Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/lOF0zmYVVcY5f3snn9cL51CDKkI.roa
File: lOF0zmYVVcY5f3snn9cL51CDKkI.roa (raw, json)
Hash identifier: H+ov2mvgKp/JPugNBTT4LQJ4z5l3yy80Hbg4sAbGQ2Y=
Subject key identifier: 94:E1:74:CE:66:15:55:C6:39:7F:7B:27:9F:D7:0B:E7:50:83:2A:42
Certificate issuer: /CN=df0198a7b3afdcdd7003562a0871878e238760ad
Certificate serial: 018CD39D43A59C52CC68656135EAFB2050A6
Authority key identifier: DF:01:98:A7:B3:AF:DC:DD:70:03:56:2A:08:71:87:8E:23:87:60:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/lOF0zmYVVcY5f3snn9cL51CDKkI.roa
Signing time: Thu 04 Jan 2024 08:35:48 +0000
ROA not before: Thu 04 Jan 2024 08:35:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 89.223.128.0/17 maxlen: 24
213.222.128.0/18 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jan 2024 12:06:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d3:9d:43:a5:9c:52:cc:68:65:61:35:ea:fb:20:50:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df0198a7b3afdcdd7003562a0871878e238760ad
Validity
Not Before: Jan 4 08:35:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94e174ce661555c6397f7b279fd70be750832a42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:88:ee:b8:6c:5c:43:cf:c2:84:33:30:71:a2:
5b:c9:58:6f:78:0a:72:2f:af:c8:8b:c8:90:0b:09:
78:19:c1:db:ee:93:26:b1:31:d8:0f:05:af:84:42:
53:29:7d:7e:cc:ff:d4:47:32:bd:4d:1b:e8:85:ee:
d2:83:89:a9:8c:6a:c5:16:da:fb:f5:ca:a6:3a:c1:
fb:3f:d4:ae:20:ef:4c:26:19:8a:bc:51:15:b2:df:
c4:f4:f1:27:f2:9d:1b:88:f6:52:43:3d:b7:1c:fa:
68:90:4d:3b:bc:d7:47:73:9f:92:b6:93:41:19:64:
73:73:01:c0:a0:2a:f9:03:89:a0:ed:1c:a7:1f:49:
ed:c8:67:82:e1:d5:8b:54:60:f5:b1:05:36:a1:8d:
2a:d6:25:84:2a:d1:58:5c:82:c6:c7:eb:4f:a5:d4:
01:8c:ef:67:3c:3e:4a:c1:da:6d:ee:02:41:65:85:
fc:4c:f6:6b:45:65:1c:99:98:d0:34:de:1a:81:e1:
8f:f8:49:b2:22:c0:45:50:46:98:82:88:51:d6:4a:
64:63:66:85:17:f4:57:6d:2f:13:b2:b9:8b:f6:d2:
2d:55:b9:37:de:7e:3d:57:6a:2d:ad:88:72:a1:41:
3d:a1:a8:cf:f4:d3:39:ec:f5:ad:42:78:d2:76:14:
b3:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:E1:74:CE:66:15:55:C6:39:7F:7B:27:9F:D7:0B:E7:50:83:2A:42
X509v3 Authority Key Identifier:
keyid:DF:01:98:A7:B3:AF:DC:DD:70:03:56:2A:08:71:87:8E:23:87:60:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/lOF0zmYVVcY5f3snn9cL51CDKkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.223.128.0/17
213.222.128.0/18
Signature Algorithm: sha256WithRSAEncryption
39:b1:23:86:c6:4f:03:8d:97:73:be:29:0a:20:b9:b6:fe:5e:
