Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/5rtMb9eXGrgmY-pRC26iJG_dYlU.roa
File: 5rtMb9eXGrgmY-pRC26iJG_dYlU.roa (raw, json)
Hash identifier: mVfnLlUXq8crAEYBX9ji507OzZOrSW6ady5TizpWnJE=
Subject key identifier: E6:BB:4C:6F:D7:97:1A:B8:26:63:EA:51:0B:6E:A2:24:6F:DD:62:55
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 018BF19120631334AC7D04598AFD7AE8402C
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/5rtMb9eXGrgmY-pRC26iJG_dYlU.roa
Signing time: Tue 21 Nov 2023 11:08:21 +0000
ROA not before: Tue 21 Nov 2023 11:08:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213274
IP address blocks: 89.252.142.0/24 maxlen: 24
89.252.157.0/24 maxlen: 24
94.102.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Dec 2023 21:09:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f1:91:20:63:13:34:ac:7d:04:59:8a:fd:7a:e8:40:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Nov 21 11:08:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6bb4c6fd7971ab82663ea510b6ea2246fdd6255
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f1:ee:c6:3b:f3:bb:6c:f0:66:9f:1e:55:70:
fb:23:88:81:45:e4:65:32:5a:be:3d:3f:48:a0:11:
90:0c:8d:05:dd:b3:34:c4:de:b8:39:1b:00:e0:6e:
30:93:60:fe:dc:c0:f5:fd:53:14:f6:d4:b9:4c:72:
09:c1:81:29:01:42:16:1f:54:e0:1c:87:6e:79:d1:
a5:f4:d6:30:20:7c:f2:8c:98:5d:7f:00:d5:de:b5:
73:75:f7:46:09:6b:cf:8b:9d:ae:11:6b:e6:d3:9f:
b2:96:ad:59:17:1d:f7:84:94:fb:75:44:6f:1c:28:
5e:81:2b:89:e9:19:26:f3:54:4f:65:d4:06:e7:84:
c3:23:dc:a0:66:b5:9c:d8:fd:01:1c:2b:07:1d:00:
3e:bd:ab:a8:0d:aa:d3:c3:a9:fe:73:e1:f5:c5:48:
67:d0:22:79:2f:61:8a:f3:47:46:0c:b9:b4:e7:f0:
7c:df:35:cb:df:07:b4:89:74:e4:e8:1c:a5:30:75:
e5:63:a8:34:65:c1:72:f1:39:ee:2f:ef:41:58:66:
56:7d:2e:1e:c8:6a:89:2b:00:dc:79:86:db:28:4c:
ad:d9:31:8e:4c:98:b9:a7:10:4c:f4:17:d8:e2:f7:
f4:ff:84:24:7e:f2:ea:22:68:59:69:17:4a:0c:63:
06:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:BB:4C:6F:D7:97:1A:B8:26:63:EA:51:0B:6E:A2:24:6F:DD:62:55
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/5rtMb9eXGrgmY-pRC26iJG_dYlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.142.0/24
89.252.157.0/24
94.102.12.0/24
Signature Algorithm: sha256WithRSAEncryption
93:1b:fe:33:8a:49:9d:ec:96:23:e2:0c:93:18:2f:c4:d8:b8:
f6:fe:fd:4f:ff:51:ce:d5:cf:02:43:69:6f:97:2f:57:7c:4a:
9b:fc:86:fd:34:b2:f5:02:ac:04:95:26:c1:ea:aa:a2:6f:e4:
9a:35:f5:fa:37:3e:b8:bd:1f:26:b3:c7:9b:dd:66:5e:69:5b:
e6:7f:7a:66:8d:2b:31:4e:1d:50:aa:4e:67:a0:4c:0c:bc:9f:
f0:fd:d1:7b:9c:13:de:c1:32:b5:f1:63:07:d5:38:82:28:86:
9d:d9:5f:d7:ce:37:41:3d:dc:37:b9:86:3c:d8:02:14:e8:60:
43:c1:85:de:dd:04:78:9a:0a:97:b7:20:8f:3b:a6:33:83:63:
fe:11:d7:a4:5b:72:80:16:ea:4e:20:e2:07:48:06:cc:d4:c1:
af:17:03:54:46:4d:15:9d:3b:2e:70:d2:52:93:6f:8f:d4:45:
ef:4a:47:e7:8b:0d:3f:33:c1:e8:77:a3:b8:5d:7c:b4:2c:de:
32:af:d7:00:20:7b:cf:96:16:0e:2b:05:a9:58:95:ce:79:09:
91:84:66:d9:fd:aa:6b:9d:b3:21:55:03:d0:47:84:1f:3b:6d:
85:28:5e:4c:28:67:73:df:40:c6:3f:6b:97:93:a3:83:c0:8a:
b6:23:ee:02
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvxkSBjEzSsfQRZiv166EAsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjMxMTIxMTEwODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmJiNGM2ZmQ3OTcxYWI4MjY2M2VhNTEwYjZlYTIyNDZmZGQ2MjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfHuxjvzu2zwZp8eVXD7I4iBReRl
Mlq+PT9IoBGQDI0F3bM0xN64ORsA4G4wk2D+3MD1/VMU9tS5THIJwYEpAUIWH1Tg
HIduedGl9NYwIHzyjJhdfwDV3rVzdfdGCWvPi52uEWvm05+ylq1ZFx33hJT7dURv
HChegSuJ6Rkm81RPZdQG54TDI9ygZrWc2P0BHCsHHQA+vauoDarTw6n+c+H1xUhn
0CJ5L2GK80dGDLm05/B83zXL3we0iXTk6BylMHXlY6g0ZcFy8TnuL+9BWGZWfS4e
yGqJKwDceYbbKEyt2TGOTJi5pxBM9BfY4vf0/4QkfvLqImhZaRdKDGMGCwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOa7TG/Xlxq4JmPqUQtuoiRv3WJVMB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEvNXJ0TWI5ZVhHcmdtWS1wUkMyNmlKR19kWWxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWfyOAwQA
WfydAwQAXmYMMA0GCSqGSIb3DQEBCwUAA4IBAQCTG/4zikmd7JYj4gyTGC/E2Lj2
/v1P/1HO1c8CQ2lvly9XfEqb/Ib9NLL1AqwElSbB6qqib+SaNfX6Nz64vR8ms8eb
3WZeaVvmf3pmjSsxTh1Qqk5noEwMvJ/w/dF7nBPewTK18WMH1TiCKIad2V/XzjdB
Pdw3uYY82AIU6GBDwYXe3QR4mgqXtyCPO6Yzg2P+EdekW3KAFupOIOIHSAbM1MGv
FwNURk0VnTsucNJSk2+P1EXvSkfniw0/M8Hod6O4XXy0LN4yr9cAIHvPlhYOKwWp
WJXOeQmRhGbZ/aprnbMhVQPQR4QfO22FKF5MKGdz30DGP2uXk6ODwIq2I+4C
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:51 2024 by rpki-client on console-fra.rpki-client.org