Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/xmHwt15zInIglLJEPGKuDtz8qKg.roa
File: xmHwt15zInIglLJEPGKuDtz8qKg.roa (raw, json)
Hash identifier: 2nGRT7VKLJrF/cFxh0852ZUKCWQzTQnTEQycvdIVQrc=
Subject key identifier: C6:61:F0:B7:5E:73:22:72:20:94:B2:44:3C:62:AE:0E:DC:FC:A8:A8
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 018C58C7026B756F90A7BA4A6C0648A30C44
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/xmHwt15zInIglLJEPGKuDtz8qKg.roa
Signing time: Mon 11 Dec 2023 12:08:06 +0000
ROA not before: Mon 11 Dec 2023 12:08:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213274
IP address blocks: 89.252.142.0/24 maxlen: 24
89.252.144.0/24 maxlen: 24
89.252.152.0/24 maxlen: 24
89.252.156.0/24 maxlen: 24
89.252.157.0/24 maxlen: 24
94.102.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Dec 2023 18:19:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:58:c7:02:6b:75:6f:90:a7:ba:4a:6c:06:48:a3:0c:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Dec 11 12:08:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c661f0b75e7322722094b2443c62ae0edcfca8a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ce:e1:f7:f5:64:c1:5c:ea:e7:e3:ba:9e:0b:
f2:fb:15:c6:4a:32:2e:bd:71:4f:8a:50:cb:4e:bb:
0d:eb:be:cc:cc:3f:1c:cd:cc:57:17:a8:fd:bd:35:
54:3c:92:be:59:64:14:85:d2:5e:50:70:55:92:2f:
a0:d5:30:30:2d:7f:27:ed:f1:d5:9a:72:38:35:69:
c3:90:09:19:c9:9c:2d:72:29:ec:ac:33:11:bf:48:
34:ca:96:e1:0c:51:e5:34:d9:b2:88:0b:c0:c7:3f:
36:45:51:4f:45:a8:c9:57:81:42:6e:65:59:58:d5:
44:b1:e0:35:bd:5e:02:70:7f:0d:f7:29:b2:f1:e4:
e9:0f:46:1b:d4:c6:74:60:f7:f5:66:1b:70:50:5e:
9e:9a:a2:c7:6d:1f:31:18:bb:d4:8c:f2:fc:03:07:
d5:eb:cc:6d:7f:e8:21:95:04:28:5c:89:eb:19:90:
b3:d2:f2:c7:2f:b3:65:30:9b:3f:cb:e9:89:14:42:
de:f8:d6:95:fa:0c:f8:40:e1:47:77:e1:44:4a:9f:
2c:c1:17:e8:d1:d1:75:8a:ec:08:f0:4c:d4:76:f8:
4b:e2:c0:e0:0f:7b:97:c9:7c:7e:b5:38:da:5a:c1:
0c:0f:84:1a:18:72:92:aa:da:6b:eb:02:fa:bd:b0:
a7:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:61:F0:B7:5E:73:22:72:20:94:B2:44:3C:62:AE:0E:DC:FC:A8:A8
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/xmHwt15zInIglLJEPGKuDtz8qKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.142.0/24
89.252.144.0/24
89.252.152.0/24
89.252.156.0/23
94.102.12.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:a8:70:67:0b:d2:8c:04:19:0e:a2:13:ac:10:8f:e7:76:2f:
1c:b7:d9:af:75:a8:d0:40:8f:3f:f4:36:7a:f5:6d:0a:40:09:
fd:c3:79:a1:2f:db:82:95:6f:07:9a:4a:72:a4:66:85:23:56:
62:14:95:bb:75:90:7b:8c:0e:e6:2f:f6:81:7b:3f:31:4c:87:
d7:94:dc:3b:07:6f:c2:f8:2b:6b:e4:d2:09:82:35:41:fb:59:
c3:86:4f:24:53:cb:1e:a5:21:04:fd:d9:8a:bb:5d:e7:24:56:
ee:25:04:05:41:86:aa:2e:39:c4:ae:53:00:0a:84:8c:1a:b0:
0f:1b:2c:cb:7e:45:90:d5:be:ab:32:93:bd:1e:e6:45:8c:37:
1e:1f:d7:12:bc:41:c2:4f:55:07:a4:c2:d0:92:61:a6:5a:d5:
46:6a:32:b3:61:b3:89:ea:85:e3:97:81:e3:b0:f0:29:7e:b8:
37:64:88:11:f1:75:7d:b3:b3:06:da:98:a9:0f:6f:06:e3:a2:
7b:0b:0c:6f:63:bb:d4:2e:d8:30:0c:07:f8:1f:b8:b8:66:fe:
30:5b:7b:05:71:20:16:f6:4f:da:69:0a:89:ea:1a:a0:91:21:
e9:1a:85:88:2a:72:c9:24:ac:1f:75:30:ac:9e:d5:46:f1:81:
36:cd:57:9b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYxYxwJrdW+Qp7pKbAZIowxEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjMxMjExMTIwODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjYxZjBiNzVlNzMyMjcyMjA5NGIyNDQzYzYyYWUwZWRjZmNhOGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjc7h9/VkwVzq5+O6ngvy+xXGSjIu
vXFPilDLTrsN677MzD8czcxXF6j9vTVUPJK+WWQUhdJeUHBVki+g1TAwLX8n7fHV
mnI4NWnDkAkZyZwtcinsrDMRv0g0ypbhDFHlNNmyiAvAxz82RVFPRajJV4FCbmVZ
WNVEseA1vV4CcH8N9ymy8eTpD0Yb1MZ0YPf1ZhtwUF6emqLHbR8xGLvUjPL8AwfV
68xtf+ghlQQoXInrGZCz0vLHL7NlMJs/y+mJFELe+NaV+gz4QOFHd+FESp8swRfo
0dF1iuwI8EzUdvhL4sDgD3uXyXx+tTjaWsEMD4QaGHKSqtpr6wL6vbCnawIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMZh8LdecyJyIJSyRDxirg7c/KioMB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEveG1Id3QxNXpJbklnbExKRVBHS3VEdHo4cUtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWfyOAwQA
WfyQAwQAWfyYAwQBWfycAwQAXmYMMA0GCSqGSIb3DQEBCwUAA4IBAQB6qHBnC9KM
BBkOohOsEI/ndi8ct9mvdajQQI8/9DZ69W0KQAn9w3mhL9uClW8HmkpypGaFI1Zi
FJW7dZB7jA7mL/aBez8xTIfXlNw7B2/C+Ctr5NIJgjVB+1nDhk8kU8sepSEE/dmK
u13nJFbuJQQFQYaqLjnErlMACoSMGrAPGyzLfkWQ1b6rMpO9HuZFjDceH9cSvEHC
T1UHpMLQkmGmWtVGajKzYbOJ6oXjl4HjsPApfrg3ZIgR8XV9s7MG2pipD28G46J7
CwxvY7vULtgwDAf4H7i4Zv4wW3sFcSAW9k/aaQqJ6hqgkSHpGoWIKnLJJKwfdTCs
ntVG8YE2zVeb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:08 2024 by rpki-client on console-ams.rpki-client.org