Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/3h2VUk3JK5WgT9fbQOFceZPmy20.roa
File: 3h2VUk3JK5WgT9fbQOFceZPmy20.roa (raw, json)
Hash identifier: s2Au2aQ6A0jMpyevBFfMOanDXzJ3pVzM8YYM/6EbEfw=
Subject key identifier: DE:1D:95:52:4D:C9:2B:95:A0:4F:D7:DB:40:E1:5C:79:93:E6:CB:6D
Certificate issuer: /CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Certificate serial: 018AF05B1F52412AF9508C5BD8F86C3D80A2
Authority key identifier: 9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/3h2VUk3JK5WgT9fbQOFceZPmy20.roa
Signing time: Mon 02 Oct 2023 12:26:58 +0000
ROA not before: Mon 02 Oct 2023 12:26:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 89.149.16.0/24 maxlen: 24
89.149.15.0/24 maxlen: 24
89.149.14.0/24 maxlen: 24
89.149.17.0/24 maxlen: 24
89.149.22.0/24 maxlen: 24
89.149.18.0/24 maxlen: 24
89.149.26.0/24 maxlen: 24
89.149.38.0/24 maxlen: 24
89.149.37.0/24 maxlen: 24
89.149.41.0/24 maxlen: 24
89.149.40.0/24 maxlen: 24
89.149.39.0/24 maxlen: 24
84.247.112.0/24 maxlen: 24
84.247.111.0/24 maxlen: 24
84.247.116.0/24 maxlen: 24
84.247.115.0/24 maxlen: 24
84.247.114.0/24 maxlen: 24
84.247.113.0/24 maxlen: 24
84.247.118.0/24 maxlen: 24
84.247.117.0/24 maxlen: 24
84.247.121.0/24 maxlen: 24
84.247.119.0/24 maxlen: 24
84.247.78.0/24 maxlen: 24
83.166.205.0/24 maxlen: 24
83.166.208.0/24 maxlen: 24
83.166.216.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Nov 2023 11:19:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f0:5b:1f:52:41:2a:f9:50:8c:5b:d8:f8:6c:3d:80:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Validity
Not Before: Oct 2 12:26:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de1d95524dc92b95a04fd7db40e15c7993e6cb6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:41:0f:4f:e4:f6:50:39:16:9d:63:ba:5e:43:
84:f8:49:13:3a:42:a6:f5:64:06:38:01:cf:20:f7:
2b:08:28:45:f0:3d:54:f0:bf:f2:78:36:84:c5:64:
96:da:c6:42:20:8a:3f:bc:d4:ad:24:64:3c:61:4c:
71:0c:66:0d:a3:99:c6:f0:79:76:04:78:4f:31:0e:
dd:72:77:c3:32:ad:c9:83:a6:6d:56:d7:3f:48:c7:
2b:9b:38:62:aa:f7:d4:c9:44:f3:37:c7:2d:66:8b:
e8:de:6a:05:9d:24:3a:7b:5a:7a:77:03:cd:d8:95:
14:57:ed:19:ae:95:54:ad:32:c1:97:e1:4c:33:76:
71:44:26:32:2f:bc:5b:f5:f8:18:67:e5:65:8b:16:
5f:39:c7:be:99:bc:39:c4:3a:d1:c7:13:9d:40:c1:
a0:40:a6:99:05:8e:9a:50:3c:4c:22:87:00:35:e0:
f1:b4:55:3d:cf:10:48:3c:64:5d:60:f7:8f:7b:e9:
35:fb:75:91:60:37:83:76:6f:ec:b3:4c:0d:9b:81:
2f:8b:a3:8e:c0:ea:2f:a6:df:f7:0c:9b:b1:ec:5b:
1b:07:39:e6:7b:0f:af:85:1d:5e:65:56:df:9b:f3:
65:f8:9d:d0:e1:01:ca:10:2a:de:c1:ca:15:cd:21:
35:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:1D:95:52:4D:C9:2B:95:A0:4F:D7:DB:40:E1:5C:79:93:E6:CB:6D
X509v3 Authority Key Identifier:
keyid:9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/3h2VUk3JK5WgT9fbQOFceZPmy20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.166.205.0/24
