Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/P5juE6Rcf0dyQjs5D-xbJwHjJUA.roa
File: P5juE6Rcf0dyQjs5D-xbJwHjJUA.roa (raw, json)
Hash identifier: d4sJjY8hwIPQQNd5UmFyeBgJrikZgI5vVbaGP+TvTGA=
Subject key identifier: 3F:98:EE:13:A4:5C:7F:47:72:42:3B:39:0F:EC:5B:27:01:E3:25:40
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 018C8D9B0E22B14DF46D43D05F3981F9C042
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/P5juE6Rcf0dyQjs5D-xbJwHjJUA.roa
Signing time: Thu 21 Dec 2023 18:19:58 +0000
ROA not before: Thu 21 Dec 2023 18:19:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213274
IP address blocks: 89.252.142.0/24 maxlen: 24
89.252.144.0/24 maxlen: 24
89.252.147.0/24 maxlen: 24
89.252.152.0/24 maxlen: 24
89.252.156.0/24 maxlen: 24
89.252.157.0/24 maxlen: 24
94.102.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8d:9b:0e:22:b1:4d:f4:6d:43:d0:5f:39:81:f9:c0:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Dec 21 18:19:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f98ee13a45c7f4772423b390fec5b2701e32540
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:2a:8f:57:44:4a:3e:1c:1d:fa:78:1d:64:60:
3d:a8:d4:65:ac:da:9e:11:41:47:3d:94:24:60:f8:
b9:06:cd:66:92:b8:4f:d3:34:e2:b1:0d:85:7e:d8:
dc:64:9f:a2:b4:aa:56:31:b1:70:61:68:db:fe:07:
47:2e:54:fd:36:a8:7c:90:91:3d:43:b1:02:d1:7d:
10:69:99:72:b0:ca:9e:0a:8b:40:08:93:7e:41:bb:
51:e3:24:f5:29:84:45:71:cf:33:b8:92:40:5d:d8:
ee:f3:bc:b8:49:71:a7:1a:95:17:b3:aa:ff:c3:40:
db:08:75:90:fd:d0:3d:e0:b7:4c:01:ce:36:5f:37:
85:55:12:02:7a:2c:19:e5:fe:da:69:b0:27:a5:1c:
ed:f8:e9:f2:12:5c:e8:79:1d:67:f5:9d:c0:68:19:
be:e8:3f:8a:6e:ac:1a:b5:b9:06:c5:8c:71:6a:04:
0e:1f:b3:84:a6:12:58:29:d3:73:1c:d5:0d:f0:b3:
9c:20:47:35:2c:1b:1c:40:ef:6a:ac:9e:e2:f4:94:
6d:ec:ef:d5:08:6e:81:ff:e5:6a:ce:97:4e:9f:d0:
de:bb:bb:ae:24:ad:74:7a:f5:96:02:98:4f:9c:4c:
1b:30:16:d3:f1:84:d6:c4:cd:02:cc:16:17:43:ec:
72:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:98:EE:13:A4:5C:7F:47:72:42:3B:39:0F:EC:5B:27:01:E3:25:40
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/P5juE6Rcf0dyQjs5D-xbJwHjJUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.142.0/24
89.252.144.0/24
89.252.147.0/24
89.252.152.0/24
89.252.156.0/23
94.102.12.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:f4:1b:e3:1d:90:46:45:c7:1a:f5:72:fb:4d:fe:99:2f:c5:
39:e5:13:3d:33:c7:a7:a7:f4:37:6b:fd:82:e0:d1:6f:22:d9:
20:5f:fa:be:dd:fb:38:be:06:0f:b4:1a:0e:40:f4:d3:21:e2:
7a:ee:9d:32:bf:bb:96:2f:f4:26:d3:a7:f3:88:ab:97:3e:f4:
44:8c:9d:fe:2e:3a:2e:67:5e:9c:ae:df:90:b8:3b:ca:8f:85:
58:3f:6b:e8:9a:ca:7b:61:6a:58:dc:17:71:ea:20:a9:a2:f7:
91:4a:04:d7:00:1f:58:13:66:02:90:3d:d2:a6:ce:b1:c0:d2:
50:e4:ba:68:e0:44:22:09:20:11:42:6b:f3:67:c9:b9:e3:4b:
18:fe:ff:91:ab:53:05:cb:0a:dc:05:6d:c8:20:66:37:55:88:
04:75:96:50:fe:c9:ea:7a:0b:a6:37:bb:53:42:4d:83:69:1d:
23:7c:93:a6:6d:cc:04:9f:c6:47:aa:ff:13:bc:92:7b:1b:fb:
da:ae:69:09:a7:ec:55:d6:5a:08:fd:18:d3:16:ea:a6:32:42:
f9:14:a2:af:39:00:ea:ff:ac:6c:0d:95:c0:07:5d:ee:40:52:
a1:9f:e3:6f:4b:05:a9:03:1b:1d:bf:99:7d:2a:2a:b0:1d:85:
3d:17:76:6f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYyNmw4isU30bUPQXzmB+cBCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjMxMjIxMTgxOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjk4ZWUxM2E0NWM3ZjQ3NzI0MjNiMzkwZmVjNWIyNzAxZTMyNTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyqPV0RKPhwd+ngdZGA9qNRlrNqe
EUFHPZQkYPi5Bs1mkrhP0zTisQ2FftjcZJ+itKpWMbFwYWjb/gdHLlT9Nqh8kJE9
Q7EC0X0QaZlysMqeCotACJN+QbtR4yT1KYRFcc8zuJJAXdju87y4SXGnGpUXs6r/
w0DbCHWQ/dA94LdMAc42XzeFVRICeiwZ5f7aabAnpRzt+OnyElzoeR1n9Z3AaBm+
6D+KbqwatbkGxYxxagQOH7OEphJYKdNzHNUN8LOcIEc1LBscQO9qrJ7i9JRt7O/V
CG6B/+VqzpdOn9Deu7uuJK10evWWAphPnEwbMBbT8YTWxM0CzBYXQ+xyUwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFD+Y7hOkXH9HckI7OQ/sWycB4yVAMB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEvUDVqdUU2UmNmMGR5UWpzNUQteGJKd0hqSlVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAWfyOAwQA
WfyQAwQAWfyTAwQAWfyYAwQBWfycAwQAXmYMMA0GCSqGSIb3DQEBCwUAA4IBAQBM
9BvjHZBGRcca9XL7Tf6ZL8U55RM9M8enp/Q3a/2C4NFvItkgX/q+3fs4vgYPtBoO
QPTTIeJ67p0yv7uWL/Qm06fziKuXPvREjJ3+LjouZ16crt+QuDvKj4VYP2vomsp7
YWpY3Bdx6iCpoveRSgTXAB9YE2YCkD3Sps6xwNJQ5Lpo4EQiCSARQmvzZ8m540sY
/v+Rq1MFywrcBW3IIGY3VYgEdZZQ/snqegumN7tTQk2DaR0jfJOmbcwEn8ZHqv8T
vJJ7G/varmkJp+xV1loI/RjTFuqmMkL5FKKvOQDq/6xsDZXAB13uQFKhn+NvSwWp
Axsdv5l9KiqwHYU9F3Zv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:52 2024 by rpki-client on console-fra.rpki-client.org