Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/dQ7Te4yEq4J0Yfsm394kAyuL7nk.roa
File: dQ7Te4yEq4J0Yfsm394kAyuL7nk.roa (raw, json)
Hash identifier: 6BkjNDi7f87JF7TxoUWIHFxT4ImEMcdul0jtluqo2bI=
Subject key identifier: 75:0E:D3:7B:8C:84:AB:82:74:61:FB:26:DF:DE:24:03:2B:8B:EE:79
Certificate issuer: /CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Certificate serial: 018BD300A7C5A925BFEEE67AE7AAAC248876
Authority key identifier: BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/dQ7Te4yEq4J0Yfsm394kAyuL7nk.roa
Signing time: Wed 15 Nov 2023 12:41:57 +0000
ROA not before: Wed 15 Nov 2023 12:41:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197695
IP address blocks: 89.104.64.0/21 maxlen: 24
79.174.80.0/21 maxlen: 24
79.174.88.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Dec 2023 09:37:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d3:00:a7:c5:a9:25:bf:ee:e6:7a:e7:aa:ac:24:88:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Validity
Not Before: Nov 15 12:41:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=750ed37b8c84ab827461fb26dfde24032b8bee79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:95:e0:46:5c:ab:ec:91:7f:ec:02:8e:74:53:
43:55:32:55:de:b1:29:fa:ae:11:d9:ba:da:89:cd:
3c:6e:19:50:d2:58:78:b4:47:cd:2d:b6:40:c8:d4:
2d:80:ca:93:6e:33:89:30:f0:bf:36:1f:0f:63:44:
71:16:b8:bc:c5:b6:d3:3d:35:96:fa:98:c5:7c:a9:
10:11:14:e4:4d:b2:eb:ca:6d:3d:91:c2:9e:8d:e0:
bf:ff:56:d1:c4:04:82:9c:08:d8:b4:4c:01:2a:6a:
d8:12:ec:1d:af:d1:8e:9b:32:6d:2a:bb:35:b2:af:
75:bd:30:cf:53:65:27:fe:a3:f1:ec:0c:93:2b:9f:
e4:d2:b7:32:78:76:ab:b4:5e:29:a8:19:2b:6c:c1:
86:89:cc:cd:d2:99:90:ad:b5:ed:41:77:d5:7a:83:
d0:ec:23:b6:79:9b:61:b2:9e:3e:10:2b:c4:4d:0a:
0e:0f:1f:5d:79:fe:54:44:5a:c5:a6:75:69:50:8b:
3a:4b:7f:d2:12:06:db:10:a7:ae:07:b4:e1:a4:c5:
9b:d9:0b:bc:ca:c3:3d:b1:a2:7a:05:4b:41:a1:68:
5b:23:a3:f9:73:56:43:26:a9:92:c4:5a:a3:08:c7:
56:4f:2d:ed:6e:b1:19:e5:33:d3:73:92:b2:5e:13:
d0:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:0E:D3:7B:8C:84:AB:82:74:61:FB:26:DF:DE:24:03:2B:8B:EE:79
X509v3 Authority Key Identifier:
keyid:BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/dQ7Te4yEq4J0Yfsm394kAyuL7nk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.174.80.0/20
89.104.64.0/21
Signature Algorithm: sha256WithRSAEncryption
87:ce:1b:5b:59:4b:74:e3:e1:07:5b:e2:5e:6b:6a:fb:22:59:
13:cf:35:20:f8:4b:30:89:2a:5a:88:2c:07:5e:06:f2:69:86:
4c:7b:99:51:ca:1b:e1:ca:67:f0:0a:38:af:0b:81:7d:d6:87:
3c:11:57:d1:30:42:64:93:d0:2d:36:1d:46:af:54:a4:da:fe:
f8:7b:82:c4:56:85:f3:e8:30:ea:10:75:13:e0:aa:c6:bc:52:
d0:0a:37:0e:10:f0:09:72:e8:7c:4a:8f:48:31:7d:62:d4:fd:
b5:e7:71:ab:a6:61:0a:d1:4f:6b:3a:a4:18:b6:60:72:fa:31:
0c:40:5c:0b:84:9f:a7:a7:58:cb:9e:eb:cc:6e:0b:c3:b1:86:
89:e9:c6:ef:c8:d9:33:35:7c:e5:c6:d4:fc:2e:66:83:2d:c6:
36:cb:d4:69:54:51:14:bd:7c:d6:9a:27:08:71:ef:9b:90:38:
ed:c9:e5:5a:a3:0d:f1:cd:fa:d1:93:5b:dd:30:b8:3e:34:62:
92:0c:06:7b:ab:d7:e2:a2:48:38:0d:14:52:b4:0e:05:51:7e:
07:f2:8b:bc:ef:11:54:3e:f1:d9:96:15:1f:30:77:44:2b:5d:
44:44:84:ec:35:2b:18:0c:6e:83:e8:77:93:ec:72:88:7a:f8:
ee:b9:25:4b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvTAKfFqSW/7uZ656qsJIh2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmFkMjNlMTFjZjBkMjRhNDc3NTk0ZWJhMDlmOTlhY2M2
ZjFmZmYwHhcNMjMxMTE1MTI0MTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTBlZDM3YjhjODRhYjgyNzQ2MWZiMjZkZmRlMjQwMzJiOGJlZTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpXgRlyr7JF/7AKOdFNDVTJV3rEp
+q4R2braic08bhlQ0lh4tEfNLbZAyNQtgMqTbjOJMPC/Nh8PY0RxFri8xbbTPTWW
+pjFfKkQERTkTbLrym09kcKejeC//1bRxASCnAjYtEwBKmrYEuwdr9GOmzJtKrs1
sq91vTDPU2Un/qPx7AyTK5/k0rcyeHartF4pqBkrbMGGiczN0pmQrbXtQXfVeoPQ
7CO2eZthsp4+ECvETQoODx9def5URFrFpnVpUIs6S3/SEgbbEKeuB7ThpMWb2Qu8
ysM9saJ6BUtBoWhbI6P5c1ZDJqmSxFqjCMdWTy3tbrEZ5TPTc5KyXhPQ7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHUO03uMhKuCdGH7Jt/eJAMri+55MB8GA1UdIwQY
MBaAFL360j4Rzw0kpHdZTroJ+ZrMbx//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEt
NGY0ZTcxZTMyMDg0LzEvZFE3VGU0eUVxNEowWWZzbTM5NGtBeXVMN25rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEtNGY0ZTcxZTMyMDg0
LzEvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQET65QAwQD
WWhAMA0GCSqGSIb3DQEBCwUAA4IBAQCHzhtbWUt04+EHW+Jea2r7IlkTzzUg+Esw
iSpaiCwHXgbyaYZMe5lRyhvhymfwCjivC4F91oc8EVfRMEJkk9AtNh1Gr1Sk2v74
e4LEVoXz6DDqEHUT4KrGvFLQCjcOEPAJcuh8So9IMX1i1P2153GrpmEK0U9rOqQY
tmBy+jEMQFwLhJ+np1jLnuvMbgvDsYaJ6cbvyNkzNXzlxtT8LmaDLcY2y9RpVFEU
vXzWmicIce+bkDjtyeVaow3xzfrRk1vdMLg+NGKSDAZ7q9fiokg4DRRStA4FUX4H
8ou87xFUPvHZlhUfMHdEK11ERITsNSsYDG6D6HeT7HKIevjuuSVL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:13 2024 by rpki-client on console-ams.rpki-client.org