Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/4mzHJdpgxlS8-Ykcc-Km6_bR4Ng.roa
File: 4mzHJdpgxlS8-Ykcc-Km6_bR4Ng.roa (raw, json)
Hash identifier: Vt+8xyZJK70ko9OrpgElaLjZ6setDGi0lLM1QhwTplU=
Subject key identifier: E2:6C:C7:25:DA:60:C6:54:BC:F9:89:1C:73:E2:A6:EB:F6:D1:E0:D8
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018D277F51618E0497B077C9A3A7B51C9DA6
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/4mzHJdpgxlS8-Ykcc-Km6_bR4Ng.roa
Signing time: Sat 20 Jan 2024 15:31:11 +0000
ROA not before: Sat 20 Jan 2024 15:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 89.34.224.0/23 maxlen: 24
89.34.228.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
89.42.81.0/24 maxlen: 24
89.42.86.0/24 maxlen: 24
89.42.95.0/24 maxlen: 24
89.43.140.0/24 maxlen: 24
89.43.143.0/24 maxlen: 24
89.47.125.0/24 maxlen: 24
93.113.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 Jan 2024 20:50:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:27:7f:51:61:8e:04:97:b0:77:c9:a3:a7:b5:1c:9d:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 20 15:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e26cc725da60c654bcf9891c73e2a6ebf6d1e0d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:3f:cc:fd:64:f8:8e:40:96:e5:9a:28:d4:c8:
5f:fd:8e:88:44:87:7d:ac:2b:3d:da:b0:8c:79:4c:
d1:6b:a0:fc:ec:c0:16:29:49:94:e6:03:db:c9:9f:
1b:2a:94:ea:cf:cf:ff:09:8f:32:b3:99:e2:fc:52:
7e:41:cc:5d:02:e0:7a:83:4d:cb:a5:3b:be:e7:91:
f8:6d:c6:93:60:42:5e:d6:95:1d:40:bb:5d:77:33:
4b:25:0c:d3:62:05:6d:f6:2d:df:7b:42:63:94:72:
21:65:81:2a:70:df:e8:19:89:f1:7a:e4:ea:ac:fd:
a4:cc:0c:c9:c6:6c:59:fd:67:e8:56:fb:dd:40:8c:
70:0e:2c:6f:b3:2a:92:49:74:06:a3:79:f5:96:77:
44:79:a9:2b:23:32:6b:ee:fe:3e:86:a8:2a:a8:41:
d4:e9:87:b9:55:89:76:d9:d8:f9:93:a2:5e:da:af:
c7:9c:79:6f:5a:1d:3b:b4:c9:3e:7e:6a:d0:e2:87:
82:2a:b7:d2:1e:a1:83:2a:23:54:f5:a0:4a:51:13:
70:4b:1a:89:83:8f:97:d2:43:5b:85:2c:ad:fc:c1:
82:3d:ce:83:de:aa:af:cc:c4:71:c1:81:b1:49:84:
7f:0a:07:12:8f:ca:35:09:c7:8e:4b:53:c3:da:e1:
b1:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:6C:C7:25:DA:60:C6:54:BC:F9:89:1C:73:E2:A6:EB:F6:D1:E0:D8
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/4mzHJdpgxlS8-Ykcc-Km6_bR4Ng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.224.0/23
89.34.228.0/24
89.34.231.0/24
89.42.81.0/24
89.42.86.0/24
89.42.95.0/24
89.43.140.0/24
89.43.143.0/24
89.47.125.0/24
93.113.181.0/24
Signature Algorithm: sha256WithRSAEncryption
31:eb:a7:c5:86:3d:f7:ab:ef:6c:ad:b9:4b:5e:7d:24:f6:6d:
f4:85:ed:6f:8b:dd:04:3d:4d:55:06:54:1a:0a:b3:ae:f3:cd:
15:5d:3f:7e:03:97:45:36:ab:f6:78:b1:2f:32:64:24:a5:84:
45:e5:a6:20:2d:9b:12:b9:51:66:af:00:69:83:ad:19:01:b4:
d0:61:2d:48:50:89:eb:c3:b9:9e:c4:de:46:4f:6d:d2:77:a6:
17:9b:36:95:ce:e4:b5:bb:9b:00:02:46:8f:9a:0a:e2:7f:86:
91:2b:b0:e6:d5:fb:22:1d:b4:e9:fd:77:a6:23:61:40:db:84:
40:51:f7:f9:67:e2:86:eb:c1:d4:cb:96:90:06:dd:5c:0d:6a:
10:89:51:83:d0:fe:d1:5f:ff:74:dd:35:40:fa:f7:56:90:f0:
ff:a5:4e:0c:38:3b:37:c1:6f:3b:d9:4a:72:62:0e:64:a4:5f:
65:b2:78:91:90:ab:c2:b3:f6:15:ff:c1:a4:28:9b:2a:39:7a:
ad:43:4e:1a:ba:ba:24:b0:4a:70:87:1a:b6:94:b2:e2:6d:f3:
6d:00:33:cc:2b:28:d0:ac:32:80:a5:d7:a0:d8:e5:d7:51:6f:
23:a3:53:75:55:c0:4c:63:9f:ff:44:12:c3:e0:86:f4:9c:1a:
b3:f1:54:79
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY0nf1FhjgSXsHfJo6e1HJ2mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTIwMTUzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjZjYzcyNWRhNjBjNjU0YmNmOTg5MWM3M2UyYTZlYmY2ZDFlMGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5D/M/WT4jkCW5Zoo1Mhf/Y6IRId9
rCs92rCMeUzRa6D87MAWKUmU5gPbyZ8bKpTqz8//CY8ys5ni/FJ+QcxdAuB6g03L
pTu+55H4bcaTYEJe1pUdQLtddzNLJQzTYgVt9i3fe0JjlHIhZYEqcN/oGYnxeuTq
rP2kzAzJxmxZ/WfoVvvdQIxwDixvsyqSSXQGo3n1lndEeakrIzJr7v4+hqgqqEHU
6Ye5VYl22dj5k6Je2q/HnHlvWh07tMk+fmrQ4oeCKrfSHqGDKiNU9aBKURNwSxqJ
g4+X0kNbhSyt/MGCPc6D3qqvzMRxwYGxSYR/CgcSj8o1CceOS1PD2uGxDwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFOJsxyXaYMZUvPmJHHPipuv20eDYMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvNG16SEpkcGd4bFM4LVlrY2MtS202X2JSNE5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBWSLgAwQA
WSLkAwQAWSLnAwQAWSpRAwQAWSpWAwQAWSpfAwQAWSuMAwQAWSuPAwQAWS99AwQA
XXG1MA0GCSqGSIb3DQEBCwUAA4IBAQAx66fFhj33q+9srblLXn0k9m30he1vi90E
PU1VBlQaCrOu880VXT9+A5dFNqv2eLEvMmQkpYRF5aYgLZsSuVFmrwBpg60ZAbTQ
YS1IUInrw7mexN5GT23Sd6YXmzaVzuS1u5sAAkaPmgrif4aRK7Dm1fsiHbTp/Xem
I2FA24RAUff5Z+KG68HUy5aQBt1cDWoQiVGD0P7RX/903TVA+vdWkPD/pU4MODs3
wW872UpyYg5kpF9lsniRkKvCs/YV/8GkKJsqOXqtQ04auroksEpwhxq2lLLibfNt
ADPMKyjQrDKApdeg2OXXUW8jo1N1VcBMY5//RBLD4Ib0nBqz8VR5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:18 2024 by rpki-client on console-fra.rpki-client.org