83.166.208.0/24
83.166.216.0/24
84.247.78.0/24
84.247.111.0-84.247.119.255
84.247.121.0/24
89.149.14.0-89.149.18.255
89.149.22.0/24
89.149.26.0/24
89.149.37.0-89.149.41.255
Signature Algorithm: sha256WithRSAEncryption
89:55:9a:be:13:c3:27:8d:f7:b1:07:1f:56:a6:8f:a2:bd:8a:
79:51:87:9e:8c:41:2a:7d:03:9b:90:89:f4:06:63:97:07:34:
e3:f4:1e:85:23:24:0f:77:88:ed:d5:0e:12:21:b1:00:ed:92:
1e:9d:b9:e4:fb:23:1d:8d:1f:6c:29:cd:af:f9:a9:a0:44:c2:
73:0a:80:02:4a:40:6f:52:57:00:d5:8f:b1:af:4b:0a:16:61:
77:63:47:3d:55:f5:f2:db:f8:b5:66:78:6e:06:af:75:f4:36:
00:21:53:a9:e2:7a:76:55:74:c7:0b:ed:a9:42:d4:3a:59:a1:
93:b5:a2:89:a5:ac:e7:67:e8:9d:54:10:b8:4c:9b:46:9f:43:
5c:7a:e3:05:04:5b:d3:00:80:9e:c4:96:65:fe:03:a5:6a:cc:
c9:f8:e5:32:74:5d:be:7a:10:23:87:73:08:3b:6b:ef:b8:de:
07:c4:31:c4:05:57:ef:62:09:18:09:e5:9c:bf:78:72:21:08:
7e:09:48:30:42:ac:89:41:0a:31:c9:41:d6:ee:7f:6a:2d:23:
36:c4:c8:13:31:a1:80:61:90:ee:a6:0f:b8:d9:f2:b2:ef:02:
97:f3:aa:06:fb:03:a0:7a:e2:49:92:a9:08:21:42:27:90:50:
f7:54:c4:6f
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYrwWx9SQSr5UIxb2PhsPYCiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNDU5YWE0NjAyYmZmYTJkMjY1MGJhNjY4MTg0NThjODlm
YzQ1ODIwHhcNMjMxMDAyMTIyNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTFkOTU1MjRkYzkyYjk1YTA0ZmQ3ZGI0MGUxNWM3OTkzZTZjYjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUEPT+T2UDkWnWO6XkOE+EkTOkKm
9WQGOAHPIPcrCChF8D1U8L/yeDaExWSW2sZCIIo/vNStJGQ8YUxxDGYNo5nG8Hl2
BHhPMQ7dcnfDMq3Jg6ZtVtc/SMcrmzhiqvfUyUTzN8ctZovo3moFnSQ6e1p6dwPN
2JUUV+0ZrpVUrTLBl+FMM3ZxRCYyL7xb9fgYZ+VlixZfOce+mbw5xDrRxxOdQMGg
QKaZBY6aUDxMIocANeDxtFU9zxBIPGRdYPePe+k1+3WRYDeDdm/ss0wNm4Evi6OO
wOovpt/3DJux7FsbBznmew+vhR1eZVbfm/Nl+J3Q4QHKECrewcoVzSE1iwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFN4dlVJNySuVoE/X20DhXHmT5sttMB8GA1UdIwQY
MBaAFJ5FmqRgK/+i0mULpmgYRYyJ/EWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWIt
MjhhODQxZGEwYmZkLzEvM2gyVlVrM0pLNVdnVDlmYlFPRmNlWlBteTIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWItMjhhODQxZGEwYmZk
LzEvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAU6bNAwQA
U6bQAwQAU6bYAwQAVPdOMAwDBABU928DBANU93ADBABU93kwDAMEAVmVDgMEAFmV
EgMEAFmVFgMEAFmVGjAMAwQAWZUlAwQBWZUoMA0GCSqGSIb3DQEBCwUAA4IBAQCJ
VZq+E8MnjfexBx9Wpo+ivYp5UYeejEEqfQObkIn0BmOXBzTj9B6FIyQPd4jt1Q4S
IbEA7ZIenbnk+yMdjR9sKc2v+amgRMJzCoACSkBvUlcA1Y+xr0sKFmF3Y0c9VfXy
2/i1ZnhuBq919DYAIVOp4np2VXTHC+2pQtQ6WaGTtaKJpaznZ+idVBC4TJtGn0Nc
euMFBFvTAICexJZl/gOlaszJ+OUydF2+ehAjh3MIO2vvuN4HxDHEBVfvYgkYCeWc
v3hyIQh+CUgwQqyJQQoxyUHW7n9qLSM2xMgTMaGAYZDupg+42fKy7wKX86oG+wOg
euJJkqkIIUInkFD3VMRv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:47 2024 by rpki-client on console-ams.rpki-client.org