Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/kUH3NLcEhWVA_johWMZluUUPFwc.roa
File: kUH3NLcEhWVA_johWMZluUUPFwc.roa (raw, json)
Hash identifier: 7yyCurTZAoNxy/irhyXvxP6r8eSNNlx0bT4ZBx7xTUg=
Subject key identifier: 91:41:F7:34:B7:04:85:65:40:FE:3A:21:58:C6:65:B9:45:0F:17:07
Certificate issuer: /CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Certificate serial: 018C583077B9AE31CC9B4FD3DB22FF75581E
Authority key identifier: 9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/kUH3NLcEhWVA_johWMZluUUPFwc.roa
Signing time: Mon 11 Dec 2023 09:23:40 +0000
ROA not before: Mon 11 Dec 2023 09:23:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 18345
IP address blocks: 89.42.20.0/24 maxlen: 24
89.42.21.0/24 maxlen: 24
89.149.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:58:30:77:b9:ae:31:cc:9b:4f:d3:db:22:ff:75:58:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Validity
Not Before: Dec 11 09:23:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9141f734b704856540fe3a2158c665b9450f1707
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:cc:1d:a6:41:65:cb:6e:98:06:ac:a4:d4:d8:
5a:4b:2b:53:da:f0:2d:25:ad:69:47:00:52:c5:fb:
e7:4f:55:4d:c1:50:74:22:ef:fa:a8:22:90:1b:c3:
74:e3:54:10:96:f6:0a:02:89:87:b7:47:a4:de:69:
98:85:63:de:2d:e7:c0:66:e6:78:a0:ea:b5:d9:fd:
0c:34:98:52:18:93:e1:f3:90:e9:d3:0a:08:7b:b8:
d2:a8:65:3d:bf:88:5e:16:db:1e:81:66:2a:6a:66:
ca:b1:23:29:66:49:34:6e:27:73:2a:fc:a3:49:f0:
9a:16:47:43:ce:b5:5c:d6:da:eb:6a:ae:2c:53:fd:
10:fa:0b:6d:06:1f:7c:f9:15:a8:ba:32:ff:c8:4a:
dc:4a:10:2c:32:f6:14:f8:28:c0:2f:b2:04:3b:f3:
a7:77:6f:f6:0e:f5:7b:38:8e:74:97:7e:fb:c1:eb:
80:e5:1e:11:b4:b0:d3:09:9f:c5:b3:30:5f:1c:31:
66:30:54:f4:a0:d5:88:77:2a:d7:55:b9:8e:bf:f9:
e7:84:92:6c:43:91:9e:a2:4c:70:6a:9a:fe:8e:db:
01:fb:ab:4f:ae:54:7d:f0:9e:34:32:64:d6:74:bf:
9a:f5:91:93:7a:1b:f0:65:e3:ba:cd:97:bf:9d:a1:
09:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:41:F7:34:B7:04:85:65:40:FE:3A:21:58:C6:65:B9:45:0F:17:07
X509v3 Authority Key Identifier:
keyid:9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/kUH3NLcEhWVA_johWMZluUUPFwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.20.0/23
89.149.63.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:c4:6f:f9:74:d3:5a:95:2c:c6:4b:ed:ed:e6:bd:15:91:12:
44:f5:e2:aa:ef:46:25:8b:d6:1c:a1:7c:6c:f0:4d:3d:96:5d:
61:30:3e:a6:16:24:65:dc:bd:6c:e8:d7:81:af:81:7f:b1:f0:
ec:b5:bd:85:e1:cf:6b:e4:c8:02:a1:bd:1a:6d:fc:7b:4d:88:
5f:27:30:07:86:26:39:6e:be:e3:07:37:5f:6c:b1:7b:60:07:
fb:c9:43:1f:f5:cb:76:2b:91:48:33:31:6d:3a:8e:cc:6d:6f:
cd:10:de:5c:c0:b5:56:05:97:cb:fe:81:e2:b3:70:e0:7a:75:
34:68:2a:af:bd:36:15:fb:37:ba:92:74:2f:c3:77:03:91:fa:
87:b0:e1:30:e6:07:07:a8:f5:39:44:0c:d4:05:be:c3:47:3f:
8c:4b:1f:d0:8e:ee:42:3b:57:18:54:4f:72:fd:53:8b:ba:f1:
22:eb:df:d1:3c:ce:b6:42:22:32:c6:9f:9d:79:45:ef:cb:08:
14:cf:56:4c:b7:90:31:85:be:4c:0e:5a:c2:2d:14:d5:e3:52:
0b:8e:38:f0:d5:89:5d:10:bb:f8:f5:50:3d:b0:82:5c:90:66:
63:ac:19:28:af:af:de:d3:05:bb:95:5a:df:35:49:01:87:f2:
e7:9e:2a:b0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxYMHe5rjHMm0/T2yL/dVgeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNDU5YWE0NjAyYmZmYTJkMjY1MGJhNjY4MTg0NThjODlm
YzQ1ODIwHhcNMjMxMjExMDkyMzQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTQxZjczNGI3MDQ4NTY1NDBmZTNhMjE1OGM2NjViOTQ1MGYxNzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlswdpkFly26YBqyk1NhaSytT2vAt
Ja1pRwBSxfvnT1VNwVB0Iu/6qCKQG8N041QQlvYKAomHt0ek3mmYhWPeLefAZuZ4
oOq12f0MNJhSGJPh85Dp0woIe7jSqGU9v4heFtsegWYqambKsSMpZkk0bidzKvyj
SfCaFkdDzrVc1trraq4sU/0Q+gttBh98+RWoujL/yErcShAsMvYU+CjAL7IEO/On
d2/2DvV7OI50l377weuA5R4RtLDTCZ/FszBfHDFmMFT0oNWIdyrXVbmOv/nnhJJs
Q5Geokxwapr+jtsB+6tPrlR98J40MmTWdL+a9ZGTehvwZeO6zZe/naEJyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJFB9zS3BIVlQP46IVjGZblFDxcHMB8GA1UdIwQY
MBaAFJ5FmqRgK/+i0mULpmgYRYyJ/EWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWIt
MjhhODQxZGEwYmZkLzEva1VIM05MY0VoV1ZBX2pvaFdNWmx1VVVQRndjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWItMjhhODQxZGEwYmZk
LzEvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBWSoUAwQA
WZU/MA0GCSqGSIb3DQEBCwUAA4IBAQCsxG/5dNNalSzGS+3t5r0VkRJE9eKq70Yl
i9YcoXxs8E09ll1hMD6mFiRl3L1s6NeBr4F/sfDstb2F4c9r5MgCob0abfx7TYhf
JzAHhiY5br7jBzdfbLF7YAf7yUMf9ct2K5FIMzFtOo7MbW/NEN5cwLVWBZfL/oHi
s3DgenU0aCqvvTYV+ze6knQvw3cDkfqHsOEw5gcHqPU5RAzUBb7DRz+MSx/Qju5C
O1cYVE9y/VOLuvEi69/RPM62QiIyxp+deUXvywgUz1ZMt5Axhb5MDlrCLRTV41IL
jjjw1YldELv49VA9sIJckGZjrBkor6/e0wW7lVrfNUkBh/Lnniqw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:29 2024 by rpki-client on console-fra.rpki-client.org