Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/4a0e8d-0bbe-4213-98b1-1a116a534483/1/D8bQb2nYKG5Sd5kCe6eV6assOlo.roa
File: D8bQb2nYKG5Sd5kCe6eV6assOlo.roa (raw, json)
Hash identifier: 7+sBLBWRM4Q0bbmuRdCoGkYFeElsoXHpXQ4ESkakU/Q=
Subject key identifier: 0F:C6:D0:6F:69:D8:28:6E:52:77:99:02:7B:A7:95:E9:AB:2C:3A:5A
Certificate issuer: /CN=8b9e36bb6fef9328f518e4b105fc212c152a8c68
Certificate serial: 018CC2DB23ED7BDA3A7ACF5818946B849D04
Authority key identifier: 8B:9E:36:BB:6F:EF:93:28:F5:18:E4:B1:05:FC:21:2C:15:2A:8C:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i542u2_vkyj1GOSxBfwhLBUqjGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/4a0e8d-0bbe-4213-98b1-1a116a534483/1/D8bQb2nYKG5Sd5kCe6eV6assOlo.roa
Signing time: Mon 01 Jan 2024 02:29:50 +0000
ROA not before: Mon 01 Jan 2024 02:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207790
IP address blocks: 89.57.128.0/18 maxlen: 24
89.57.64.0/18 maxlen: 24
89.56.0.0/16 maxlen: 24
185.12.88.0/22 maxlen: 22
89.57.0.0/18 maxlen: 24
2a03:7840::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 18 Jun 2024 07:31:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:23:ed:7b:da:3a:7a:cf:58:18:94:6b:84:9d:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b9e36bb6fef9328f518e4b105fc212c152a8c68
Validity
Not Before: Jan 1 02:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fc6d06f69d8286e527799027ba795e9ab2c3a5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:8d:ec:98:a9:78:cc:85:a0:e1:00:09:bb:4c:
7f:e5:ec:e5:a4:96:92:4e:9c:93:cf:a0:62:04:42:
ac:b3:b1:ee:1e:d3:b5:59:c1:60:02:82:9c:84:6b:
a5:c6:1a:b1:0c:e4:7c:7d:6d:56:75:9b:6e:95:6b:
c8:99:1a:b8:c8:1d:62:db:05:96:2e:92:7a:dd:d8:
a1:67:e8:e5:0f:62:79:07:81:26:c2:01:a0:11:a4:
83:3e:25:25:46:3f:ed:41:40:f6:56:12:df:2b:ea:
48:59:64:32:38:bc:86:95:7a:e4:6e:ca:bd:bf:d5:
3f:82:1e:5d:09:5e:22:00:8b:c8:66:5e:09:83:f9:
3b:58:19:ba:80:65:34:60:64:62:77:17:73:47:04:
38:3b:f6:a4:a9:c7:ec:8b:62:47:6a:2f:d6:1b:5c:
e0:ab:48:20:8d:b0:8e:bb:67:d7:85:dd:de:1a:eb:
b7:98:c7:d5:51:62:ca:e5:95:51:51:ec:44:83:18:
3a:5c:f5:a5:53:07:ec:f0:27:61:55:6e:72:4a:7f:
33:aa:44:e6:f6:48:05:19:cb:94:77:f8:4b:f8:2e:
c8:b8:7d:0f:c2:db:cd:ea:7b:35:a4:e4:ee:f5:46:
77:8b:47:7d:f2:0f:1a:08:c7:70:50:8a:77:16:a2:
f2:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:C6:D0:6F:69:D8:28:6E:52:77:99:02:7B:A7:95:E9:AB:2C:3A:5A
X509v3 Authority Key Identifier:
keyid:8B:9E:36:BB:6F:EF:93:28:F5:18:E4:B1:05:FC:21:2C:15:2A:8C:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i542u2_vkyj1GOSxBfwhLBUqjGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4a0e8d-0bbe-4213-98b1-1a116a534483/1/D8bQb2nYKG5Sd5kCe6eV6assOlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4a0e8d-0bbe-4213-98b1-1a116a534483/1/i542u2_vkyj1GOSxBfwhLBUqjGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.56.0.0-89.57.191.255
