Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/r16qqjZCHtprCOsL7vMOTL0Uf8s.roa
File: r16qqjZCHtprCOsL7vMOTL0Uf8s.roa (raw, json)
Hash identifier: fuiJ4OXIZheJJY0MgsRQJM3/MooJONMOOsD6HoXzmf0=
Subject key identifier: AF:5E:AA:AA:36:42:1E:DA:6B:08:EB:0B:EE:F3:0E:4C:BD:14:7F:CB
Certificate issuer: /CN=74896c544b461d8b062eff9e3d2c29cd3cc960ec
Certificate serial: 01856FA717816E0A920549D31988A3329CAA
Authority key identifier: 74:89:6C:54:4B:46:1D:8B:06:2E:FF:9E:3D:2C:29:CD:3C:C9:60:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dIlsVEtGHYsGLv-ePSwpzTzJYOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/r16qqjZCHtprCOsL7vMOTL0Uf8s.roa
Signing time: Sun 01 Jan 2023 23:24:59 +0000
ROA not before: Sun 01 Jan 2023 23:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34740
IP address blocks: 89.38.48.0/24 maxlen: 24
89.38.49.0/24 maxlen: 24
89.38.50.0/24 maxlen: 24
89.38.51.0/24 maxlen: 24
188.215.144.0/20 maxlen: 20
Validation: Failed, certificate revoked on Fri 11 Aug 2023 10:39:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a7:17:81:6e:0a:92:05:49:d3:19:88:a3:32:9c:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74896c544b461d8b062eff9e3d2c29cd3cc960ec
Validity
Not Before: Jan 1 23:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af5eaaaa36421eda6b08eb0beef30e4cbd147fcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:9d:02:f7:49:d7:05:e2:bf:19:e6:19:da:13:
89:d0:1f:7d:86:d7:a2:21:d8:6f:d1:20:71:2a:bc:
ff:87:e3:12:51:7f:f4:f2:d1:cd:e1:80:2e:84:24:
a4:9d:bf:02:ba:47:dc:42:44:74:38:77:d5:97:57:
1e:4d:18:1f:71:af:a1:84:bb:22:de:e4:ea:04:9e:
51:a4:ac:39:9b:1d:12:5f:21:9f:f5:88:c0:18:d1:
e2:a2:34:3a:6c:8d:a2:f4:e0:f4:3f:50:92:3e:54:
12:74:29:2a:d1:0e:27:d9:3b:8b:77:fb:26:3b:7d:
c0:1f:32:7f:22:0d:ba:5e:fe:29:aa:f6:ae:2b:d1:
86:e7:d7:01:71:42:40:fb:0d:05:c7:7a:15:98:2e:
eb:df:00:6d:e3:f0:df:49:be:22:5d:59:76:5a:fc:
20:48:a1:10:5f:9c:18:71:f3:25:ae:d9:2d:05:e4:
35:94:61:28:11:6a:e6:3b:7d:d4:68:5a:f2:44:a4:
b2:22:9f:c0:61:1d:e9:c3:6f:64:db:f3:f2:a5:74:
9c:97:14:ea:5e:74:90:13:ab:a0:02:53:b2:b7:6e:
b3:c7:bf:8e:63:da:25:ae:a7:46:4f:4b:0a:1d:ba:
28:5f:d0:01:2c:31:36:78:0f:93:eb:ac:0e:5c:ef:
28:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:5E:AA:AA:36:42:1E:DA:6B:08:EB:0B:EE:F3:0E:4C:BD:14:7F:CB
X509v3 Authority Key Identifier:
keyid:74:89:6C:54:4B:46:1D:8B:06:2E:FF:9E:3D:2C:29:CD:3C:C9:60:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dIlsVEtGHYsGLv-ePSwpzTzJYOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/r16qqjZCHtprCOsL7vMOTL0Uf8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/dIlsVEtGHYsGLv-ePSwpzTzJYOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.48.0/22
