Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/PfGqNJR3Ud1M4uoZ-gbjCTC5TK4.roa
File: PfGqNJR3Ud1M4uoZ-gbjCTC5TK4.roa (raw, json)
Hash identifier: 7MyJpqcLGsgvpRCFSwkFxQnVe/GCql+YMbdaUPvZxGk=
Subject key identifier: 3D:F1:AA:34:94:77:51:DD:4C:E2:EA:19:FA:06:E3:09:30:B9:4C:AE
Certificate issuer: /CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Certificate serial: 018EEB350C65E64B78FC70B0DF8F04466003
Authority key identifier: 9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/PfGqNJR3Ud1M4uoZ-gbjCTC5TK4.roa
Signing time: Wed 17 Apr 2024 08:38:26 +0000
ROA not before: Wed 17 Apr 2024 08:38:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61002
IP address blocks: 89.44.246.0/24 maxlen: 24
185.170.11.0/24 maxlen: 24
188.211.164.0/23 maxlen: 23
188.211.166.0/24 maxlen: 24
193.3.55.0/24 maxlen: 24
193.56.144.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Aug 2024 17:14:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:eb:35:0c:65:e6:4b:78:fc:70:b0:df:8f:04:46:60:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Validity
Not Before: Apr 17 08:38:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3df1aa34947751dd4ce2ea19fa06e30930b94cae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:71:8f:1f:a4:90:4d:17:1d:af:26:14:a5:ee:
de:fe:0c:d7:4a:92:f4:d9:18:60:1a:b8:8b:13:1f:
37:5c:9d:dd:51:17:54:04:f4:84:65:95:a1:51:f3:
e5:83:86:5e:03:0d:14:b4:90:11:0b:83:d0:29:0c:
e1:24:f9:c7:2a:06:d9:50:e6:4b:90:14:2b:8a:d8:
46:39:57:39:63:70:5c:29:e4:90:c4:77:b8:43:c3:
4d:20:e6:2d:96:53:42:1b:cc:df:72:3a:9a:f6:f3:
87:f2:11:73:52:a3:d7:19:74:ed:f2:b8:7f:bf:6a:
84:fc:76:d8:f7:20:3e:5b:ec:83:85:bf:39:e8:1f:
a1:2e:a4:e9:2c:2f:51:24:b5:0a:f0:21:41:0a:75:
75:2b:26:a6:19:bb:90:b5:a8:d2:1e:e3:8f:ae:08:
62:94:30:76:af:d2:01:e8:89:db:f4:2f:8f:c8:eb:
69:35:08:46:26:12:8d:7d:df:7b:eb:bf:4c:91:df:
3a:cd:b1:c0:9c:41:36:31:eb:36:86:fe:ae:a1:05:
11:62:34:0a:c1:92:49:b4:ce:39:bb:63:92:bc:a8:
bd:b7:98:a9:20:87:43:6e:57:5f:54:72:d3:d0:21:
2b:6f:6f:1c:61:7f:70:f7:9e:7b:77:5b:f9:c7:ea:
86:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:F1:AA:34:94:77:51:DD:4C:E2:EA:19:FA:06:E3:09:30:B9:4C:AE
X509v3 Authority Key Identifier:
keyid:9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/PfGqNJR3Ud1M4uoZ-gbjCTC5TK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.246.0/24
185.170.11.0/24
188.211.164.0-188.211.166.255
193.3.55.0/24
193.56.144.0/24
