Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/0MAd33zaIiMnZnBV-sWlfn2Hcks.roa
File: 0MAd33zaIiMnZnBV-sWlfn2Hcks.roa (raw, json)
Hash identifier: x6Y356pEOPRwZzq56+MeWKJCi5gAKujyeEI1ehJS8Tk=
Subject key identifier: D0:C0:1D:DF:7C:DA:22:23:27:66:70:55:FA:C5:A5:7E:7D:87:72:4B
Certificate issuer: /CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Certificate serial: 01856CE62FF545C35681A7C34EC6963FA9E6
Authority key identifier: BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/0MAd33zaIiMnZnBV-sWlfn2Hcks.roa
Signing time: Sun 01 Jan 2023 10:35:02 +0000
ROA not before: Sun 01 Jan 2023 10:35:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43489
IP address blocks: 89.111.135.0/24 maxlen: 24
89.104.93.0/24 maxlen: 24
89.104.95.0/24 maxlen: 24
31.177.70.0/24 maxlen: 24
2a01:d8:8::/48 maxlen: 48
2a02:2090:6800::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:2f:f5:45:c3:56:81:a7:c3:4e:c6:96:3f:a9:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Validity
Not Before: Jan 1 10:35:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0c01ddf7cda222327667055fac5a57e7d87724b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:77:b1:dc:59:c3:ad:22:62:ac:e1:ad:54:67:
a1:9e:94:8e:f4:b2:06:a4:ef:07:1c:59:47:cd:58:
39:89:10:32:ee:e9:be:21:a8:4b:7d:19:40:09:ce:
65:c7:06:e3:0b:27:bf:d0:1b:08:36:15:82:70:9b:
f4:b5:69:34:e5:e0:53:17:80:96:52:c8:cb:45:5a:
7b:97:59:19:75:7d:23:5e:02:ab:e7:a4:45:63:48:
08:a4:5e:e2:4c:2b:df:bf:34:94:ce:84:e6:36:00:
68:1e:b6:20:5b:8b:4a:f2:da:47:6f:af:59:72:98:
b3:56:0d:7b:3c:3e:21:80:d7:ad:70:9e:93:ef:d9:
9b:ef:7d:db:ed:b7:b6:dd:42:9f:e5:1a:de:3b:b0:
92:d3:d6:a5:80:4b:9f:f4:d4:a9:12:3c:31:c0:e6:
f5:1e:1c:5b:11:b2:86:56:1d:9e:80:9d:9f:37:07:
67:90:37:80:49:bb:5a:d4:4c:bd:20:9b:fc:6e:53:
85:88:0e:21:ec:fa:66:b2:2d:ab:07:63:3d:c7:f3:
4c:02:7c:f2:eb:02:26:f8:71:5f:80:8f:36:9e:7f:
2a:bc:98:8a:98:b7:72:d9:87:be:32:e8:c5:66:a7:
a1:4c:67:18:22:73:ee:7e:18:f8:09:50:7a:f3:59:
77:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:C0:1D:DF:7C:DA:22:23:27:66:70:55:FA:C5:A5:7E:7D:87:72:4B
X509v3 Authority Key Identifier:
keyid:BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/0MAd33zaIiMnZnBV-sWlfn2Hcks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.70.0/24
89.104.93.0/24
89.104.95.0/24
89.111.135.0/24
IPv6:
2a01:d8:8::/48
2a02:2090:6800::/48
Signature Algorithm: sha256WithRSAEncryption
