Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Pn2aEIyydkUlNtGsmWwLht22NzI.roa
File: Pn2aEIyydkUlNtGsmWwLht22NzI.roa (raw, json)
Hash identifier: mEkQRZPThsvNASXi+BtgGlkt2CHVoNCL7rXeFg2T6v8=
Subject key identifier: 3E:7D:9A:10:8C:B2:76:45:25:36:D1:AC:99:6C:0B:86:DD:B6:37:32
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01879DCACE8E3C6D16BDF273AA4ACD96059A
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Pn2aEIyydkUlNtGsmWwLht22NzI.roa
Signing time: Thu 20 Apr 2023 08:32:06 +0000
ROA not before: Thu 20 Apr 2023 08:32:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3223
IP address blocks: 89.47.233.0/24 maxlen: 24
188.240.210.0/24 maxlen: 24
89.34.26.0/24 maxlen: 24
89.41.179.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 31 Oct 2023 06:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9d:ca:ce:8e:3c:6d:16:bd:f2:73:aa:4a:cd:96:05:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Apr 20 08:32:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e7d9a108cb276452536d1ac996c0b86ddb63732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:37:45:99:c9:ab:ff:63:3f:dd:b2:8c:20:a1:
45:2b:e6:fd:65:05:5e:62:13:f2:ca:59:e6:8d:d4:
d9:30:b2:1b:0f:25:49:3d:64:29:53:29:c5:22:84:
f6:5b:19:f1:95:4e:50:e6:b9:09:ef:87:ad:e8:4c:
d6:4d:88:ab:63:8f:10:7c:e7:44:a3:a4:6d:f4:b2:
c8:cb:b9:c6:57:59:f8:35:04:b7:b5:cf:3c:e7:b5:
e5:e5:16:0e:b9:16:1d:0c:b8:ea:81:0b:35:e6:b4:
12:44:ad:cb:3b:e7:26:33:4d:54:e3:f5:1a:fe:de:
ca:b9:da:41:e1:d1:8b:5e:00:41:05:70:62:ac:6c:
66:6f:40:48:ed:c4:4a:a0:fc:b0:3a:11:a3:6c:c5:
e6:f7:bf:f9:5b:cd:68:35:e3:59:ec:c0:ab:f5:a4:
64:3e:cc:af:ea:44:18:68:28:bf:b1:cd:95:a4:c8:
1d:70:dc:99:cd:52:96:a6:83:70:2b:a0:53:2d:dc:
37:da:70:c2:f3:90:bf:11:92:13:82:a6:56:a5:ce:
78:f2:45:42:de:8b:1d:24:31:fe:d4:d7:4e:da:23:
fb:ad:f5:eb:14:25:0e:96:e3:4c:a5:b7:37:1d:a0:
8a:2f:05:36:11:7c:f7:95:65:11:9f:e1:52:b9:ba:
c6:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:7D:9A:10:8C:B2:76:45:25:36:D1:AC:99:6C:0B:86:DD:B6:37:32
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Pn2aEIyydkUlNtGsmWwLht22NzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.26.0/24
89.41.179.0/24
89.47.233.0/24
188.240.210.0/24
Signature Algorithm: sha256WithRSAEncryption
68:2f:35:ab:94:08:f8:f8:73:0a:a5:69:c2:ff:9f:14:e5:3c:
fe:be:ce:8e:b3:f6:36:d3:b3:4e:04:2f:e3:58:33:b8:94:a7:
94:9f:12:36:d7:31:b2:ed:fc:f7:ef:73:eb:5b:8c:75:b0:d1:
fc:40:55:d4:5a:0b:b1:c1:85:c5:00:63:37:55:55:a4:53:f2:
d6:f3:32:93:ca:16:50:3a:31:9d:04:65:25:1d:6a:41:68:86:
2f:6d:e1:a1:27:13:de:58:04:ce:58:94:56:4a:cc:11:09:da:
0f:a6:cc:4f:e6:54:c0:c6:e0:3f:d6:ec:e6:36:bf:86:ae:3a:
05:e7:e2:ae:2f:1b:66:32:38:ca:bf:fd:85:5f:39:88:00:e2:
ce:b2:95:10:e2:52:9d:ec:6c:17:b3:3c:70:96:76:9a:00:d0:
2d:23:de:3e:6c:44:cf:72:d3:9d:84:c2:ee:db:6a:88:3a:9a:
f7:91:6d:7a:28:fe:6c:02:ce:af:9a:fd:3c:b5:ec:d0:6a:53:
8d:c3:3f:79:6c:4c:e5:84:55:2e:f3:d9:a0:29:dc:ed:9f:32:
c5:3f:cd:d1:40:7c:61:e1:ab:86:ea:1d:a9:8b:84:6a:ac:1c:
1a:59:e3:56:ca:7d:a7:94:28:9e:ec:43:42:2e:04:78:92:3e:
b9:30:d0:75
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYedys6OPG0WvfJzqkrNlgWaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwNDIwMDgzMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTdkOWExMDhjYjI3NjQ1MjUzNmQxYWM5OTZjMGI4NmRkYjYzNzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDdFmcmr/2M/3bKMIKFFK+b9ZQVe
YhPyylnmjdTZMLIbDyVJPWQpUynFIoT2WxnxlU5Q5rkJ74et6EzWTYirY48QfOdE
o6Rt9LLIy7nGV1n4NQS3tc8857Xl5RYOuRYdDLjqgQs15rQSRK3LO+cmM01U4/Ua
/t7KudpB4dGLXgBBBXBirGxmb0BI7cRKoPywOhGjbMXm97/5W81oNeNZ7MCr9aRk
Psyv6kQYaCi/sc2VpMgdcNyZzVKWpoNwK6BTLdw32nDC85C/EZITgqZWpc548kVC
3osdJDH+1NdO2iP7rfXrFCUOluNMpbc3HaCKLwU2EXz3lWURn+FSubrGFQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD59mhCMsnZFJTbRrJlsC4bdtjcyMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvUG4yYUVJeXlka1VsTnRHc21Xd0xodDIyTnpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWSIaAwQA
WSmzAwQAWS/pAwQAvPDSMA0GCSqGSIb3DQEBCwUAA4IBAQBoLzWrlAj4+HMKpWnC
/58U5Tz+vs6Os/Y207NOBC/jWDO4lKeUnxI21zGy7fz373PrW4x1sNH8QFXUWgux
wYXFAGM3VVWkU/LW8zKTyhZQOjGdBGUlHWpBaIYvbeGhJxPeWATOWJRWSswRCdoP
psxP5lTAxuA/1uzmNr+GrjoF5+KuLxtmMjjKv/2FXzmIAOLOspUQ4lKd7GwXszxw
lnaaANAtI94+bETPctOdhMLu22qIOpr3kW16KP5sAs6vmv08tezQalONwz95bEzl
hFUu89mgKdztnzLFP83RQHxh4auG6h2pi4RqrBwaWeNWyn2nlCie7ENCLgR4kj65
MNB1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:50 2024 by rpki-client on console-ams.rpki-client.org