Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/A9ZF0sBvKuUqW2guJHM_d4QxwjQ.roa
File: A9ZF0sBvKuUqW2guJHM_d4QxwjQ.roa (raw, json)
Hash identifier: t8U+Crc3wtQn6omZ3scWqQfR/+ra5lMLgjOqr0j61zw=
Subject key identifier: 03:D6:45:D2:C0:6F:2A:E5:2A:5B:68:2E:24:73:3F:77:84:31:C2:34
Certificate issuer: /CN=3694fcc6bf6a8740fa7814641fd9d6ec8d862e5f
Certificate serial: 018CC3490C3D1045E8809A0515B4196CAB29
Authority key identifier: 36:94:FC:C6:BF:6A:87:40:FA:78:14:64:1F:D9:D6:EC:8D:86:2E:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpT8xr9qh0D6eBRkH9nW7I2GLl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/A9ZF0sBvKuUqW2guJHM_d4QxwjQ.roa
Signing time: Mon 01 Jan 2024 04:29:53 +0000
ROA not before: Mon 01 Jan 2024 04:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204145
IP address blocks: 89.35.179.0/24 maxlen: 24
185.113.64.0/24 maxlen: 24
185.113.65.0/24 maxlen: 24
185.113.66.0/24 maxlen: 24
185.113.67.0/24 maxlen: 24
185.50.73.0/24 maxlen: 24
185.50.74.0/24 maxlen: 24
185.50.75.0/24 maxlen: 24
185.50.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Jan 2024 09:05:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:0c:3d:10:45:e8:80:9a:05:15:b4:19:6c:ab:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3694fcc6bf6a8740fa7814641fd9d6ec8d862e5f
Validity
Not Before: Jan 1 04:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03d645d2c06f2ae52a5b682e24733f778431c234
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f5:cd:87:14:e3:4c:db:a0:e2:60:38:7e:12:
bb:fc:ac:d2:12:2c:47:45:92:2a:2b:17:1b:57:11:
72:6b:e8:0b:b8:cf:f4:03:9c:83:13:29:51:58:fb:
eb:1f:d9:c9:cb:eb:b7:72:21:55:59:7d:e9:ea:0d:
17:87:aa:bf:6e:bf:fe:42:33:bb:ba:77:30:a2:ef:
cd:70:f3:ed:d9:8e:32:f6:56:51:2f:e4:8c:96:d2:
47:0d:7a:89:b5:01:2a:eb:84:38:ac:01:9b:81:0b:
05:18:71:23:fe:d7:1c:cc:46:48:f3:63:6c:e9:f2:
4a:5c:ab:5a:db:b2:8d:63:d5:4a:64:d6:75:12:22:
bd:40:a7:ef:4c:15:58:d0:ed:2d:81:81:cb:b3:58:
ea:8d:7a:6d:39:17:7a:92:8a:cc:ea:c2:d7:6a:fb:
85:93:81:a9:b6:38:93:4a:4c:fd:12:e0:e4:48:f8:
97:5a:66:0d:10:80:83:e3:65:88:dc:dc:a2:19:54:
39:02:75:6a:9a:82:f4:a8:bd:f7:cf:03:85:6b:a9:
61:ed:17:96:05:e4:a0:d4:b4:af:77:55:d4:52:2a:
7a:72:c2:51:cb:3b:fa:71:40:eb:62:4d:28:23:f4:
a8:ef:16:cc:9c:ad:a3:03:db:59:e6:75:f9:76:4b:
da:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:D6:45:D2:C0:6F:2A:E5:2A:5B:68:2E:24:73:3F:77:84:31:C2:34
X509v3 Authority Key Identifier:
keyid:36:94:FC:C6:BF:6A:87:40:FA:78:14:64:1F:D9:D6:EC:8D:86:2E:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpT8xr9qh0D6eBRkH9nW7I2GLl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/A9ZF0sBvKuUqW2guJHM_d4QxwjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/NpT8xr9qh0D6eBRkH9nW7I2GLl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.179.0/24