188.215.144.0/20
Signature Algorithm: sha256WithRSAEncryption
5b:25:d4:13:04:53:cc:ce:06:23:1b:7d:d3:0c:4b:5d:48:78:
2a:02:d6:11:da:76:2b:38:6b:a4:51:5f:f3:de:73:2f:82:a0:
51:9d:76:06:16:79:31:f5:e8:c9:bb:f2:6f:39:50:8d:41:11:
8d:93:23:5f:fb:60:50:34:31:27:87:d5:7d:e1:93:4c:43:4f:
7c:fd:3e:75:0c:d7:88:94:db:86:cf:c0:0c:dc:f1:cb:23:62:
0f:1e:94:e8:67:75:b2:8b:f2:aa:a2:cb:c8:f4:b1:0c:9f:aa:
19:b9:ec:93:8e:ec:ec:eb:4a:93:e6:ca:f2:46:92:e7:9e:11:
91:bc:18:d6:ea:82:f2:62:94:b0:9b:b7:44:d0:dc:af:92:f2:
08:21:78:ce:4e:08:b8:8b:42:e6:bf:5d:98:30:ed:1e:68:49:
bf:68:6b:bc:46:cf:c1:42:c9:c3:15:f9:57:75:e0:97:c8:d9:
23:38:14:a7:9d:43:2a:c6:5f:5e:7e:46:24:6a:aa:b3:b8:1d:
3d:dd:f3:8e:12:1b:1d:c7:26:f8:69:f8:dc:27:a0:51:1a:e5:
8e:8e:86:97:9f:b4:3e:39:df:c4:02:a2:35:54:30:d7:99:d5:
b4:ea:1b:81:af:ed:f3:66:b3:de:66:d6:77:95:c9:2f:a8:7f:
63:d0:cb:c7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvpxeBbgqSBUnTGYijMpyqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ODk2YzU0NGI0NjFkOGIwNjJlZmY5ZTNkMmMyOWNkM2Nj
OTYwZWMwHhcNMjMwMTAxMjMyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjVlYWFhYTM2NDIxZWRhNmIwOGViMGJlZWYzMGU0Y2JkMTQ3ZmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhp0C90nXBeK/GeYZ2hOJ0B99htei
Idhv0SBxKrz/h+MSUX/08tHN4YAuhCSknb8CukfcQkR0OHfVl1ceTRgfca+hhLsi
3uTqBJ5RpKw5mx0SXyGf9YjAGNHiojQ6bI2i9OD0P1CSPlQSdCkq0Q4n2TuLd/sm
O33AHzJ/Ig26Xv4pqvauK9GG59cBcUJA+w0Fx3oVmC7r3wBt4/DfSb4iXVl2Wvwg
SKEQX5wYcfMlrtktBeQ1lGEoEWrmO33UaFryRKSyIp/AYR3pw29k2/PypXSclxTq
XnSQE6ugAlOyt26zx7+OY9olrqdGT0sKHbooX9ABLDE2eA+T66wOXO8o1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK9eqqo2Qh7aawjrC+7zDky9FH/LMB8GA1UdIwQY
MBaAFHSJbFRLRh2LBi7/nj0sKc08yWDsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZElsc1ZFdEdIWXNHTHYtZVBTd3B6VHpKWU93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYzIyYTktZjg3MS00MDBjLThmY2Yt
Y2YxNzQwODIzNDAwLzEvcjE2cXFqWkNIdHByQ09zTDd2TU9UTDBVZjhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYzIyYTktZjg3MS00MDBjLThmY2YtY2YxNzQwODIzNDAw
LzEvZElsc1ZFdEdIWXNHTHYtZVBTd3B6VHpKWU93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWSYwAwQE
vNeQMA0GCSqGSIb3DQEBCwUAA4IBAQBbJdQTBFPMzgYjG33TDEtdSHgqAtYR2nYr
OGukUV/z3nMvgqBRnXYGFnkx9ejJu/JvOVCNQRGNkyNf+2BQNDEnh9V94ZNMQ098
/T51DNeIlNuGz8AM3PHLI2IPHpToZ3Wyi/KqosvI9LEMn6oZueyTjuzs60qT5sry
RpLnnhGRvBjW6oLyYpSwm7dE0NyvkvIIIXjOTgi4i0Lmv12YMO0eaEm/aGu8Rs/B
QsnDFflXdeCXyNkjOBSnnUMqxl9efkYkaqqzuB093fOOEhsdxyb4afjcJ6BRGuWO
joaXn7Q+Od/EAqI1VDDXmdW06huBr+3zZrPeZtZ3lckvqH9j0MvH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:54 2024 by rpki-client on console-fra.rpki-client.org