Signature Algorithm: sha256WithRSAEncryption
48:22:7a:4e:4d:da:d5:f7:1d:a3:a0:24:4d:b3:ea:23:de:66:
e2:fa:94:a2:59:ec:62:5c:6e:89:3c:8e:1e:5a:d2:f3:bd:2e:
c0:f2:f5:29:2c:cf:49:00:73:6a:21:0c:dd:00:bd:4d:99:d2:
70:de:52:6d:c2:1e:7a:c3:94:83:54:6b:95:5f:b3:64:7a:0b:
26:29:a9:93:73:be:d8:a7:f4:18:f6:75:b2:f5:ff:ef:5f:5a:
e1:d0:c3:16:87:eb:a5:d1:f3:36:c8:d0:55:d9:75:e5:8d:1b:
56:79:b5:e9:4a:83:42:93:af:83:42:cf:56:02:e1:1c:44:6b:
b5:a6:34:fd:c1:4f:e8:d3:f7:d6:12:87:15:92:7f:63:bd:8d:
fb:fd:d1:94:f4:ed:54:1a:b2:38:f6:d2:60:49:0c:9a:f0:a1:
48:da:ff:1b:86:1a:97:cd:ff:f7:14:5d:81:2e:41:9d:4b:57:
c6:6e:26:e0:01:77:cf:25:97:5b:7b:80:77:fa:10:4f:7c:c5:
47:23:c9:26:78:ad:a5:20:97:82:43:db:db:62:f4:42:31:7e:
cb:5c:cf:df:8b:3d:97:ac:65:08:2b:9b:69:4e:d0:b3:3a:f2:
c5:78:8f:7f:62:d3:00:19:e7:2d:56:27:07:c4:92:e0:04:67:
b7:18:85:44
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY7rNQxl5kt4/HCw348ERmADMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTQyZjVkZjNjMWFjYjg1N2ZkNTBlZWIwMTZlZWQwNzM4
NWZmOGMwHhcNMjQwNDE3MDgzODI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGYxYWEzNDk0Nzc1MWRkNGNlMmVhMTlmYTA2ZTMwOTMwYjk0Y2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHGPH6SQTRcdryYUpe7e/gzXSpL0
2RhgGriLEx83XJ3dURdUBPSEZZWhUfPlg4ZeAw0UtJARC4PQKQzhJPnHKgbZUOZL
kBQrithGOVc5Y3BcKeSQxHe4Q8NNIOYtllNCG8zfcjqa9vOH8hFzUqPXGXTt8rh/
v2qE/HbY9yA+W+yDhb856B+hLqTpLC9RJLUK8CFBCnV1KyamGbuQtajSHuOPrghi
lDB2r9IB6Inb9C+PyOtpNQhGJhKNfd97679Mkd86zbHAnEE2Mes2hv6uoQURYjQK
wZJJtM45u2OSvKi9t5ipIIdDbldfVHLT0CErb28cYX9w9557d1v5x+qGJwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFD3xqjSUd1HdTOLqGfoG4wkwuUyuMB8GA1UdIwQY
MBaAFJxUL13zway4V/1Q7rAW7tBzhf+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUt
MjVkYmY0MzgwNGM1LzEvUGZHcU5KUjNVZDFNNHVvWi1nYmpDVEM1VEs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUtMjVkYmY0MzgwNGM1
LzEvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAWSz2AwQA
uaoLMAwDBAK806QDBAC806YDBADBAzcDBADBOJAwDQYJKoZIhvcNAQELBQADggEB
AEgiek5N2tX3HaOgJE2z6iPeZuL6lKJZ7GJcbok8jh5a0vO9LsDy9Sksz0kAc2oh
DN0AvU2Z0nDeUm3CHnrDlINUa5Vfs2R6CyYpqZNzvtin9Bj2dbL1/+9fWuHQwxaH
66XR8zbI0FXZdeWNG1Z5telKg0KTr4NCz1YC4RxEa7WmNP3BT+jT99YShxWSf2O9
jfv90ZT07VQasjj20mBJDJrwoUja/xuGGpfN//cUXYEuQZ1LV8ZuJuABd88ll1t7
gHf6EE98xUcjySZ4raUgl4JD29ti9EIxfstcz9+LPZesZQgrm2lO0LM68sV4j39i
0wAZ5y1WJwfEkuAEZ7cYhUQ=
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:31:28 2025 by rpki-client