Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/e7hLgvrg5BpczHbIZwxGP8K1nO4.roa
File: e7hLgvrg5BpczHbIZwxGP8K1nO4.roa (raw, json)
Hash identifier: hfM6arlJnNq9nMKKjM2IxvilcghvAk4dYq289WoKMPg=
Subject key identifier: 7B:B8:4B:82:FA:E0:E4:1A:5C:CC:76:C8:67:0C:46:3F:C2:B5:9C:EE
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 018C2C5D4EE533067E4B225C68C1B46D6545
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/e7hLgvrg5BpczHbIZwxGP8K1nO4.roa
Signing time: Sat 02 Dec 2023 21:09:21 +0000
ROA not before: Sat 02 Dec 2023 21:09:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213274
IP address blocks: 89.252.142.0/24 maxlen: 24
89.252.144.0/24 maxlen: 24
89.252.157.0/24 maxlen: 24
94.102.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Dec 2023 11:47:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2c:5d:4e:e5:33:06:7e:4b:22:5c:68:c1:b4:6d:65:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Dec 2 21:09:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7bb84b82fae0e41a5ccc76c8670c463fc2b59cee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:4a:f3:bb:de:d7:6f:a1:35:e3:c0:3f:87:06:
52:b0:65:ea:e6:27:c5:7a:bf:d1:b9:02:bc:c2:ae:
36:c5:22:f4:b9:f0:44:03:d2:4c:31:b2:2a:cd:c2:
a7:34:2e:81:92:12:9c:7d:5e:9d:62:de:33:5b:a3:
14:34:4a:11:66:67:55:9d:05:37:b5:78:81:3d:cd:
5e:de:43:d2:1d:b7:02:61:bf:f3:77:7e:d6:27:07:
ee:ba:a4:18:32:17:fd:3c:44:97:42:3a:24:b2:b0:
5c:0c:e2:75:8c:91:91:c4:5b:9f:91:38:7c:5c:76:
b1:8e:fc:fc:05:ae:1b:ba:1d:1c:b3:b0:d7:cb:35:
c2:1f:76:69:35:1e:01:d5:5b:60:96:91:37:c5:02:
a2:26:16:9b:5a:4c:ce:36:61:af:41:aa:22:b2:8f:
60:a3:8e:eb:3b:8e:6f:41:53:20:d3:85:93:bb:67:
67:a2:7b:9e:a6:35:36:04:1a:21:d2:2f:e5:e1:0a:
8d:7a:3b:4a:4a:bb:b1:1e:e5:bd:8f:a4:4e:ac:76:
ae:ae:46:58:ce:6e:a8:41:9e:61:09:65:ca:f1:c4:
75:49:5f:39:42:aa:43:63:37:9c:5d:7a:21:cb:92:
0f:84:37:a4:a3:bc:9b:29:bb:b4:38:c8:01:8c:f1:
85:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:B8:4B:82:FA:E0:E4:1A:5C:CC:76:C8:67:0C:46:3F:C2:B5:9C:EE
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/e7hLgvrg5BpczHbIZwxGP8K1nO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.142.0/24
89.252.144.0/24
89.252.157.0/24
94.102.12.0/24
Signature Algorithm: sha256WithRSAEncryption
99:75:ca:5f:21:37:05:29:f2:8b:ef:3c:12:61:8f:bb:5e:15:
71:a0:58:f7:98:15:c6:00:d6:41:52:69:c3:f6:c5:d3:24:e7:
b0:cc:b4:4b:7c:b0:33:94:6c:50:11:d4:74:b4:6a:45:f4:dd:
a1:30:d0:ee:fe:9d:72:6d:e5:8b:42:a9:dd:ba:77:9a:f6:af:
55:79:65:59:1d:1b:6a:fc:a9:b5:84:eb:d0:90:2f:dc:8c:66:
c1:dc:73:cf:ef:86:27:d8:9c:7f:2b:d3:51:c1:b5:93:d3:e5:
93:c5:d3:ce:1c:5c:7d:d3:0e:cd:6f:e4:cc:a0:d8:2d:ae:96:
37:a1:6b:bd:9b:6e:a4:50:b3:d9:c1:1b:1c:d9:cb:6a:04:9e:
3f:86:81:7a:96:f9:84:8a:a6:77:cd:6b:05:f3:3a:c0:7c:28:
e0:54:eb:94:d1:fe:64:be:3a:f9:36:52:18:16:a5:7a:1a:90:
54:8d:88:dc:99:3f:2e:1c:4b:d0:de:de:ae:e5:bf:f7:00:41:
f0:fc:03:0f:c9:f6:de:23:9c:d1:0c:26:fa:7e:b3:f5:60:08:
53:7e:ff:4d:e1:e5:8f:03:f6:b7:19:56:da:ab:4d:57:88:d1:
2a:c7:1d:12:20:8a:26:b6:71:b8:39:56:3c:4e:d9:1a:73:f2:
a9:ca:71:a1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYwsXU7lMwZ+SyJcaMG0bWVFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjMxMjAyMjEwOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmI4NGI4MmZhZTBlNDFhNWNjYzc2Yzg2NzBjNDYzZmMyYjU5Y2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkErzu97Xb6E148A/hwZSsGXq5ifF
er/RuQK8wq42xSL0ufBEA9JMMbIqzcKnNC6BkhKcfV6dYt4zW6MUNEoRZmdVnQU3
tXiBPc1e3kPSHbcCYb/zd37WJwfuuqQYMhf9PESXQjoksrBcDOJ1jJGRxFufkTh8
XHaxjvz8Ba4buh0cs7DXyzXCH3ZpNR4B1VtglpE3xQKiJhabWkzONmGvQaoiso9g
o47rO45vQVMg04WTu2dnonuepjU2BBoh0i/l4QqNejtKSruxHuW9j6ROrHaurkZY
zm6oQZ5hCWXK8cR1SV85QqpDYzecXXohy5IPhDeko7ybKbu0OMgBjPGFiQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHu4S4L64OQaXMx2yGcMRj/CtZzuMB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEvZTdoTGd2cmc1QnBjekhiSVp3eEdQOEsxbk80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWfyOAwQA
WfyQAwQAWfydAwQAXmYMMA0GCSqGSIb3DQEBCwUAA4IBAQCZdcpfITcFKfKL7zwS
YY+7XhVxoFj3mBXGANZBUmnD9sXTJOewzLRLfLAzlGxQEdR0tGpF9N2hMNDu/p1y
beWLQqndunea9q9VeWVZHRtq/Km1hOvQkC/cjGbB3HPP74Yn2Jx/K9NRwbWT0+WT
xdPOHFx90w7Nb+TMoNgtrpY3oWu9m26kULPZwRsc2ctqBJ4/hoF6lvmEiqZ3zWsF
8zrAfCjgVOuU0f5kvjr5NlIYFqV6GpBUjYjcmT8uHEvQ3t6u5b/3AEHw/AMPyfbe
I5zRDCb6frP1YAhTfv9N4eWPA/a3GVbaq01XiNEqxx0SIIomtnG4OVY8Ttkac/Kp
ynGh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:52 2024 by rpki-client on console-fra.rpki-client.org