Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/eMDMKOMbpFOmFu2SLpN_XdR-Thc.roa
File: eMDMKOMbpFOmFu2SLpN_XdR-Thc.roa (raw, json)
Hash identifier: VVLgq6+DrxXqNTj+7DrSRWQkEYHKjfw/mAdK+P19H4w=
Subject key identifier: 78:C0:CC:28:E3:1B:A4:53:A6:16:ED:92:2E:93:7F:5D:D4:7E:4E:17
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 01857315F6A060F143B14CC5FC7E20D9023F
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/eMDMKOMbpFOmFu2SLpN_XdR-Thc.roa
Signing time: Mon 02 Jan 2023 15:24:57 +0000
ROA not before: Mon 02 Jan 2023 15:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49849
IP address blocks: 89.252.225.0/24 maxlen: 24
89.252.226.0/24 maxlen: 24
89.252.224.0/24 maxlen: 24
194.12.232.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:f6:a0:60:f1:43:b1:4c:c5:fc:7e:20:d9:02:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Jan 2 15:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=78c0cc28e31ba453a616ed922e937f5dd47e4e17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:88:86:b5:ee:72:62:38:74:52:64:78:81:e9:
00:3e:d5:af:33:dc:c8:29:81:b4:8d:e2:7a:aa:7d:
c5:d8:e6:c0:f9:2e:20:52:55:a5:a3:e7:7d:33:13:
10:32:26:30:71:15:70:c6:13:f3:7d:30:89:87:56:
a4:09:bf:89:d2:ec:7c:7a:8f:27:9d:ad:ae:14:e8:
76:54:b7:1b:9b:c1:56:a6:c6:ed:a2:87:ec:18:96:
76:37:5a:08:f8:fa:82:dc:6b:82:9a:39:97:21:40:
cf:24:54:50:8f:1a:e3:9f:25:2d:a7:16:43:a4:46:
c9:9f:a4:67:f6:5b:ae:32:8c:38:06:97:68:3e:54:
e4:e1:80:e0:2d:e2:f5:7f:6d:93:4c:54:6d:b5:2c:
14:84:49:5a:33:77:1f:79:62:1a:d7:c6:e7:ae:ea:
af:3c:c7:85:f3:7f:2a:b1:21:c6:1e:08:18:9d:71:
45:2d:67:e1:32:51:82:59:16:4f:01:f9:63:43:28:
16:0a:29:96:dc:a3:a7:5a:31:b2:9c:39:4d:ba:ec:
d9:4d:ac:a9:7a:23:84:c1:d3:f3:40:71:4c:3a:cf:
23:97:0a:fd:7a:bd:01:37:58:48:3d:53:81:99:83:
b4:cc:c2:48:15:5b:0e:a4:21:96:ff:81:a2:3d:d2:
bb:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:C0:CC:28:E3:1B:A4:53:A6:16:ED:92:2E:93:7F:5D:D4:7E:4E:17
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/eMDMKOMbpFOmFu2SLpN_XdR-Thc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.224.0-89.252.226.255
194.12.232.0/24
Signature Algorithm: sha256WithRSAEncryption
90:d4:9a:fa:eb:c2:81:32:7e:d5:10:3a:88:5f:ee:fb:16:dc:
dd:5e:06:53:ca:83:95:79:42:06:e6:b9:60:60:e4:ac:28:57:
b3:91:08:00:d9:dd:d0:2c:0a:6a:09:30:0d:a5:f1:0d:32:d7:
55:fa:00:4d:18:ae:9c:b8:67:9f:f4:90:14:a6:f9:ad:f3:53:
0c:16:8e:2d:bd:bf:5a:7f:c9:12:e0:7c:6c:c3:52:4a:3a:cf:
da:42:28:44:6a:8c:32:cb:72:a9:45:5e:7f:e2:11:73:5d:b0:
77:2b:d0:ba:9b:31:de:8a:12:17:fe:de:43:e3:3a:21:3b:6f:
43:48:80:d3:5c:26:f1:1d:10:6e:f8:36:03:c5:c5:f8:47:4a:
2d:75:de:ff:ca:0f:7f:d6:84:46:43:e6:2e:b6:3b:9d:f4:7e:
1a:2f:3d:40:cd:ff:ad:f3:23:cb:a8:9a:65:7d:00:3d:13:8f:
a4:f6:29:99:04:52:23:b2:14:78:e4:63:0c:12:4b:82:5c:ab:
3a:b4:41:04:c1:f8:8f:8d:db:79:e5:da:40:05:77:59:5f:57:
e8:a5:24:49:91:35:1d:21:85:80:2f:d0:01:7b:74:a7:c1:04:
ac:60:75:70:8c:23:5a:ff:da:e3:c5:7e:e5:46:3b:e6:e8:dc:
02:82:07:6a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVzFfagYPFDsUzF/H4g2QI/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjMwMTAyMTUyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGMwY2MyOGUzMWJhNDUzYTYxNmVkOTIyZTkzN2Y1ZGQ0N2U0ZTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIiGte5yYjh0UmR4gekAPtWvM9zI
KYG0jeJ6qn3F2ObA+S4gUlWlo+d9MxMQMiYwcRVwxhPzfTCJh1akCb+J0ux8eo8n
na2uFOh2VLcbm8FWpsbtoofsGJZ2N1oI+PqC3GuCmjmXIUDPJFRQjxrjnyUtpxZD
pEbJn6Rn9luuMow4BpdoPlTk4YDgLeL1f22TTFRttSwUhElaM3cfeWIa18bnruqv
PMeF838qsSHGHggYnXFFLWfhMlGCWRZPAfljQygWCimW3KOnWjGynDlNuuzZTayp
eiOEwdPzQHFMOs8jlwr9er0BN1hIPVOBmYO0zMJIFVsOpCGW/4GiPdK7DwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHjAzCjjG6RTphbtki6Tf13Ufk4XMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvZU1ETUtPTWJwRk9tRnUyU0xwTl9YZFItVGhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAVZ/OAD
BABZ/OIDBADCDOgwDQYJKoZIhvcNAQELBQADggEBAJDUmvrrwoEyftUQOohf7vsW
3N1eBlPKg5V5QgbmuWBg5KwoV7ORCADZ3dAsCmoJMA2l8Q0y11X6AE0Yrpy4Z5/0
kBSm+a3zUwwWji29v1p/yRLgfGzDUko6z9pCKERqjDLLcqlFXn/iEXNdsHcr0Lqb
Md6KEhf+3kPjOiE7b0NIgNNcJvEdEG74NgPFxfhHSi113v/KD3/WhEZD5i62O530
fhovPUDN/63zI8uommV9AD0Tj6T2KZkEUiOyFHjkYwwSS4Jcqzq0QQTB+I+N23nl
2kAFd1lfV+ilJEmRNR0hhYAv0AF7dKfBBKxgdXCMI1r/2uPFfuVGO+bo3AKCB2o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:19 2024 by rpki-client on console-ams.rpki-client.org