Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/m1sQgArPhXPIwjmDsM1k2v0ZTYU.roa
File: m1sQgArPhXPIwjmDsM1k2v0ZTYU.roa (raw, json)
Hash identifier: H3yhniCu4qvfgNG9olWtIGOp4uJh+7nut/AgrBj95lg=
Subject key identifier: 9B:5B:10:80:0A:CF:85:73:C8:C2:39:83:B0:CD:64:DA:FD:19:4D:85
Certificate issuer: /CN=85d0e763f935c171694f172056eb44209db2e2cd
Certificate serial: 01914532D8A9FF62DDD9D4D15AC4BAC46424
Authority key identifier: 85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/m1sQgArPhXPIwjmDsM1k2v0ZTYU.roa
Signing time: Mon 12 Aug 2024 06:07:25 +0000
ROA not before: Mon 12 Aug 2024 06:07:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212866
IP address blocks: 89.39.54.0/24 maxlen: 24
212.231.133.0/24 maxlen: 24
212.231.143.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:47:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:45:32:d8:a9:ff:62:dd:d9:d4:d1:5a:c4:ba:c4:64:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85d0e763f935c171694f172056eb44209db2e2cd
Validity
Not Before: Aug 12 06:07:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b5b10800acf8573c8c23983b0cd64dafd194d85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f2:52:35:ba:05:77:0b:96:05:62:67:13:6c:
0c:d6:69:31:cb:82:ea:8d:8b:bc:51:9a:06:38:fb:
5f:1a:48:1d:9b:0e:d7:15:15:64:0f:92:da:4f:e6:
9b:0a:c1:48:b7:01:8f:6e:f5:16:b7:ed:37:d6:81:
b1:f6:37:f7:90:64:f6:30:35:92:e5:30:b0:45:ea:
81:bf:0f:64:57:52:22:5b:3e:58:76:41:cb:69:1f:
c8:d4:84:2a:a2:49:93:ca:f1:f4:a0:1c:14:a4:78:
bc:a2:28:2d:85:d0:01:bf:b3:d5:61:57:58:f0:c9:
bf:04:4f:cf:70:a6:b2:0f:b2:ff:f0:56:da:62:14:
0e:aa:98:29:3a:6b:a8:41:5c:70:e4:e5:5f:c8:f2:
5b:58:3e:16:ee:ce:a9:11:26:a8:2f:0e:4e:8e:d8:
70:d2:7b:41:85:97:88:58:0e:99:2a:9a:2f:65:af:
11:d4:e6:75:85:d7:a2:b4:35:8d:07:d2:8c:14:98:
1f:35:be:fb:e3:f0:42:69:22:ba:4e:1a:df:aa:88:
ce:7d:3d:a5:40:6f:f9:ae:3d:68:b0:9c:71:01:57:
0b:79:aa:cf:0d:25:73:ce:39:8d:f6:95:06:e6:28:
7e:86:5f:bb:9b:88:e4:a7:7c:72:7a:42:8a:58:69:
51:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:5B:10:80:0A:CF:85:73:C8:C2:39:83:B0:CD:64:DA:FD:19:4D:85
X509v3 Authority Key Identifier:
keyid:85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/m1sQgArPhXPIwjmDsM1k2v0ZTYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.39.54.0/24
212.231.133.0/24
212.231.143.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:32:53:f4:39:02:3e:b5:41:7d:b2:df:39:ed:35:36:5d:15:
