Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/_x73kBJrvZ1ffDcWFIVFMvztheU.roa
File: _x73kBJrvZ1ffDcWFIVFMvztheU.roa (raw, json)
Hash identifier: /16uxsiwGzueLosNqnN5Cy3j8FjSP9OG3xp7yH1Y4+Q=
Subject key identifier: FF:1E:F7:90:12:6B:BD:9D:5F:7C:37:16:14:85:45:32:FC:ED:85:E5
Certificate issuer: /CN=3144e609e361913e3c3b0a78d7486aa45b562401
Certificate serial: 018571277879960CED84CE047FBB90A3DB73
Authority key identifier: 31:44:E6:09:E3:61:91:3E:3C:3B:0A:78:D7:48:6A:A4:5B:56:24:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MUTmCeNhkT48Owp410hqpFtWJAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/_x73kBJrvZ1ffDcWFIVFMvztheU.roa
Signing time: Mon 02 Jan 2023 06:24:50 +0000
ROA not before: Mon 02 Jan 2023 06:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25319
IP address blocks: 89.32.224.0/20 maxlen: 24
89.32.226.0/24 maxlen: 24
185.108.181.0/24 maxlen: 24
185.108.180.0/24 maxlen: 24
185.108.180.0/22 maxlen: 24
185.108.182.0/24 maxlen: 24
185.108.183.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:78:79:96:0c:ed:84:ce:04:7f:bb:90:a3:db:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3144e609e361913e3c3b0a78d7486aa45b562401
Validity
Not Before: Jan 2 06:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff1ef790126bbd9d5f7c371614854532fced85e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:82:d2:e1:a0:06:7a:f4:88:90:1e:22:82:c6:
39:4a:2c:1e:0d:68:5e:10:b9:1e:81:59:e1:f6:0d:
60:a3:77:2d:8c:a0:b9:9c:1d:9e:62:0e:50:7b:27:
cd:00:f1:dd:3f:20:6f:05:b7:3a:14:90:14:52:80:
a9:6c:b3:f4:a7:80:9a:ae:0a:67:9b:ce:82:c1:42:
a9:de:4f:c3:90:48:11:73:2a:ce:fc:e2:2e:41:e5:
09:2b:30:a6:ad:11:70:c6:4c:df:41:0b:10:e7:67:
d4:02:5c:ad:0c:ec:a3:57:20:78:ab:30:3c:24:7b:
3e:ff:2e:f5:25:b7:74:d2:78:11:65:f5:cd:55:81:
07:c0:d4:e7:fb:b3:65:e2:17:cb:27:d2:b0:24:6d:
45:de:96:a9:de:5d:83:72:1e:a8:39:08:45:f8:0a:
4a:42:03:15:94:d3:07:80:6d:de:1c:b4:6b:86:70:
90:87:27:88:48:54:5c:39:cf:2d:ff:d3:ab:59:a3:
c0:05:d7:12:fe:5f:81:8a:de:b2:7f:34:4d:2d:2b:
28:b9:a3:21:57:b9:df:2d:7e:de:2d:60:d9:8b:bc:
82:a4:6e:98:0d:b4:ed:be:f9:d9:4d:ea:c7:ab:cb:
82:77:7b:e1:c1:95:9c:fd:b8:93:57:9d:ec:4b:e5:
3e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:1E:F7:90:12:6B:BD:9D:5F:7C:37:16:14:85:45:32:FC:ED:85:E5
X509v3 Authority Key Identifier:
keyid:31:44:E6:09:E3:61:91:3E:3C:3B:0A:78:D7:48:6A:A4:5B:56:24:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MUTmCeNhkT48Owp410hqpFtWJAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/_x73kBJrvZ1ffDcWFIVFMvztheU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/MUTmCeNhkT48Owp410hqpFtWJAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.32.224.0/20