185.12.88.0/22
IPv6:
2a03:7840::/29
Signature Algorithm: sha256WithRSAEncryption
05:b2:9e:21:71:a9:1a:55:71:7a:48:b7:3e:39:14:42:6d:43:
a1:2b:9c:a0:2d:0d:70:7e:01:4f:27:58:bf:1a:94:fc:6b:58:
68:bb:ce:93:14:86:6d:19:24:65:a5:9f:54:91:3c:ff:b3:12:
ac:c1:8c:e1:62:b2:0a:80:83:d8:f3:84:6b:a3:d0:92:87:b8:
f7:2b:f3:53:e2:c6:59:24:0d:ad:42:2c:34:f6:43:97:53:ab:
8d:74:0e:0e:63:05:3a:29:b8:80:87:78:80:bd:9f:87:60:c6:
f5:41:42:cf:e9:46:08:64:8a:92:7d:6d:f5:30:7e:d8:7a:d9:
fd:a2:2c:f6:f4:70:a7:95:03:d4:68:b1:1f:fb:a0:25:98:a7:
51:64:96:3f:42:51:6d:5e:b1:18:f4:1d:5d:9f:24:bb:66:5c:
d9:7d:bc:1b:9d:56:c6:ae:5d:58:f9:4c:9f:6f:75:b5:f0:26:
99:b6:33:e8:a3:aa:f0:2d:ab:89:0a:e4:1a:67:66:0f:6a:a3:
8c:5c:cc:4d:62:84:20:a0:44:8e:bc:0c:d0:2b:ab:cf:1c:ff:
c5:3a:4d:8d:1b:60:ea:ae:e3:07:42:89:94:20:56:76:63:b5:
3d:5b:47:9d:75:c1:72:f1:e2:be:13:8a:f0:ea:7c:8c:77:68:
02:84:dd:a1
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzC2yPte9o6es9YGJRrhJ0EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiOWUzNmJiNmZlZjkzMjhmNTE4ZTRiMTA1ZmMyMTJjMTUy
YThjNjgwHhcNMjQwMTAxMDIyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmM2ZDA2ZjY5ZDgyODZlNTI3Nzk5MDI3YmE3OTVlOWFiMmMzYTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApo3smKl4zIWg4QAJu0x/5ezlpJaS
TpyTz6BiBEKss7HuHtO1WcFgAoKchGulxhqxDOR8fW1WdZtulWvImRq4yB1i2wWW
LpJ63dihZ+jlD2J5B4EmwgGgEaSDPiUlRj/tQUD2VhLfK+pIWWQyOLyGlXrkbsq9
v9U/gh5dCV4iAIvIZl4Jg/k7WBm6gGU0YGRidxdzRwQ4O/akqcfsi2JHai/WG1zg
q0ggjbCOu2fXhd3eGuu3mMfVUWLK5ZVRUexEgxg6XPWlUwfs8CdhVW5ySn8zqkTm
9kgFGcuUd/hL+C7IuH0PwtvN6ns1pOTu9UZ3i0d98g8aCMdwUIp3FqLyPQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFA/G0G9p2ChuUneZAnunlemrLDpaMB8GA1UdIwQY
MBaAFIueNrtv75Mo9RjksQX8ISwVKoxoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTU0MnUyX3ZreWoxR09TeEJmd2hMQlVxakdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS80YTBlOGQtMGJiZS00MjEzLTk4YjEt
MWExMTZhNTM0NDgzLzEvRDhiUWIybllLRzVTZDVrQ2U2ZVY2YXNzT2xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS80YTBlOGQtMGJiZS00MjEzLTk4YjEtMWExMTZhNTM0NDgz
LzEvaTU0MnUyX3ZreWoxR09TeEJmd2hMQlVxakdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAZBAIAATATMAsDAwNZOAME
Blk5gAMEArkMWDANBAIAAjAHAwUDKgN4QDANBgkqhkiG9w0BAQsFAAOCAQEABbKe
IXGpGlVxeki3PjkUQm1DoSucoC0NcH4BTydYvxqU/GtYaLvOkxSGbRkkZaWfVJE8
/7MSrMGM4WKyCoCD2POEa6PQkoe49yvzU+LGWSQNrUIsNPZDl1OrjXQODmMFOim4
gId4gL2fh2DG9UFCz+lGCGSKkn1t9TB+2HrZ/aIs9vRwp5UD1GixH/ugJZinUWSW
P0JRbV6xGPQdXZ8ku2Zc2X28G51Wxq5dWPlMn291tfAmmbYz6KOq8C2riQrkGmdm
D2qjjFzMTWKEIKBEjrwM0Curzxz/xTpNjRtg6q7jB0KJlCBWdmO1PVtHnXXBcvHi
vhOK8Op8jHdoAoTdoQ==
-----END CERTIFICATE-----
Generated at Tue Jun 18 12:54:39 2024 by rpki-client on console-ams.rpki-client.org