Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/9BCZPqBwTEcBA7lEQjDzXeasA6g.roa
File: 9BCZPqBwTEcBA7lEQjDzXeasA6g.roa (raw, json)
Hash identifier: m2PRSwgQsSClWN6BxhusH70liKmxSnY8LIABjrSyppg=
Subject key identifier: F4:10:99:3E:A0:70:4C:47:01:03:B9:44:42:30:F3:5D:E6:AC:03:A8
Certificate issuer: /CN=5eb42ab8de98be1c771f0a9868582fcf95dc4ac6
Certificate serial: 0191DFE5C659EA6CB15232067A013B773A93
Authority key identifier: 5E:B4:2A:B8:DE:98:BE:1C:77:1F:0A:98:68:58:2F:CF:95:DC:4A:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XrQquN6Yvhx3HwqYaFgvz5XcSsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/9BCZPqBwTEcBA7lEQjDzXeasA6g.roa
Signing time: Wed 11 Sep 2024 07:04:23 +0000
ROA not before: Wed 11 Sep 2024 07:04:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48348
IP address blocks: 89.248.96.0/20 maxlen: 24
89.248.97.0/24 maxlen: 24
93.174.0.0/21 maxlen: 24
185.15.76.0/22 maxlen: 22
185.80.4.0/22 maxlen: 22
2a05:7900::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 17 Sep 2024 11:55:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:df:e5:c6:59:ea:6c:b1:52:32:06:7a:01:3b:77:3a:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5eb42ab8de98be1c771f0a9868582fcf95dc4ac6
Validity
Not Before: Sep 11 07:04:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f410993ea0704c470103b9444230f35de6ac03a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:81:94:46:33:95:0c:40:94:d4:b7:60:53:3b:
07:f3:22:d0:a3:35:3a:fa:d6:45:f2:6e:83:96:dc:
3b:e6:d3:94:3c:9e:bf:6f:89:c9:f6:38:fb:4a:2e:
fb:2e:de:99:eb:94:a6:3d:61:a0:f5:71:f3:90:e9:
4d:5e:3d:ce:18:4e:36:d3:59:3c:ea:da:1c:ac:e0:
7c:1f:ec:6e:04:4f:c8:f7:bd:9c:6b:21:f7:b3:0f:
04:65:0e:12:72:c9:9f:dd:06:d7:fe:37:34:f3:06:
7a:7c:c6:5b:6e:89:27:90:d5:fd:ef:6e:2c:37:42:
bc:2b:89:a8:6f:da:17:74:8c:72:17:c4:6e:e2:2b:
82:48:23:e2:06:1b:fe:2d:74:dc:ef:0f:0b:2f:8e:
9c:ba:b0:3b:cc:57:7f:24:cd:23:97:99:11:40:9c:
ba:84:90:a4:de:2d:b8:77:8e:b9:f0:8d:53:f0:90:
d8:59:21:df:70:dc:69:fb:29:20:cf:9d:7b:dc:a0:
68:62:29:a7:c8:13:05:f0:9e:e5:a8:56:71:00:a5:
df:41:3e:3b:cc:33:a0:fd:bf:1b:a8:1c:fe:dc:11:
4a:8a:f1:d7:a2:ff:c4:c6:be:b8:1a:29:8f:29:a2:
46:66:50:e8:ce:88:f9:07:8e:07:5b:50:81:6e:5d:
92:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:10:99:3E:A0:70:4C:47:01:03:B9:44:42:30:F3:5D:E6:AC:03:A8
X509v3 Authority Key Identifier:
keyid:5E:B4:2A:B8:DE:98:BE:1C:77:1F:0A:98:68:58:2F:CF:95:DC:4A:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrQquN6Yvhx3HwqYaFgvz5XcSsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/9BCZPqBwTEcBA7lEQjDzXeasA6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/XrQquN6Yvhx3HwqYaFgvz5XcSsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.248.96.0/20