185.108.180.0/22
Signature Algorithm: sha256WithRSAEncryption
29:a8:69:f7:21:c9:05:5a:af:1a:5b:e5:75:90:d9:03:e7:93:
52:05:9a:d0:c4:e3:60:09:7d:1a:a0:b2:ca:c7:d2:24:0d:f7:
4f:6f:44:02:89:ca:d3:14:13:89:bd:c1:11:8a:21:26:ca:94:
cf:1c:ab:4e:3f:70:08:cf:4c:fe:06:67:48:a0:f3:b8:ea:38:
e5:b4:87:7f:7b:25:f9:74:0e:0b:74:62:33:c0:87:48:9d:af:
7a:e5:ac:fb:e5:ac:ae:34:9d:80:9e:87:01:59:6f:33:4b:72:
c9:5a:c0:c5:d8:ce:6f:ec:b1:fa:4b:17:37:05:d0:f1:61:74:
c3:f4:57:c9:03:e0:47:ae:0a:fd:6a:d0:5c:eb:4f:13:e8:8c:
ed:b6:ca:90:0b:df:9d:11:19:db:1a:0f:71:2c:4e:13:8c:ce:
c9:90:cb:2a:88:41:ac:1a:5c:7a:33:c9:66:3b:72:86:3a:d9:
21:bb:46:97:5a:b9:ab:17:a0:f3:1b:63:2e:b1:77:bb:ae:85:
04:b7:53:98:13:e5:e4:cf:42:56:c4:71:88:bc:bc:64:92:5e:
86:9a:57:d5:3d:f5:36:fd:51:29:b7:78:6c:e9:b7:59:f3:7c:
ba:3c:ea:26:e6:91:09:7c:74:89:7d:65:68:de:00:d1:d8:b9:
56:aa:29:fa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxJ3h5lgzthM4Ef7uQo9tzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNDRlNjA5ZTM2MTkxM2UzYzNiMGE3OGQ3NDg2YWE0NWI1
NjI0MDEwHhcNMjMwMTAyMDYyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjFlZjc5MDEyNmJiZDlkNWY3YzM3MTYxNDg1NDUzMmZjZWQ4NWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoLS4aAGevSIkB4igsY5SiweDWhe
ELkegVnh9g1go3ctjKC5nB2eYg5QeyfNAPHdPyBvBbc6FJAUUoCpbLP0p4Cargpn
m86CwUKp3k/DkEgRcyrO/OIuQeUJKzCmrRFwxkzfQQsQ52fUAlytDOyjVyB4qzA8
JHs+/y71Jbd00ngRZfXNVYEHwNTn+7Nl4hfLJ9KwJG1F3pap3l2Dch6oOQhF+ApK
QgMVlNMHgG3eHLRrhnCQhyeISFRcOc8t/9OrWaPABdcS/l+Bit6yfzRNLSsouaMh
V7nfLX7eLWDZi7yCpG6YDbTtvvnZTerHq8uCd3vhwZWc/biTV53sS+U+NwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP8e95ASa72dX3w3FhSFRTL87YXlMB8GA1UdIwQY
MBaAFDFE5gnjYZE+PDsKeNdIaqRbViQBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVVUbUNlTmhrVDQ4T3dwNDEwaHFwRnRXSkFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jYWEyYjYtODdlOC00ZTI0LWE0NDYt
Nzc1ODg4YTg3MTk0LzEvX3g3M2tCSnJ2WjFmZkRjV0ZJVkZNdnp0aGVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jYWEyYjYtODdlOC00ZTI0LWE0NDYtNzc1ODg4YTg3MTk0
LzEvTVVUbUNlTmhrVDQ4T3dwNDEwaHFwRnRXSkFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEWSDgAwQC
uWy0MA0GCSqGSIb3DQEBCwUAA4IBAQApqGn3IckFWq8aW+V1kNkD55NSBZrQxONg
CX0aoLLKx9IkDfdPb0QCicrTFBOJvcERiiEmypTPHKtOP3AIz0z+BmdIoPO46jjl
tId/eyX5dA4LdGIzwIdIna965az75ayuNJ2AnocBWW8zS3LJWsDF2M5v7LH6Sxc3
BdDxYXTD9FfJA+BHrgr9atBc608T6IzttsqQC9+dERnbGg9xLE4TjM7JkMsqiEGs
Glx6M8lmO3KGOtkhu0aXWrmrF6DzG2MusXe7roUEt1OYE+Xkz0JWxHGIvLxkkl6G
mlfVPfU2/VEpt3hs6bdZ83y6POom5pEJfHSJfWVo3gDR2LlWqin6
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:07 2024 by rpki-client on console-fra.rpki-client.org