8a:61:1a:b4:3d:40:fe:ef:21:b7:34:ac:28:56:84:fa:af:a3:
8d:ba:d5:0c:1b:70:18:35:02:5a:c6:63:77:f4:73:e4:03:d6:
51:1c:2c:7f:0b:3f:cd:aa:79:7a:4c:77:0c:d4:db:fd:d8:19:
fa:98:87:57:d3:96:e5:08:ca:2f:30:1b:88:c8:ed:c3:a7:70:
f0:c2:cc:8d:13:ae:d3:7e:a2:e1:e1:22:6c:a9:1a:9c:41:e9:
9a:35:5c:5f:4b:4e:d4:5e:93:04:aa:57:76:90:74:c4:68:01:
69:59:46:cd:e8:9f:83:ea:33:f6:a7:cd:b6:93:1c:f4:22:1b:
7d:a8:e9:3e:81:e0:2c:47:6f:44:1c:08:e8:ec:69:fb:a3:4e:
f6:8e:d0:74:7b:0f:ee:ab:b3:b9:9a:77:10:08:d9:e4:ad:1a:
e2:b9:e3:34:6f:60:ce:ae:51:73:d5:69:0e:34:b9:74:bd:f2:
22:6d:90:b0:34:c9:1a:27:ff:ea:d9:dc:2a:88:09:30:8b:04:
e6:94:5f:34:bf:1c:2a:ad:4b:86:6c:38:22:b6:c3:3c:61:3a:
06:4b:6d:9d:34:33:38:8d:7b:f4:ac:f0:58:46:09:d2:dc:17:
5c:56:79:9e:20:fe:ed:99:78:ab:dd:7d:fb:bf:17:c2:89:03:
d1:de:c4:a9
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYVs5i/1RcNWgafDTsaWP6nmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmFkMjNlMTFjZjBkMjRhNDc3NTk0ZWJhMDlmOTlhY2M2
ZjFmZmYwHhcNMjMwMTAxMTAzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGMwMWRkZjdjZGEyMjIzMjc2NjcwNTVmYWM1YTU3ZTdkODc3MjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXex3FnDrSJirOGtVGehnpSO9LIG
pO8HHFlHzVg5iRAy7um+IahLfRlACc5lxwbjCye/0BsINhWCcJv0tWk05eBTF4CW
UsjLRVp7l1kZdX0jXgKr56RFY0gIpF7iTCvfvzSUzoTmNgBoHrYgW4tK8tpHb69Z
cpizVg17PD4hgNetcJ6T79mb733b7be23UKf5RreO7CS09algEuf9NSpEjwxwOb1
HhxbEbKGVh2egJ2fNwdnkDeASbta1Ey9IJv8blOFiA4h7Ppmsi2rB2M9x/NMAnzy
6wIm+HFfgI82nn8qvJiKmLdy2Ye+MujFZqehTGcYInPufhj4CVB681l3OQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFNDAHd982iIjJ2ZwVfrFpX59h3JLMB8GA1UdIwQY
MBaAFL360j4Rzw0kpHdZTroJ+ZrMbx//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEt
NGY0ZTcxZTMyMDg0LzEvME1BZDMzemFJaU1uWm5CVi1zV2xmbjJIY2tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEtNGY0ZTcxZTMyMDg0
LzEvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAeBAIAATAYAwQAH7FGAwQA
WWhdAwQAWWhfAwQAWW+HMBgEAgACMBIDBwAqAQDYAAgDBwAqAiCQaAAwDQYJKoZI
hvcNAQELBQADggEBAIphGrQ9QP7vIbc0rChWhPqvo4261QwbcBg1AlrGY3f0c+QD
1lEcLH8LP82qeXpMdwzU2/3YGfqYh1fTluUIyi8wG4jI7cOncPDCzI0TrtN+ouHh
ImypGpxB6Zo1XF9LTtRekwSqV3aQdMRoAWlZRs3on4PqM/anzbaTHPQiG32o6T6B
4CxHb0QcCOjsafujTvaO0HR7D+6rs7madxAI2eStGuK54zRvYM6uUXPVaQ40uXS9
8iJtkLA0yRon/+rZ3CqICTCLBOaUXzS/HCqtS4ZsOCK2wzxhOgZLbZ00MziNe/Ss
8FhGCdLcF1xWeZ4g/u2ZeKvdffu/F8KJA9HexKk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:15 2024 by rpki-client on console-fra.rpki-client.org