Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/qjSH-3nbosNMmLr0D9jqRBSq4v0.roa
File: qjSH-3nbosNMmLr0D9jqRBSq4v0.roa (raw, json)
Hash identifier: Glni2liQcDtx+oSvigbrFe9HAcjvRFndu86nErlUCSU=
Subject key identifier: AA:34:87:FB:79:DB:A2:C3:4C:98:BA:F4:0F:D8:EA:44:14:AA:E2:FD
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 018D3054AB7EC6D531A0DD9F3DDFF98017CA
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/qjSH-3nbosNMmLr0D9jqRBSq4v0.roa
Signing time: Mon 22 Jan 2024 08:41:11 +0000
ROA not before: Mon 22 Jan 2024 08:41:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213274
IP address blocks: 89.252.142.0/24 maxlen: 24
89.252.144.0/24 maxlen: 24
89.252.147.0/24 maxlen: 24
89.252.149.0/24 maxlen: 24
89.252.152.0/24 maxlen: 24
89.252.156.0/24 maxlen: 24
89.252.157.0/24 maxlen: 24
94.102.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Feb 2024 11:25:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:30:54:ab:7e:c6:d5:31:a0:dd:9f:3d:df:f9:80:17:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Jan 22 08:41:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa3487fb79dba2c34c98baf40fd8ea4414aae2fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ab:fd:e5:50:af:e3:be:b1:10:24:b4:68:ef:
ed:15:9b:0c:a9:e4:64:bf:89:3b:74:78:63:c4:69:
db:d4:9b:7e:c7:90:d0:7f:13:95:75:ba:52:70:fd:
f7:12:49:32:dc:3e:70:e0:0b:6b:f3:4c:9c:95:35:
f5:fc:3b:d8:e5:bc:10:9a:99:bb:85:e4:bb:e2:64:
99:78:ee:1b:06:d7:06:0b:2c:db:f0:6a:62:75:b4:
ec:0b:27:03:7e:89:92:53:a8:fa:1b:ac:30:e5:97:
3c:1f:63:a9:8f:9e:ff:74:72:d8:0c:3d:aa:f6:c9:
f9:31:21:ad:d1:c6:50:9e:e5:f4:41:e5:cb:72:5e:
c7:38:8b:05:da:c3:f2:90:c1:bc:3a:f6:aa:89:49:
30:90:ae:cb:7a:3e:be:fc:15:b9:60:1a:e3:12:88:
86:5c:28:1c:74:e7:f4:e4:15:f7:d5:56:ba:ba:64:
e7:00:71:16:d3:d8:ed:a3:98:a9:d6:c7:5c:b3:d9:
67:70:65:49:7b:04:8d:35:86:f4:35:cb:53:01:2e:
4d:f2:a5:7e:19:cd:c2:e3:3f:56:9e:ac:c4:3a:c0:
1e:53:22:05:a5:18:30:21:02:f1:d0:87:0b:ca:87:
30:eb:a5:f0:20:71:fc:4a:ba:50:10:40:94:03:e5:
80:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:34:87:FB:79:DB:A2:C3:4C:98:BA:F4:0F:D8:EA:44:14:AA:E2:FD
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/qjSH-3nbosNMmLr0D9jqRBSq4v0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.142.0/24
89.252.144.0/24
89.252.147.0/24
89.252.149.0/24
89.252.152.0/24
89.252.156.0/23
94.102.12.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:63:6d:67:be:1e:c9:c8:51:38:de:58:f3:c1:78:a6:5b:6e:
b4:13:23:97:df:1c:e5:3e:18:7a:52:72:47:10:1c:86:ca:e8:
1b:aa:96:bb:53:1b:7f:14:af:b9:1a:b5:a9:53:05:fc:7a:61:
9c:3e:3a:31:90:33:e4:87:d8:d3:8c:c4:14:35:6b:84:1f:5d:
ee:6b:f4:4a:93:de:d4:1b:72:25:ba:27:b7:be:eb:ff:41:1b:
d3:22:79:4b:35:78:37:01:6f:66:94:12:d3:ed:1b:b8:d6:bf:
b7:53:fa:08:6f:04:96:8a:a7:83:4c:22:22:4f:bd:e8:d0:82:
d3:3a:18:04:61:71:51:24:a7:88:97:14:2d:d6:f6:a2:b6:b1:
36:50:dd:05:f8:d6:3b:6f:33:53:cc:08:34:7e:28:a0:f3:61:
40:37:71:8a:6d:e5:7f:8d:ac:52:0a:f1:8e:97:e6:b9:cc:12:
7f:3d:df:28:73:19:c8:67:ec:24:d5:0b:69:00:4b:f0:f5:de:
94:82:ef:9e:09:c9:36:10:90:f0:c7:3a:ac:03:10:e8:75:38:
04:70:5d:f6:58:9a:bc:9e:4d:00:9d:b8:cf:98:5d:db:6c:6e:
d0:1a:36:9e:a9:68:32:93:f3:ee:a2:2e:be:be:3f:17:d8:52:
5e:d7:62:80
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY0wVKt+xtUxoN2fPd/5gBfKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjQwMTIyMDg0MTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTM0ODdmYjc5ZGJhMmMzNGM5OGJhZjQwZmQ4ZWE0NDE0YWFlMmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhav95VCv476xECS0aO/tFZsMqeRk
v4k7dHhjxGnb1Jt+x5DQfxOVdbpScP33Ekky3D5w4Atr80yclTX1/DvY5bwQmpm7
heS74mSZeO4bBtcGCyzb8GpidbTsCycDfomSU6j6G6ww5Zc8H2Opj57/dHLYDD2q
9sn5MSGt0cZQnuX0QeXLcl7HOIsF2sPykMG8OvaqiUkwkK7Lej6+/BW5YBrjEoiG
XCgcdOf05BX31Va6umTnAHEW09jto5ip1sdcs9lncGVJewSNNYb0NctTAS5N8qV+
Gc3C4z9WnqzEOsAeUyIFpRgwIQLx0IcLyocw66XwIHH8SrpQEECUA+WAUwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKo0h/t526LDTJi69A/Y6kQUquL9MB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEvcWpTSC0zbmJvc05NbUxyMEQ5anFSQlNxNHYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAWfyOAwQA
WfyQAwQAWfyTAwQAWfyVAwQAWfyYAwQBWfycAwQAXmYMMA0GCSqGSIb3DQEBCwUA
A4IBAQAdY21nvh7JyFE43ljzwXimW260EyOX3xzlPhh6UnJHEByGyugbqpa7Uxt/
FK+5GrWpUwX8emGcPjoxkDPkh9jTjMQUNWuEH13ua/RKk97UG3Iluie3vuv/QRvT
InlLNXg3AW9mlBLT7Ru41r+3U/oIbwSWiqeDTCIiT73o0ILTOhgEYXFRJKeIlxQt
1vaitrE2UN0F+NY7bzNTzAg0fiig82FAN3GKbeV/jaxSCvGOl+a5zBJ/Pd8ocxnI
Z+wk1QtpAEvw9d6Ugu+eCck2EJDwxzqsAxDodTgEcF32WJq8nk0AnbjPmF3bbG7Q
GjaeqWgyk/Puoi6+vj8X2FJe12KA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:52 2024 by rpki-client on console-fra.rpki-client.org