Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/s7uOLnIhr6bHb6ye-RCoQ_xjP4Q.roa
File: s7uOLnIhr6bHb6ye-RCoQ_xjP4Q.roa (raw, json)
Hash identifier: UjlBjS/zQx5c+GdsGqJJWfCE+3W6CctfT0huDxgHrrw=
Subject key identifier: B3:BB:8E:2E:72:21:AF:A6:C7:6F:AC:9E:F9:10:A8:43:FC:63:3F:84
Certificate issuer: /CN=c1b050211219d18e996e086cb7f6309178804860
Certificate serial: 01856F3020196550311796CB314FEFB79538
Authority key identifier: C1:B0:50:21:12:19:D1:8E:99:6E:08:6C:B7:F6:30:91:78:80:48:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wbBQIRIZ0Y6Zbghst_YwkXiASGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/s7uOLnIhr6bHb6ye-RCoQ_xjP4Q.roa
Signing time: Sun 01 Jan 2023 21:15:03 +0000
ROA not before: Sun 01 Jan 2023 21:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6453
IP address blocks: 89.108.128.0/24 maxlen: 24
89.108.129.0/24 maxlen: 24
89.108.154.0/24 maxlen: 24
89.108.176.0/22 maxlen: 22
89.108.176.0/24 maxlen: 24
212.101.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:20:19:65:50:31:17:96:cb:31:4f:ef:b7:95:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1b050211219d18e996e086cb7f6309178804860
Validity
Not Before: Jan 1 21:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3bb8e2e7221afa6c76fac9ef910a843fc633f84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:87:e3:b9:b7:b2:e3:eb:af:fd:c6:5e:87:04:
3a:f0:2e:75:66:b6:f6:1a:8d:96:cc:cb:a1:c4:cc:
b3:cc:68:76:ce:aa:d4:34:24:b2:68:bb:c5:78:c4:
b5:d9:f8:29:15:17:b7:5f:a6:88:68:3d:ee:8b:84:
1f:02:77:54:be:4b:ae:bc:41:65:1f:d4:5f:fa:22:
90:71:1d:54:29:5a:0e:3f:6b:72:95:54:01:b0:ec:
67:76:1b:cd:4e:73:20:eb:7c:61:0d:db:82:a4:a5:
23:d7:65:58:f7:99:cf:19:30:11:b3:95:c7:b5:c8:
54:f7:e6:1e:97:7b:c9:01:ec:41:a0:5b:6c:94:40:
18:1e:a8:4b:c2:9b:c6:d4:1f:2c:3b:57:4e:c5:1d:
0c:dc:46:2c:d8:e7:fb:cb:bc:8a:c7:e2:e6:fa:b8:
69:36:41:e1:c0:26:3f:1a:51:af:88:5f:30:55:3c:
58:8a:dc:ee:9a:c5:f4:fe:b5:b9:09:0e:64:56:c4:
1e:a5:ca:38:86:d2:44:f7:f7:66:3f:03:a9:90:71:
52:d9:6b:8b:f4:33:e2:d9:20:69:1a:43:75:47:fb:
07:5f:f9:7f:f9:e8:0f:84:27:18:fb:c4:4e:9c:11:
44:4d:22:5f:d2:c7:e6:ed:a7:ed:0e:e8:83:83:82:
f4:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:BB:8E:2E:72:21:AF:A6:C7:6F:AC:9E:F9:10:A8:43:FC:63:3F:84
X509v3 Authority Key Identifier:
keyid:C1:B0:50:21:12:19:D1:8E:99:6E:08:6C:B7:F6:30:91:78:80:48:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wbBQIRIZ0Y6Zbghst_YwkXiASGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/s7uOLnIhr6bHb6ye-RCoQ_xjP4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/wbBQIRIZ0Y6Zbghst_YwkXiASGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.108.128.0/23
89.108.154.0/24
