Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/CQFI3tjWL2wjZ_E0InkPQYbFcCE.roa
File: CQFI3tjWL2wjZ_E0InkPQYbFcCE.roa (raw, json)
Hash identifier: VrKmFG3ixixWO0pNYyQ5umqCxDdCfxDobmIQtPjQ6gw=
Subject key identifier: 09:01:48:DE:D8:D6:2F:6C:23:67:F1:34:22:79:0F:41:86:C5:70:21
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018CC26D2A2BAE7B3D4164A58BDA9FD9806C
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/CQFI3tjWL2wjZ_E0InkPQYbFcCE.roa
Signing time: Mon 01 Jan 2024 00:29:43 +0000
ROA not before: Mon 01 Jan 2024 00:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62390
IP address blocks: 89.33.13.0/24 maxlen: 24
93.119.105.0/24 maxlen: 24
89.47.232.0/24 maxlen: 24
188.240.210.0/24 maxlen: 24
89.37.116.0/24 maxlen: 24
89.37.117.0/24 maxlen: 24
89.45.12.0/24 maxlen: 24
89.45.12.0/23 maxlen: 23
89.45.13.0/24 maxlen: 24
188.240.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Mar 2024 12:33:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:2a:2b:ae:7b:3d:41:64:a5:8b:da:9f:d9:80:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 00:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=090148ded8d62f6c2367f13422790f4186c57021
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b4:3d:22:2d:09:cf:db:7a:72:71:90:89:7f:
a7:9e:1e:f9:30:02:b2:62:77:a9:28:47:41:a1:b3:
40:11:83:f6:92:f6:53:0c:de:34:a2:be:89:bd:cc:
7a:40:ed:bc:da:61:04:ad:21:4c:13:10:ae:a3:ef:
3a:0e:b6:5d:ed:77:ad:70:8f:3b:69:3a:91:d4:3d:
23:38:76:7f:9c:b2:3d:e0:c8:b4:3a:8f:79:97:a7:
31:6f:1e:ab:1e:9b:84:2e:f1:98:76:67:1b:af:50:
a8:66:7e:81:51:e0:7b:57:f2:73:77:85:9c:b6:86:
e0:68:14:f1:b7:b6:36:47:88:4a:cd:47:b8:ff:01:
d4:d1:a8:84:d9:c7:20:84:9f:3b:cb:60:61:2c:24:
0a:5e:70:af:c4:c6:e3:f9:c8:22:91:55:bf:b9:2b:
7c:13:f8:a3:f4:ca:a7:89:9c:30:d6:6e:72:4e:61:
8a:ab:47:66:83:0e:9c:50:8c:83:3e:9a:26:2c:48:
65:7f:2b:67:ba:83:8d:be:23:10:e5:1d:bc:f0:a8:
a0:ca:a8:74:52:5b:12:33:a2:df:c2:ba:57:63:6d:
84:13:ba:73:9c:2a:76:f1:9a:22:e0:0c:14:b3:b6:
55:42:d4:f7:f9:49:c5:9d:45:3a:49:66:50:07:7b:
cc:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:01:48:DE:D8:D6:2F:6C:23:67:F1:34:22:79:0F:41:86:C5:70:21
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/CQFI3tjWL2wjZ_E0InkPQYbFcCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.13.0/24
89.37.116.0/23
89.45.12.0/23
89.47.232.0/24
93.119.105.0/24
188.240.210.0/24
188.240.221.0/24
Signature Algorithm: sha256WithRSAEncryption
17:9e:bd:78:9c:68:6d:ea:8a:31:c0:15:77:9f:6e:97:be:60:
e8:55:46:cd:1b:94:dd:26:ab:cc:5b:39:af:8e:7a:9e:ec:90:
56:7e:5a:84:cf:fd:8f:89:9a:25:4e:d0:65:1c:6f:25:3b:99:
8a:0c:6a:38:b7:c8:dd:f3:19:70:b2:06:96:c3:88:46:f4:94:
00:2b:a9:68:8c:de:7d:35:47:ef:9e:aa:83:6d:e7:56:7d:e2:
04:be:5d:c9:ea:9e:d7:c1:4c:19:e1:88:af:c7:1b:3c:07:0e:
ea:fc:dd:d7:1b:9c:ba:ae:fa:24:d8:10:ad:da:88:fe:a1:f3:
0f:a0:79:77:d2:ea:d8:c7:e8:5e:16:5b:13:8d:7c:98:aa:71:
1a:ff:fe:29:f0:51:9c:56:98:6d:46:b5:bc:bf:c6:c0:c9:2e:
fe:29:bc:ff:c5:aa:01:6f:d1:88:e6:8c:e1:46:50:a0:d3:e0:
83:db:11:ee:2d:a7:5c:31:9e:78:b5:b5:3a:2b:9e:e7:0a:71:
2a:6d:6e:38:59:42:e2:1f:91:03:db:df:71:5a:09:5b:b3:d6:
af:38:79:f4:d3:66:0e:0a:19:75:2d:a4:fa:2e:b9:68:5f:9d:
10:88:d6:97:49:66:51:71:18:4c:ce:24:9d:96:09:de:4b:f6:
d8:3e:64:80
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzCbSorrns9QWSli9qf2YBsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTAxMDAyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTAxNDhkZWQ4ZDYyZjZjMjM2N2YxMzQyMjc5MGY0MTg2YzU3MDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrQ9Ii0Jz9t6cnGQiX+nnh75MAKy
YnepKEdBobNAEYP2kvZTDN40or6Jvcx6QO282mEErSFMExCuo+86DrZd7XetcI87
aTqR1D0jOHZ/nLI94Mi0Oo95l6cxbx6rHpuELvGYdmcbr1CoZn6BUeB7V/Jzd4Wc
tobgaBTxt7Y2R4hKzUe4/wHU0aiE2ccghJ87y2BhLCQKXnCvxMbj+cgikVW/uSt8
E/ij9MqniZww1m5yTmGKq0dmgw6cUIyDPpomLEhlfytnuoONviMQ5R288Kigyqh0
UlsSM6LfwrpXY22EE7pznCp28Zoi4AwUs7ZVQtT3+UnFnUU6SWZQB3vM2QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAkBSN7Y1i9sI2fxNCJ5D0GGxXAhMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvQ1FGSTN0aldMMndqWl9FMElua1BRWWJGY0NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAWSENAwQB
WSV0AwQBWS0MAwQAWS/oAwQAXXdpAwQAvPDSAwQAvPDdMA0GCSqGSIb3DQEBCwUA
A4IBAQAXnr14nGht6ooxwBV3n26XvmDoVUbNG5TdJqvMWzmvjnqe7JBWflqEz/2P
iZolTtBlHG8lO5mKDGo4t8jd8xlwsgaWw4hG9JQAK6lojN59NUfvnqqDbedWfeIE
vl3J6p7XwUwZ4Yivxxs8Bw7q/N3XG5y6rvok2BCt2oj+ofMPoHl30urYx+heFlsT
jXyYqnEa//4p8FGcVphtRrW8v8bAyS7+Kbz/xaoBb9GI5ozhRlCg0+CD2xHuLadc
MZ54tbU6K57nCnEqbW44WULiH5ED299xWglbs9avOHn002YOChl1LaT6LrloX50Q
iNaXSWZRcRhMziSdlgneS/bYPmSA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:49 2024 by rpki-client on console-ams.rpki-client.org