:eb:b8:a1:76:a7:fc:
0e:48:c5:8f:9e:7e:8e:f9:a5:db:7c:b6:14:6c:a5:
84:bd:a6:04:bb:15:c7:91:0b:b0:29:f0:30:d1:ad:
5a:9c:65:c2:a5:10:29:ee:62:23:99:d5:e5:22:2e:
ca:c3:8a:43:ef:77:da:64:b9:95:fd:a2:8a:64:a5:
9f:d7:cb:a7:b6:7f:52:b8:f9:bf:74:90:af:81:0f:
08:44:24:3a:d9:bc:b4:de:f2:70:05:1f:70:8a:be:
a7:6f:c1:02:9f:c3:d2:df:ce:1b:81:35:88:a3:9e:
52:da:ba:9a:9c:5f:66:56:ee:52:46:29:91:10:fa:
da:44:cf:54:56:f7:4b:7b:70:3b:94:2d:16:0f:4f:
b0:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:98:30:58:41:AD:DB:F6:47:E7:30:06:ED:38:26:F7:2E:65:97:02
X509v3 Authority Key Identifier:
keyid:9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/FZgwWEGt2_ZH5zAG7Tgm9y5llwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.246.0/24
185.170.11.0/24
188.211.166.0/24
193.3.55.0/24
193.56.144.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:d3:69:0b:c0:c4:89:44:6e:b3:6e:7d:42:39:63:b5:ba:d5:
59:10:45:74:7e:e4:c5:ab:90:9d:22:36:5e:aa:c1:a8:25:0d:
af:29:6a:51:f7:be:72:8f:b0:2c:fe:1d:e6:66:14:88:72:2b:
27:39:e9:81:03:df:9c:a1:82:de:2f:4e:30:8c:2d:07:92:65:
0a:ca:f3:82:f4:35:c7:03:3b:3a:36:ad:5c:ef:4e:2a:4b:8c:
4d:9a:5f:e3:bd:a5:26:03:25:7a:60:0d:52:50:1a:67:e7:d9:
e0:aa:d2:31:f1:df:fc:91:0e:f5:a7:37:45:e8:11:fa:5a:8d:
89:7d:69:32:85:2c:3d:e2:8a:52:65:e2:7b:f6:6f:ac:83:64:
e0:8f:74:dd:f8:b4:ba:eb:a3:90:27:0e:45:09:11:30:4d:bb:
99:93:45:ca:83:85:82:0c:58:0e:6c:03:a5:ba:01:72:f4:6e:
7f:1b:fd:f4:96:15:c9:48:08:dc:e8:cc:2f:31:51:df:34:a9:
d9:33:1d:82:fd:46:a9:ab:27:9a:6d:ff:2f:75:19:07:01:df:
0e:19:21:d4:da:71:7a:41:ff:09:65:c0:18:27:c2:f7:fa:01:
0a:ab:ae:15:54:e8:9b:4b:77:d7:ec:6e:43:8d:a6:37:b4:6f:
10:50:40:35
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY7Q8SAQo+JBj3+DJuNNwtLLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTQyZjVkZjNjMWFjYjg1N2ZkNTBlZWIwMTZlZWQwNzM4
NWZmOGMwHhcNMjQwNDEyMDYxNDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTk4MzA1ODQxYWRkYmY2NDdlNzMwMDZlZDM4MjZmNzJlNjU5NzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFXN2kh3c/zxhKi1IhonYwcMTYQC
0lf1tSqF/plAIcWxuqv0KRrZHb9NR8XE1NfnjWZVXsmeZtWyH+DciHwIs3QeeFp2
0s72zhqGw60QMj2yBtfUw4Y2VuvJ+uOPBBX8BcPTuiSuynHjE+P0yYqaIZbruKF2
p/wOSMWPnn6O+aXbfLYUbKWEvaYEuxXHkQuwKfAw0a1anGXCpRAp7mIjmdXlIi7K
w4pD73faZLmV/aKKZKWf18untn9SuPm/dJCvgQ8IRCQ62by03vJwBR9wir6nb8EC
n8PS384bgTWIo55S2rqanF9mVu5SRimREPraRM9UVvdLe3A7lC0WD0+w8wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBWYMFhBrdv2R+cwBu04JvcuZZcCMB8GA1UdIwQY
MBaAFJxUL13zway4V/1Q7rAW7tBzhf+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUt
MjVkYmY0MzgwNGM1LzEvRlpnd1dFR3QyX1pINXpBRzdUZ205eTVsbHdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUtMjVkYmY0MzgwNGM1
LzEvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWSz2AwQA
uaoLAwQAvNOmAwQAwQM3AwQAwTiQMA0GCSqGSIb3DQEBCwUAA4IBAQBs02kLwMSJ
RG6zbn1COWO1utVZEEV0fuTFq5CdIjZeqsGoJQ2vKWpR975yj7As/h3mZhSIcisn
OemBA9+coYLeL04wjC0HkmUKyvOC9DXHAzs6Nq1c704qS4xNml/jvaUmAyV6YA1S
UBpn59ngqtIx8d/8kQ71pzdF6BH6Wo2JfWkyhSw94opSZeJ79m+sg2Tgj3Td+LS6
66OQJw5FCREwTbuZk0XKg4WCDFgObAOlugFy9G5/G/30lhXJSAjc6MwvMVHfNKnZ
Mx2C/Uapqyeabf8vdRkHAd8OGSHU2nF6Qf8JZcAYJ8L3+gEKq64VVOibS3fX7G5D
jaY3tG8QUEA1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:40 2024 by rpki-client on console-ams.rpki-client.org