c5:4a:65:3d:f3:98:c4:66:ec:6a:4e:b4:c0:78:75:38:03:aa:
fb:5c:5f:b2:3c:f0:b2:29:47:97:20:9e:8c:1c:7b:72:ba:e1:
97:5c:88:1a:8d:e8:be:bb:b9:2a:fe:f9:5d:ab:40:dc:3e:08:
e1:d4:e4:02:cc:34:c6:00:a2:55:8f:59:46:62:c0:20:9e:26:
0e:9b:1a:29:55:6d:31:b5:1a:5f:da:ba:4a:b3:dc:be:be:d4:
30:ad:9f:0b:bb:a7:4c:25:fb:b9:51:7c:db:36:a3:04:88:f0:
24:b5:16:e6:1c:87:49:5c:bc:22:cd:91:3a:7f:75:0b:dc:6c:
2c:c9:f0:d0:8b:6d:e6:c2:e4:3a:c1:0c:29:22:98:92:e5:6a:
b8:9d:33:b7:a2:4a:41:60:70:cf:48:4a:8e:59:30:c0:46:a5:
72:7f:29:38:c7:32:6c:b7:c2:bf:84:90:cd:03:51:d5:7b:6c:
37:3d:60:b4:82:5d:62:4a:7f:d2:3e:85:df:a1:c5:c1:b4:b1:
29:c4:68:1d:f4:ce:0e:b8:8a:b9:3a:be:16:6c:8e:b1:3f:34:
c8:ff:9f:fa:cb:49:1c:d6:95:a1:5b:a3:fb:3c:df:c4:69:36:
d6:af:58:e3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZFFMtip/2Ld2dTRWsS6xGQkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZDBlNzYzZjkzNWMxNzE2OTRmMTcyMDU2ZWI0NDIwOWRi
MmUyY2QwHhcNMjQwODEyMDYwNzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjViMTA4MDBhY2Y4NTczYzhjMjM5ODNiMGNkNjRkYWZkMTk0ZDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/JSNboFdwuWBWJnE2wM1mkxy4Lq
jYu8UZoGOPtfGkgdmw7XFRVkD5LaT+abCsFItwGPbvUWt+031oGx9jf3kGT2MDWS
5TCwReqBvw9kV1IiWz5YdkHLaR/I1IQqokmTyvH0oBwUpHi8oigthdABv7PVYVdY
8Mm/BE/PcKayD7L/8FbaYhQOqpgpOmuoQVxw5OVfyPJbWD4W7s6pESaoLw5Ojthw
0ntBhZeIWA6ZKpovZa8R1OZ1hdeitDWNB9KMFJgfNb774/BCaSK6ThrfqojOfT2l
QG/5rj1osJxxAVcLearPDSVzzjmN9pUG5ih+hl+7m4jkp3xyekKKWGlRQQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJtbEIAKz4VzyMI5g7DNZNr9GU2FMB8GA1UdIwQY
MBaAFIXQ52P5NcFxaU8XIFbrRCCdsuLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83NDY0MTAtMDI2Yi00NWM5LTgxY2Qt
ZjEyODM1ZjAyNDdiLzEvbTFzUWdBclBoWFBJd2ptRHNNMWsydjBaVFlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83NDY0MTAtMDI2Yi00NWM5LTgxY2QtZjEyODM1ZjAyNDdi
LzEvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSc2AwQA
1OeFAwQA1OePMA0GCSqGSIb3DQEBCwUAA4IBAQCaMlP0OQI+tUF9st857TU2XRXF
SmU985jEZuxqTrTAeHU4A6r7XF+yPPCyKUeXIJ6MHHtyuuGXXIgajei+u7kq/vld
q0DcPgjh1OQCzDTGAKJVj1lGYsAgniYOmxopVW0xtRpf2rpKs9y+vtQwrZ8Lu6dM
Jfu5UXzbNqMEiPAktRbmHIdJXLwizZE6f3UL3GwsyfDQi23mwuQ6wQwpIpiS5Wq4
nTO3okpBYHDPSEqOWTDARqVyfyk4xzJst8K/hJDNA1HVe2w3PWC0gl1iSn/SPoXf
ocXBtLEpxGgd9M4OuIq5Or4WbI6xPzTI/5/6y0kc1pWhW6P7PN/EaTbWr1jj
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:53 2025 by rpki-client