Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1-p_7I0UPsfzHWNqaQr-vJVd6EAI.roa
File: 1-p_7I0UPsfzHWNqaQr-vJVd6EAI.roa (raw, json)
Hash identifier: UjDLqvLRS9483Sr8usBLWi5EvXGeMrzWU4vb/0vUx3c=
Subject key identifier: FA:9F:FB:23:45:0F:B1:FC:C7:58:DA:9A:42:BF:AF:25:57:7A:10:02
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018C7D7FA53472D9D900DAF8D51C0C69101E
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1-p_7I0UPsfzHWNqaQr-vJVd6EAI.roa
Signing time: Mon 18 Dec 2023 15:16:06 +0000
ROA not before: Mon 18 Dec 2023 15:16:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199380
IP address blocks: 89.37.80.0/22 maxlen: 24
89.32.194.0/23 maxlen: 24
89.42.236.0/23 maxlen: 24
185.16.120.0/22 maxlen: 24
188.208.24.0/22 maxlen: 24
188.247.168.0/22 maxlen: 24
188.239.184.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7d:7f:a5:34:72:d9:d9:00:da:f8:d5:1c:0c:69:10:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Dec 18 15:16:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa9ffb23450fb1fcc758da9a42bfaf25577a1002
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:2e:63:18:e8:ae:29:bc:58:1a:2d:e8:e8:b3:
1a:5c:db:77:3e:b3:2e:24:f9:dd:f0:13:b5:c0:22:
58:ea:84:82:ad:bb:35:16:e2:57:fd:a5:f7:2b:85:
d4:75:0c:98:e8:ac:7f:b9:fc:6d:00:c8:5d:d5:d8:
31:65:80:6d:f6:c5:0a:ac:93:46:20:4b:bd:d7:29:
7b:d3:24:32:aa:56:6c:1b:41:43:85:bf:cf:83:9c:
8e:ce:ae:41:4f:5c:55:f2:89:5c:c7:6a:2d:8d:79:
67:4c:92:47:fa:a1:cc:ed:7e:54:b9:a6:f1:91:b7:
48:2a:23:c6:89:69:0d:e2:4c:f5:bf:69:a7:a2:c0:
39:4c:d5:0a:52:af:70:45:a6:75:12:62:fe:ad:9b:
30:99:5a:95:52:12:ca:d5:bf:89:70:e5:4e:16:d0:
e4:38:30:9e:04:f6:11:22:06:40:38:f7:fa:e9:1f:
45:d8:c4:8a:c2:8e:65:aa:4b:c9:22:cd:81:20:7e:
22:33:63:f1:38:25:e3:2c:30:c8:0f:29:85:97:74:
c9:58:89:c8:2c:4f:ec:e7:55:df:58:aa:76:f9:c0:
fb:8f:46:8b:6d:fc:f8:f1:72:a1:a6:3f:b0:37:34:
18:6e:89:bb:c4:de:10:ed:2e:81:82:78:d1:39:bc:
ff:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:9F:FB:23:45:0F:B1:FC:C7:58:DA:9A:42:BF:AF:25:57:7A:10:02
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1-p_7I0UPsfzHWNqaQr-vJVd6EAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.32.194.0/23
89.37.80.0/22
89.42.236.0/23
185.16.120.0/22
188.208.24.0/22
188.239.184.0/22
188.247.168.0/22
Signature Algorithm: sha256WithRSAEncryption
75:82:12:0b:c4:71:b3:7a:27:64:0b:e9:45:47:22:c9:c8:61:
7b:ec:64:f2:fe:6d:18:04:40:ba:50:ae:e7:2a:c4:c7:be:18:
01:24:5d:53:a4:22:7b:6a:07:53:a2:10:0d:94:2d:82:e7:bb:
fa:6c:6d:c9:37:02:8a:a5:f8:a5:d0:5c:05:ef:55:9f:8c:63:
fc:8e:61:61:e9:df:01:01:3d:5e:a4:ed:12:5e:65:a4:7e:22:
a7:bb:c0:1f:b9:df:1b:a7:6e:b0:70:fc:dd:0a:e5:e2:4f:fc:
bb:d6:ad:58:ae:a4:8c:ea:c6:40:75:79:6f:be:b8:f6:ba:0e:
04:c5:05:f6:18:66:f0:74:a3:55:f3:31:d4:41:ce:ea:b7:25:
83:33:d6:df:ab:b1:5a:25:b1:84:67:a9:7f:2a:79:67:68:44:
a3:d4:c2:e0:f7:f0:ba:3b:2e:f1:a5:4d:0f:9d:21:a2:88:52:
db:7f:76:20:74:38:8f:30:e7:9d:c0:11:55:19:bf:a3:23:64:
e4:37:c1:8b:2e:44:81:c0:50:11:32:d0:b7:31:03:c0:3d:0a:
ac:4e:e5:e7:6b:4b:c7:74:6a:63:db:fb:2c:e6:2d:3f:14:75:
53:9f:c1:3c:50:34:c4:7e:2c:ad:06:4a:14:2d:ce:44:35:7b:
be:59:07:32
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYx9f6U0ctnZANr41RwMaRAeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMxMjE4MTUxNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTlmZmIyMzQ1MGZiMWZjYzc1OGRhOWE0MmJmYWYyNTU3N2ExMDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvC5jGOiuKbxYGi3o6LMaXNt3PrMu
JPnd8BO1wCJY6oSCrbs1FuJX/aX3K4XUdQyY6Kx/ufxtAMhd1dgxZYBt9sUKrJNG
IEu91yl70yQyqlZsG0FDhb/Pg5yOzq5BT1xV8olcx2otjXlnTJJH+qHM7X5Uuabx
kbdIKiPGiWkN4kz1v2mnosA5TNUKUq9wRaZ1EmL+rZswmVqVUhLK1b+JcOVOFtDk
ODCeBPYRIgZAOPf66R9F2MSKwo5lqkvJIs2BIH4iM2PxOCXjLDDIDymFl3TJWInI
LE/s51XfWKp2+cD7j0aLbfz48XKhpj+wNzQYbom7xN4Q7S6BgnjRObz/mQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFPqf+yNFD7H8x1jamkK/ryVXehACMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvMS1wXzdJMFVQc2Z6SFdOcWFRci12SlZkNkVBSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzgvYmZmNGFhLTRmMDctNDEyOS04YWQ2LWM3OTE0YWI2NDI3
My8xLzFIWDdDVFRQYWxqY3p2RVFoMTItWGo2TGEzVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBDBggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAVkgwgME
AlklUAMEAVkq7AMEArkQeAMEArzQGAMEArzvuAMEArz3qDANBgkqhkiG9w0BAQsF
AAOCAQEAdYISC8Rxs3onZAvpRUciychhe+xk8v5tGARAulCu5yrEx74YASRdU6Qi
e2oHU6IQDZQtgue7+mxtyTcCiqX4pdBcBe9Vn4xj/I5hYenfAQE9XqTtEl5lpH4i
p7vAH7nfG6dusHD83Qrl4k/8u9atWK6kjOrGQHV5b7649roOBMUF9hhm8HSjVfMx
1EHO6rclgzPW36uxWiWxhGepfyp5Z2hEo9TC4Pfwujsu8aVND50hoohS2392IHQ4
jzDnncARVRm/oyNk5DfBiy5EgcBQETLQtzEDwD0KrE7l52tLx3RqY9v7LOYtPxR1
U5/BPFA0xH4srQZKFC3ORDV7vlkHMg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:36 2024 by rpki-client on console-fra.rpki-client.org