Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/cLKxzoGoFesyx4G10f_qJ9k6TUA.roa
File: cLKxzoGoFesyx4G10f_qJ9k6TUA.roa (raw, json)
Hash identifier: ch7f+GlfAFpyKSWZDJQJdptb00TTq8nGfOJn3Ph2xLM=
Subject key identifier: 70:B2:B1:CE:81:A8:15:EB:32:C7:81:B5:D1:FF:EA:27:D9:3A:4D:40
Certificate issuer: /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial: 01905F4CFA36C837F66CBA988A65DB77A9D1
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/cLKxzoGoFesyx4G10f_qJ9k6TUA.roa
Signing time: Fri 28 Jun 2024 14:43:18 +0000
ROA not before: Fri 28 Jun 2024 14:43:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 89.185.80.0/24 maxlen: 24
89.185.81.0/24 maxlen: 24
89.185.84.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jul 2024 12:14:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:5f:4c:fa:36:c8:37:f6:6c:ba:98:8a:65:db:77:a9:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Validity
Not Before: Jun 28 14:43:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70b2b1ce81a815eb32c781b5d1ffea27d93a4d40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:cc:e7:aa:7d:f7:2d:41:76:21:41:1e:ec:de:
0d:00:ac:15:cd:64:be:9e:ec:e7:bc:09:3c:a3:74:
2a:34:b3:7b:20:db:58:2f:2e:f0:da:bd:3b:4f:ef:
bc:48:af:82:fe:00:94:12:dd:2d:0e:4d:be:09:34:
f4:38:30:ea:de:0a:d9:26:1c:93:54:91:7e:dc:75:
05:bc:a2:72:b9:28:ec:6a:a3:cc:62:5e:9c:51:d8:
1b:e8:2f:96:f1:ba:db:be:cf:be:20:86:58:7d:d4:
7e:93:61:95:1d:9a:59:e6:c5:a1:ed:07:4e:da:de:
50:3b:07:8a:ef:72:73:71:f8:5f:c1:d8:05:92:28:
f3:c0:3d:6e:04:c2:3a:f2:22:55:88:3b:17:d0:16:
4a:d4:d1:29:3b:e2:24:53:72:e2:b5:cb:68:3a:ba:
42:c5:50:98:e9:86:bb:68:78:05:9d:4a:ee:97:ac:
a4:5c:0f:20:b4:0f:92:11:c9:4a:67:f2:6a:58:04:
95:11:93:a4:94:f5:2e:29:9f:16:63:87:e5:5a:51:
a1:b0:a4:6e:de:92:f8:a9:af:b9:5f:f0:77:99:6b:
98:7e:97:90:8c:53:cc:65:da:25:d4:3d:36:44:f0:
2b:d6:a9:00:a4:56:1d:1c:0c:f6:94:20:c3:21:53:
14:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:B2:B1:CE:81:A8:15:EB:32:C7:81:B5:D1:FF:EA:27:D9:3A:4D:40
X509v3 Authority Key Identifier:
keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/cLKxzoGoFesyx4G10f_qJ9k6TUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.80.0/23
89.185.84.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:7c:c9:7d:b8:78:32:99:21:7d:99:da:f9:6f:cd:83:30:8c:
da:74:83:81:ac:af:d1:76:2d:ec:50:73:b4:99:fd:c0:58:d5:
81:ea:dc:56:a5:e6:84:72:8c:87:00:fd:7c:60:4c:14:ad:81:
a2:ed:db:02:d1:6e:82:10:83:78:b1:c9:ae:56:66:89:07:48:
3f:85:a1:dc:a6:43:50:7c:b9:e5:67:d0:78:36:bb:09:eb:c0:
e2:df:2d:40:27:2c:f9:fa:8e:f0:5a:78:c5:a7:07:12:ec:05:
7d:5a:7f:5f:9e:7f:a1:a5:c2:5e:a9:b5:6b:78:58:a5:c9:2a:
28:f3:13:c2:71:10:eb:23:fb:8b:d3:09:6d:82:04:1c:e8:af:
df:37:ac:2e:96:e0:10:89:23:77:3a:72:ef:30:b7:02:9c:9e:
69:8e:3e:d3:19:73:fe:96:e1:f1:58:e4:1d:13:97:b6:14:12:
b1:17:dd:64:6b:54:de:8e:34:42:e2:08:ea:b6:6e:9c:50:3f:
01:0d:92:f9:54:48:e4:41:23:db:6a:1e:04:68:39:b8:4f:dd:
92:94:1c:70:71:dc:27:da:d2:e0:04:0d:74:f8:91:8a:82:51:
82:ef:d4:d0:c6:49:dd:2f:15:d6:77:72:b0:3b:c1:ad:4d:9b:
b2:e5:1e:5a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZBfTPo2yDf2bLqYimXbd6nRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTdjMmQ5ZDkzYWM3Y2Y5YjJmMTdjYWE3ODU5YjY5ODVi
MzliOWQwHhcNMjQwNjI4MTQ0MzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGIyYjFjZTgxYTgxNWViMzJjNzgxYjVkMWZmZWEyN2Q5M2E0ZDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Mznqn33LUF2IUEe7N4NAKwVzWS+
nuznvAk8o3QqNLN7INtYLy7w2r07T++8SK+C/gCUEt0tDk2+CTT0ODDq3grZJhyT
VJF+3HUFvKJyuSjsaqPMYl6cUdgb6C+W8brbvs++IIZYfdR+k2GVHZpZ5sWh7QdO
2t5QOweK73JzcfhfwdgFkijzwD1uBMI68iJViDsX0BZK1NEpO+IkU3LitctoOrpC
xVCY6Ya7aHgFnUrul6ykXA8gtA+SEclKZ/JqWASVEZOklPUuKZ8WY4flWlGhsKRu
3pL4qa+5X/B3mWuYfpeQjFPMZdol1D02RPAr1qkApFYdHAz2lCDDIVMUSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHCysc6BqBXrMseBtdH/6ifZOk1AMB8GA1UdIwQY
MBaAFO9XwtnZOsfPmy8XyqeFm2mFs5udMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2Njct
OGU2Zjg3OGRiNWY0LzEvY0xLeHpvR29GZXN5eDRHMTBmX3FKOWs2VFVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2NjctOGU2Zjg3OGRiNWY0
LzEvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBWblQAwQA
WblUMA0GCSqGSIb3DQEBCwUAA4IBAQA9fMl9uHgymSF9mdr5b82DMIzadIOBrK/R
di3sUHO0mf3AWNWB6txWpeaEcoyHAP18YEwUrYGi7dsC0W6CEIN4scmuVmaJB0g/
haHcpkNQfLnlZ9B4NrsJ68Di3y1AJyz5+o7wWnjFpwcS7AV9Wn9fnn+hpcJeqbVr
eFilySoo8xPCcRDrI/uL0wltggQc6K/fN6wuluAQiSN3OnLvMLcCnJ5pjj7TGXP+
luHxWOQdE5e2FBKxF91ka1TejjRC4gjqtm6cUD8BDZL5VEjkQSPbah4EaDm4T92S
lBxwcdwn2tLgBA10+JGKglGC79TQxkndLxXWd3KwO8GtTZuy5R5a
-----END CERTIFICATE-----
Generated at Mon Jul 29 13:52:11 2024 by rpki-client on console-fra.rpki-client.org