185.50.72.0/22
185.113.64.0/22
Signature Algorithm: sha256WithRSAEncryption
01:01:df:18:06:a8:e9:3b:c4:76:03:e0:90:29:06:20:16:97:
bd:e1:66:4e:ac:23:dd:79:e0:cb:e6:d5:ad:11:f7:07:d2:a5:
ee:b1:7b:a3:66:e5:f1:5d:7d:61:af:0e:cd:94:2b:b6:65:64:
ab:9c:98:18:9c:f9:b0:4e:30:ae:e9:42:66:17:7d:94:e7:aa:
68:d5:8c:82:fe:9e:26:8c:33:07:55:f7:a9:b9:90:cd:0b:40:
6f:6b:e9:98:06:31:ed:17:70:97:6f:bc:1c:86:d0:42:f5:6a:
57:16:5a:0e:91:fd:db:01:52:70:cf:ee:17:68:3c:e7:31:d7:
d2:62:31:52:f8:dc:1e:40:cc:6a:7d:a1:5b:04:9c:9c:63:b0:
9a:da:df:3c:c5:f6:4e:88:6c:7b:67:66:5d:09:b5:c3:53:92:
a1:96:0c:d7:fb:81:9c:ff:fa:64:6d:8a:d1:61:96:a9:a7:80:
73:d9:a8:aa:b6:f4:79:a8:f9:91:52:20:7d:d7:ff:eb:dc:4a:
cd:5a:4b:8f:03:40:c0:34:b2:61:64:74:01:cc:15:8c:ce:c5:
04:1d:5b:86:66:51:b6:3a:c4:60:15:14:5b:90:e8:6f:e2:3a:
31:f2:57:c1:ae:ad:b0:af:05:41:a2:77:1c:ce:6a:98:dd:fb:
a7:10:7a:fa
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDSQw9EEXogJoFFbQZbKspMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTRmY2M2YmY2YTg3NDBmYTc4MTQ2NDFmZDlkNmVjOGQ4
NjJlNWYwHhcNMjQwMTAxMDQyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2Q2NDVkMmMwNmYyYWU1MmE1YjY4MmUyNDczM2Y3Nzg0MzFjMjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPXNhxTjTNug4mA4fhK7/KzSEixH
RZIqKxcbVxFya+gLuM/0A5yDEylRWPvrH9nJy+u3ciFVWX3p6g0Xh6q/br/+QjO7
uncwou/NcPPt2Y4y9lZRL+SMltJHDXqJtQEq64Q4rAGbgQsFGHEj/tcczEZI82Ns
6fJKXKta27KNY9VKZNZ1EiK9QKfvTBVY0O0tgYHLs1jqjXptORd6korM6sLXavuF
k4GptjiTSkz9EuDkSPiXWmYNEICD42WI3NyiGVQ5AnVqmoL0qL33zwOFa6lh7ReW
BeSg1LSvd1XUUip6csJRyzv6cUDrYk0oI/So7xbMnK2jA9tZ5nX5dkvaHwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAPWRdLAbyrlKltoLiRzP3eEMcI0MB8GA1UdIwQY
MBaAFDaU/Ma/aodA+ngUZB/Z1uyNhi5fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBUOHhyOXFoMEQ2ZUJSa0g5blc3STJHTGw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9hOGRkOWUtNzFmMi00Zjc3LWI1NzUt
MGQzZmNlNDI5YmRlLzEvQTlaRjBzQnZLdVVxVzJndUpITV9kNFF4d2pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9hOGRkOWUtNzFmMi00Zjc3LWI1NzUtMGQzZmNlNDI5YmRl
LzEvTnBUOHhyOXFoMEQ2ZUJSa0g5blc3STJHTGw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSOzAwQC
uTJIAwQCuXFAMA0GCSqGSIb3DQEBCwUAA4IBAQABAd8YBqjpO8R2A+CQKQYgFpe9
4WZOrCPdeeDL5tWtEfcH0qXusXujZuXxXX1hrw7NlCu2ZWSrnJgYnPmwTjCu6UJm
F32U56po1YyC/p4mjDMHVfepuZDNC0Bva+mYBjHtF3CXb7wchtBC9WpXFloOkf3b
AVJwz+4XaDznMdfSYjFS+NweQMxqfaFbBJycY7Ca2t88xfZOiGx7Z2ZdCbXDU5Kh
lgzX+4Gc//pkbYrRYZapp4Bz2aiqtvR5qPmRUiB91//r3ErNWkuPA0DANLJhZHQB
zBWMzsUEHVuGZlG2OsRgFRRbkOhv4jox8lfBrq2wrwVBoncczmqY3funEHr6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:50 2024 by rpki-client on console-fra.rpki-client.org