1f:5e:23:c2:9e:37:5d:d8:e7:d7:35:b4:c9:20:c9:5a:52:c6:
91:85:3c:c4:ee:80:8b:91:d8:27:bc:b6:1e:bd:d9:45:39:3a:
57:2c:47:29:03:8a:53:e8:00:76:f0:91:37:df:dc:5a:a0:8c:
e6:45:ab:d5:eb:f9:94:da:7d:7d:26:8c:9d:a0:ee:93:c5:14:
11:37:fe:b2:a6:25:0f:4f:d9:fa:d9:b3:79:02:5b:66:45:60:
f1:75:97:a5:95:ce:4f:b0:2a:49:48:d1:ee:22:e9:7c:5b:78:
d5:9c:f8:0b:f0:cd:83:66:6d:34:4d:86:bf:3c:3e:77:53:01:
b1:3b:2d:c6:fd:0d:21:81:74:fb:e0:39:35:d5:0b:8c:db:16:
a8:8d:3d:da:e0:30:dc:49:27:a5:ca:7b:d8:7e:33:90:2d:b4:
41:5f:af:82:06:46:ce:c4:33:52:68:de:63:d3:eb:d9:0f:2a:
4a:57:c0:54:c2:20:95:00:9d:f3:38:fa:c9:d5:65:0b:c6:1c:
68:97:39:1b:fd:55:31:71:48:95:dd:52:a7:82:3c:79:8f:68:
22:66:79:78:44:17:64:c6:d6:6d:6e:56:c9:0c:16:ee:e0:e9:
66:ae:5d:01
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzTnUOlnFLMaGVhNer7IFCmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMDE5OGE3YjNhZmRjZGQ3MDAzNTYyYTA4NzE4NzhlMjM4
NzYwYWQwHhcNMjQwMTA0MDgzNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGUxNzRjZTY2MTU1NWM2Mzk3ZjdiMjc5ZmQ3MGJlNzUwODMyYTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmojuuGxcQ8/ChDMwcaJbyVhveApy
L6/Ii8iQCwl4GcHb7pMmsTHYDwWvhEJTKX1+zP/URzK9TRvohe7Sg4mpjGrFFtr7
9cqmOsH7P9SuIO9MJhmKvFEVst/E9PEn8p0biPZSQz23HPpokE07vNdHc5+StpNB
GWRzcwHAoCr5A4mg7RynH0ntyGeC4dWLVGD1sQU2oY0q1iWEKtFYXILGx+tPpdQB
jO9nPD5Kwdpt7gJBZYX8TPZrRWUcmZjQNN4ageGP+EmyIsBFUEaYgohR1kpkY2aF
F/RXbS8TsrmL9tItVbk33n49V2otrYhyoUE9oajP9NM57PWtQnjSdhSzLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJThdM5mFVXGOX97J5/XC+dQgypCMB8GA1UdIwQY
MBaAFN8BmKezr9zdcANWKghxh44jh2CtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3dHWXA3T3YzTjF3QTFZcUNIR0hqaU9IWUswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9kM2ZjYTYtZWNiNS00M2FhLThjOWQt
MGZjYzZjMzAxMWZjLzEvbE9GMHptWVZWY1k1ZjNzbm45Y0w1MUNES2tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9kM2ZjYTYtZWNiNS00M2FhLThjOWQtMGZjYzZjMzAxMWZj
LzEvM3dHWXA3T3YzTjF3QTFZcUNIR0hqaU9IWUswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQHWd+AAwQG
1d6AMA0GCSqGSIb3DQEBCwUAA4IBAQA5sSOGxk8DjZdzvikKILm2/l4fXiPCnjdd
2OfXNbTJIMlaUsaRhTzE7oCLkdgnvLYevdlFOTpXLEcpA4pT6AB28JE339xaoIzm
RavV6/mU2n19JoydoO6TxRQRN/6ypiUPT9n62bN5AltmRWDxdZellc5PsCpJSNHu
Iul8W3jVnPgL8M2DZm00TYa/PD53UwGxOy3G/Q0hgXT74Dk11QuM2xaojT3a4DDc
SSelynvYfjOQLbRBX6+CBkbOxDNSaN5j0+vZDypKV8BUwiCVAJ3zOPrJ1WULxhxo
lzkb/VUxcUiV3VKngjx5j2giZnl4RBdkxtZtblbJDBbu4Olmrl0B
-----END CERTIFICATE-----
Generated at Mon Jan 8 14:55:23 2024 by rpki-client on console-ams.rpki-client.org