93.174.0.0/21
185.15.76.0/22
185.80.4.0/22
IPv6:
2a05:7900::/29
Signature Algorithm: sha256WithRSAEncryption
8c:57:17:63:c2:fa:08:12:64:15:72:2c:dd:36:42:34:f4:08:
1f:be:7d:f6:ac:d9:c0:64:67:33:49:29:30:2c:96:aa:83:4c:
93:d9:91:17:e3:0b:2e:d2:be:2d:02:83:90:98:62:0f:7c:99:
db:e7:c4:19:63:4b:e1:2f:e4:b5:22:76:f9:46:c8:e6:fd:f3:
2e:49:aa:42:ed:f5:a7:04:6f:48:57:f9:02:ea:ac:66:57:9a:
1e:b6:9f:41:5f:f9:60:c3:32:91:2e:a5:01:73:08:69:cf:26:
6a:a7:25:bd:35:43:44:fc:7a:b4:6f:b1:3b:6e:47:af:46:08:
6f:a1:e3:7d:b7:85:98:e2:2c:25:e2:e7:f3:75:14:5c:fe:60:
8a:45:5f:28:43:73:2c:15:29:50:a3:cc:74:99:3c:f7:81:09:
47:6a:8f:fa:73:e6:b0:60:e6:8d:1f:f1:91:e4:4a:b6:d7:96:
dd:a5:bd:c3:90:73:92:16:af:a5:53:19:19:96:d6:24:01:da:
8f:75:4a:a6:d8:cb:a1:60:88:70:4d:4c:eb:eb:83:82:72:65:
11:7c:09:7d:d7:dc:ac:e7:d9:c6:83:79:4c:4e:5c:3e:23:e2:
71:e5:6d:a8:de:07:68:89:4e:46:ef:6f:89:3d:a5:79:77:10:
b7:95:e8:10
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZHf5cZZ6myxUjIGegE7dzqTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYjQyYWI4ZGU5OGJlMWM3NzFmMGE5ODY4NTgyZmNmOTVk
YzRhYzYwHhcNMjQwOTExMDcwNDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDEwOTkzZWEwNzA0YzQ3MDEwM2I5NDQ0MjMwZjM1ZGU2YWMwM2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYGURjOVDECU1LdgUzsH8yLQozU6
+tZF8m6Dltw75tOUPJ6/b4nJ9jj7Si77Lt6Z65SmPWGg9XHzkOlNXj3OGE4201k8
6tocrOB8H+xuBE/I972cayH3sw8EZQ4Scsmf3QbX/jc08wZ6fMZbboknkNX9724s
N0K8K4mob9oXdIxyF8Ru4iuCSCPiBhv+LXTc7w8LL46curA7zFd/JM0jl5kRQJy6
hJCk3i24d4658I1T8JDYWSHfcNxp+ykgz5173KBoYimnyBMF8J7lqFZxAKXfQT47
zDOg/b8bqBz+3BFKivHXov/Exr64GimPKaJGZlDozoj5B44HW1CBbl2SZQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPQQmT6gcExHAQO5REIw813mrAOoMB8GA1UdIwQY
MBaAFF60KrjemL4cdx8KmGhYL8+V3ErGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJRcXVONll2aHgzSHdxWWFGZ3Z6NVhjU3NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9hODRlN2UtYzYxNi00YWIxLWE0OTQt
NzczYzBiM2M4OTM1LzEvOUJDWlBxQndURWNCQTdsRVFqRHpYZWFzQTZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9hODRlN2UtYzYxNi00YWIxLWE0OTQtNzczYzBiM2M4OTM1
LzEvWHJRcXVONll2aHgzSHdxWWFGZ3Z6NVhjU3NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEWfhgAwQD
Xa4AAwQCuQ9MAwQCuVAEMA0EAgACMAcDBQMqBXkAMA0GCSqGSIb3DQEBCwUAA4IB
AQCMVxdjwvoIEmQVcizdNkI09Agfvn32rNnAZGczSSkwLJaqg0yT2ZEX4wsu0r4t
AoOQmGIPfJnb58QZY0vhL+S1Inb5Rsjm/fMuSapC7fWnBG9IV/kC6qxmV5oetp9B
X/lgwzKRLqUBcwhpzyZqpyW9NUNE/Hq0b7E7bkevRghvoeN9t4WY4iwl4ufzdRRc
/mCKRV8oQ3MsFSlQo8x0mTz3gQlHao/6c+awYOaNH/GR5Eq215bdpb3DkHOSFq+l
UxkZltYkAdqPdUqm2MuhYIhwTUzr64OCcmURfAl919ys59nGg3lMTlw+I+Jx5W2o
3gdoiU5G72+JPaV5dxC3legQ
-----END CERTIFICATE-----
Generated at Tue Sep 17 18:26:53 2024 by rpki-client on console-ams.rpki-client.org