89.108.176.0/22
212.101.249.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:6b:e3:d8:b6:ac:0a:42:58:04:1a:2f:f3:d3:df:97:bc:54:
2c:e0:80:5a:c9:53:1d:37:55:cb:58:86:ba:13:6b:d6:6a:2c:
a3:dc:17:6a:82:86:27:e1:ef:ac:e8:cd:0f:15:94:23:c4:24:
f0:48:da:ff:95:56:ee:db:fc:14:1d:a2:5e:6c:81:0a:81:2e:
30:39:19:56:08:a9:ca:f8:77:e6:c5:d2:96:71:22:b0:61:2d:
2e:06:05:b5:99:6f:ab:74:19:03:5d:1a:6f:fc:d1:78:05:4d:
1c:0e:11:7a:d3:31:30:62:c8:ad:af:97:3d:06:46:81:d8:91:
4d:83:79:cd:0e:8e:55:ab:ae:02:c1:e9:24:5f:e5:2f:13:64:
08:00:a0:f1:4b:74:57:ca:0f:d1:24:06:47:fd:2a:a0:db:bf:
98:1a:92:b8:5e:82:cc:43:07:27:13:15:e9:5c:9f:ee:19:76:
35:af:37:da:8c:9b:8b:fb:d2:d1:60:0a:c8:4c:08:f6:25:27:
b8:e9:11:56:b6:06:c1:66:5a:92:78:e6:3f:43:68:b4:b2:02:
aa:e4:fc:70:f7:fe:79:70:2e:d6:df:d2:26:14:91:de:24:b4:
4e:7e:d2:87:0a:73:02:52:2e:c7:25:45:d9:e0:98:59:3a:1c:
08:56:02:6a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvMCAZZVAxF5bLMU/vt5U4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYjA1MDIxMTIxOWQxOGU5OTZlMDg2Y2I3ZjYzMDkxNzg4
MDQ4NjAwHhcNMjMwMTAxMjExNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2JiOGUyZTcyMjFhZmE2Yzc2ZmFjOWVmOTEwYTg0M2ZjNjMzZjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4fjubey4+uv/cZehwQ68C51Zrb2
Go2WzMuhxMyzzGh2zqrUNCSyaLvFeMS12fgpFRe3X6aIaD3ui4QfAndUvkuuvEFl
H9Rf+iKQcR1UKVoOP2tylVQBsOxndhvNTnMg63xhDduCpKUj12VY95nPGTARs5XH
tchU9+Yel3vJAexBoFtslEAYHqhLwpvG1B8sO1dOxR0M3EYs2Of7y7yKx+Lm+rhp
NkHhwCY/GlGviF8wVTxYitzumsX0/rW5CQ5kVsQepco4htJE9/dmPwOpkHFS2WuL
9DPi2SBpGkN1R/sHX/l/+egPhCcY+8ROnBFETSJf0sfm7aftDuiDg4L0wwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLO7ji5yIa+mx2+snvkQqEP8Yz+EMB8GA1UdIwQY
MBaAFMGwUCESGdGOmW4IbLf2MJF4gEhgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2JCUUlSSVowWTZaYmdoc3RfWXdrWGlBU0dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8yOGE4ZjMtODg5ZS00NTQ5LWE0NGUt
Y2UyMjUxODdmYzM4LzEvczd1T0xuSWhyNmJIYjZ5ZS1SQ29RX3hqUDRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8yOGE4ZjMtODg5ZS00NTQ5LWE0NGUtY2UyMjUxODdmYzM4
LzEvd2JCUUlSSVowWTZaYmdoc3RfWXdrWGlBU0dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBWWyAAwQA
WWyaAwQCWWywAwQA1GX5MA0GCSqGSIb3DQEBCwUAA4IBAQBva+PYtqwKQlgEGi/z
09+XvFQs4IBayVMdN1XLWIa6E2vWaiyj3BdqgoYn4e+s6M0PFZQjxCTwSNr/lVbu
2/wUHaJebIEKgS4wORlWCKnK+HfmxdKWcSKwYS0uBgW1mW+rdBkDXRpv/NF4BU0c
DhF60zEwYsitr5c9BkaB2JFNg3nNDo5Vq64CwekkX+UvE2QIAKDxS3RXyg/RJAZH
/Sqg27+YGpK4XoLMQwcnExXpXJ/uGXY1rzfajJuL+9LRYArITAj2JSe46RFWtgbB
ZlqSeOY/Q2i0sgKq5Pxw9/55cC7W39ImFJHeJLROftKHCnMCUi7HJUXZ4JhZOhwI
VgJq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:44 2024 by rpki-client on console-ams.rpki-client.org