Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/ie4CvJ38jRO2J7YxDNX_k9VuMC8.roa
File: ie4CvJ38jRO2J7YxDNX_k9VuMC8.roa (raw, json)
Hash identifier: rTLUL5glgg8FlOsxxke5ZdXiIGWA9JDHRIKccOWRoHs=
Subject key identifier: 89:EE:02:BC:9D:FC:8D:13:B6:27:B6:31:0C:D5:FF:93:D5:6E:30:2F
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018AF2B0DDBBE75423218CC4FA3607F6613E
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/ie4CvJ38jRO2J7YxDNX_k9VuMC8.roa
Signing time: Mon 02 Oct 2023 23:19:51 +0000
ROA not before: Mon 02 Oct 2023 23:19:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44620
IP address blocks: 212.68.32.0/24 maxlen: 24
77.92.146.0/24 maxlen: 24
188.132.206.0/24 maxlen: 24
188.132.207.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f2:b0:dd:bb:e7:54:23:21:8c:c4:fa:36:07:f6:61:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Oct 2 23:19:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89ee02bc9dfc8d13b627b6310cd5ff93d56e302f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ff:97:3d:01:48:9c:fe:e7:1a:37:74:e2:85:
90:9f:0e:0a:45:b6:4f:0d:ea:9b:9b:36:98:8a:5e:
41:d3:6e:30:5a:50:7e:ed:f7:72:7c:be:ab:16:fc:
0d:28:10:22:6b:38:17:cd:c1:67:51:23:6c:b1:77:
77:cb:2e:4a:50:86:a0:96:2e:aa:6b:dd:3e:10:33:
7e:a2:0d:5b:b8:f1:a5:de:02:ae:86:55:8c:7a:ee:
8f:09:9f:23:35:77:53:19:66:da:15:e3:e1:dd:ad:
8d:df:5b:fd:b6:6f:00:c1:10:05:2a:92:99:16:db:
a6:81:c1:d2:01:2d:21:bb:42:91:e0:59:17:bb:9d:
cd:13:94:21:ae:78:fb:92:43:8d:fd:56:de:45:73:
34:5a:eb:aa:5e:a2:f3:07:ac:0b:e8:1e:e9:a0:f9:
06:cd:72:52:9e:1a:f3:af:34:dd:f6:44:21:f5:56:
2e:55:57:b2:8b:e6:30:e9:f4:7c:c1:6d:24:54:c6:
cf:e5:7c:64:c8:7b:73:21:5d:03:34:3a:5c:9d:7b:
9b:bb:aa:e7:42:a3:64:51:11:79:70:bf:da:c1:97:
83:ac:03:b6:9a:19:41:65:88:f1:01:2a:c9:32:60:
b9:d1:fb:9c:e7:7f:12:68:d7:0f:19:89:4b:cd:8a:
6b:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:EE:02:BC:9D:FC:8D:13:B6:27:B6:31:0C:D5:FF:93:D5:6E:30:2F
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/ie4CvJ38jRO2J7YxDNX_k9VuMC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.146.0/24
188.132.206.0/23
212.68.32.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:bd:59:56:a0:48:69:d4:8c:7a:8d:6b:1a:68:7a:11:fe:3f:
76:a1:7a:10:c5:8f:b0:50:59:5a:77:bf:98:f5:83:23:4c:01:
57:11:52:a9:92:16:a0:09:c4:77:04:e9:d5:20:97:5c:89:6b:
81:15:a3:a6:8c:2d:d6:aa:49:87:10:2d:a3:d4:73:8e:2c:a2:
17:98:1d:0a:5c:d8:61:31:4a:eb:20:11:f1:40:56:ec:34:cf:
46:92:00:25:ae:f6:0d:64:2a:f7:10:74:d7:9a:ba:80:7a:3f:
a4:e0:29:2d:75:63:e9:85:02:bd:88:89:85:b7:9a:37:05:c5:
b8:1b:2a:48:70:61:3b:75:4f:a6:88:88:31:bb:93:aa:79:34:
b6:c6:02:22:fe:26:73:5f:99:6e:4e:dc:66:23:1b:a6:6b:7a:
be:33:33:d8:e6:a3:19:9a:79:98:9c:7a:f8:65:5c:d8:15:ed:
97:99:6f:1f:fb:34:79:8d:69:62:d4:ef:3e:16:55:ab:ca:c6:
84:d9:c6:a1:5a:fd:ab:18:e5:a2:dd:b1:1a:11:f8:ec:58:1d:
81:ef:9e:02:c3:3d:98:2c:9f:28:40:09:d2:c9:ec:ba:be:b9:
6c:45:f0:98:a1:8b:ae:f7:aa:b1:a6:2b:e2:9c:1a:6e:e5:68:
be:8b:7c:43
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYrysN2751QjIYzE+jYH9mE+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjMxMDAyMjMxOTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWVlMDJiYzlkZmM4ZDEzYjYyN2I2MzEwY2Q1ZmY5M2Q1NmUzMDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/+XPQFInP7nGjd04oWQnw4KRbZP
DeqbmzaYil5B024wWlB+7fdyfL6rFvwNKBAiazgXzcFnUSNssXd3yy5KUIagli6q
a90+EDN+og1buPGl3gKuhlWMeu6PCZ8jNXdTGWbaFePh3a2N31v9tm8AwRAFKpKZ
FtumgcHSAS0hu0KR4FkXu53NE5Qhrnj7kkON/VbeRXM0WuuqXqLzB6wL6B7poPkG
zXJSnhrzrzTd9kQh9VYuVVeyi+Yw6fR8wW0kVMbP5XxkyHtzIV0DNDpcnXubu6rn
QqNkURF5cL/awZeDrAO2mhlBZYjxASrJMmC50fuc538SaNcPGYlLzYprwQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFInuAryd/I0Ttie2MQzV/5PVbjAvMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvaWU0Q3ZKMzhqUk8ySjdZeEROWF9rOVZ1TUM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVySAwQB
vITOAwQA1EQgMA0GCSqGSIb3DQEBCwUAA4IBAQCcvVlWoEhp1Ix6jWsaaHoR/j92
oXoQxY+wUFlad7+Y9YMjTAFXEVKpkhagCcR3BOnVIJdciWuBFaOmjC3WqkmHEC2j
1HOOLKIXmB0KXNhhMUrrIBHxQFbsNM9GkgAlrvYNZCr3EHTXmrqAej+k4CktdWPp
hQK9iImFt5o3BcW4GypIcGE7dU+miIgxu5OqeTS2xgIi/iZzX5luTtxmIxuma3q+
MzPY5qMZmnmYnHr4ZVzYFe2XmW8f+zR5jWli1O8+FlWrysaE2cahWv2rGOWi3bEa
EfjsWB2B754Cwz2YLJ8oQAnSyey6vrlsRfCYoYuu96qxpivinBpu5Wi+i3xD
-----END CERTIFICATE-----
Generated at Fri Oct 20 10:02:27 2023 by rpki-client on console-ams.rpki-client.org