Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/r4VHkley0_nUbJmW-BIbkhjBGNo.roa
File: r4VHkley0_nUbJmW-BIbkhjBGNo.roa (raw, json)
Hash identifier: 9Hihqbiq+83Bk9NzP4dS5CWRzgR8Z6WCPdS5wwi6SlA=
Subject key identifier: AF:85:47:92:57:B2:D3:F9:D4:6C:99:96:F8:12:1B:92:18:C1:18:DA
Certificate issuer: /CN=5eb42ab8de98be1c771f0a9868582fcf95dc4ac6
Certificate serial: 018CC56DE8DF6CC44CC4B50A07F792104568
Authority key identifier: 5E:B4:2A:B8:DE:98:BE:1C:77:1F:0A:98:68:58:2F:CF:95:DC:4A:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XrQquN6Yvhx3HwqYaFgvz5XcSsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/r4VHkley0_nUbJmW-BIbkhjBGNo.roa
Signing time: Mon 01 Jan 2024 14:29:23 +0000
ROA not before: Mon 01 Jan 2024 14:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48348
IP address blocks: 89.248.96.0/20 maxlen: 20
185.80.4.0/22 maxlen: 22
93.174.0.0/21 maxlen: 21
185.15.76.0/22 maxlen: 22
2a05:7900::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 09 Sep 2024 08:44:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:e8:df:6c:c4:4c:c4:b5:0a:07:f7:92:10:45:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5eb42ab8de98be1c771f0a9868582fcf95dc4ac6
Validity
Not Before: Jan 1 14:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af85479257b2d3f9d46c9996f8121b9218c118da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:dd:c9:a0:d3:e9:89:46:dc:04:13:33:d0:17:
ce:e8:b3:66:dc:82:67:5e:a6:87:b8:89:9d:77:81:
f7:71:93:31:ff:5b:3d:cb:f5:5d:c1:cf:7b:fc:09:
6a:80:6b:71:70:bb:d3:6f:64:fc:12:ab:9c:3c:a0:
3e:31:e3:63:c7:74:db:46:98:f5:b0:3e:ef:bd:bf:
0b:b9:46:83:17:71:7b:17:d7:02:fd:21:c6:da:32:
bf:21:6d:0d:7a:49:17:27:d8:ef:c6:43:25:f9:59:
fd:15:c6:24:57:5d:c8:c1:e0:80:98:30:d1:59:c4:
2e:15:7f:65:67:89:24:f9:18:05:91:22:ab:25:45:
6e:14:34:2f:89:52:07:84:c6:72:bb:2c:f8:27:4d:
d4:9b:0d:20:6c:f6:07:00:66:d9:39:70:11:fa:99:
b6:68:60:f9:28:00:25:5a:15:dd:fc:05:8c:80:db:
75:3c:f8:1d:ec:c4:b1:70:86:12:e0:29:38:ba:4c:
bb:b5:15:15:08:c5:52:cb:f4:09:da:5e:82:e2:57:
22:dd:d9:c5:ef:96:71:24:7c:b6:51:5c:85:2a:00:
00:92:10:d0:f9:fc:0f:87:37:12:19:43:bf:6e:60:
f8:49:93:a9:d2:e3:a0:22:5c:4d:08:51:9d:7e:56:
ab:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:85:47:92:57:B2:D3:F9:D4:6C:99:96:F8:12:1B:92:18:C1:18:DA
X509v3 Authority Key Identifier:
keyid:5E:B4:2A:B8:DE:98:BE:1C:77:1F:0A:98:68:58:2F:CF:95:DC:4A:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrQquN6Yvhx3HwqYaFgvz5XcSsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/r4VHkley0_nUbJmW-BIbkhjBGNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/XrQquN6Yvhx3HwqYaFgvz5XcSsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.248.96.0/20
93.174.0.0/21
185.15.76.0/22
185.80.4.0/22
IPv6:
2a05:7900::/29
Signature Algorithm: sha256WithRSAEncryption
62:f4:69:14:48:a2:43:4b:00:b0:d6:76:ba:48:6c:ff:c9:41:
7a:cc:5c:09:11:21:ce:a8:55:93:31:e0:56:de:4e:59:99:ec:
56:44:08:d3:8b:08:87:e1:e9:3a:b1:32:d9:2d:18:ce:7e:dc:
f8:75:12:0a:45:d9:b6:70:4c:79:44:9e:e6:ae:63:55:d9:cf:
a1:d5:de:25:26:b4:3c:c8:9f:05:d7:24:86:79:b6:1a:95:28:
c7:12:34:bb:94:dd:41:ad:f1:f2:b2:22:23:c6:bb:ce:02:93:
a6:20:51:00:d0:84:84:d7:3b:b9:16:39:28:72:d8:7c:32:70:
70:5c:aa:f9:1b:79:5a:0a:0f:a7:14:e3:f6:d8:fa:a6:07:b1:
ba:03:f3:19:2d:b6:8f:32:45:47:66:68:41:7a:67:93:fe:24:
87:5d:9e:30:c6:85:cf:65:69:3b:a1:05:c6:26:ec:bd:24:8e:
bb:a2:a4:86:81:fc:00:67:d9:9e:2f:93:f3:6e:ae:a4:02:27:
78:92:60:73:c8:c6:b1:b0:39:1d:02:c6:ae:54:c1:63:cd:54:
b9:91:f2:93:93:30:6b:ed:d3:d3:29:ff:d4:33:e0:b3:03:91:
8b:6d:62:7a:5d:e8:6c:e0:8c:d5:87:e0:ef:20:dc:fb:3e:c1:
af:c8:22:c6
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzFbejfbMRMxLUKB/eSEEVoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYjQyYWI4ZGU5OGJlMWM3NzFmMGE5ODY4NTgyZmNmOTVk
YzRhYzYwHhcNMjQwMTAxMTQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjg1NDc5MjU3YjJkM2Y5ZDQ2Yzk5OTZmODEyMWI5MjE4YzExOGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnN3JoNPpiUbcBBMz0BfO6LNm3IJn
XqaHuImdd4H3cZMx/1s9y/Vdwc97/AlqgGtxcLvTb2T8EqucPKA+MeNjx3TbRpj1
sD7vvb8LuUaDF3F7F9cC/SHG2jK/IW0NekkXJ9jvxkMl+Vn9FcYkV13IweCAmDDR
WcQuFX9lZ4kk+RgFkSKrJUVuFDQviVIHhMZyuyz4J03Umw0gbPYHAGbZOXAR+pm2
aGD5KAAlWhXd/AWMgNt1PPgd7MSxcIYS4Ck4uky7tRUVCMVSy/QJ2l6C4lci3dnF
75ZxJHy2UVyFKgAAkhDQ+fwPhzcSGUO/bmD4SZOp0uOgIlxNCFGdflariQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFK+FR5JXstP51GyZlvgSG5IYwRjaMB8GA1UdIwQY
MBaAFF60KrjemL4cdx8KmGhYL8+V3ErGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJRcXVONll2aHgzSHdxWWFGZ3Z6NVhjU3NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9hODRlN2UtYzYxNi00YWIxLWE0OTQt
NzczYzBiM2M4OTM1LzEvcjRWSGtsZXkwX25VYkptVy1CSWJraGpCR05vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9hODRlN2UtYzYxNi00YWIxLWE0OTQtNzczYzBiM2M4OTM1
LzEvWHJRcXVONll2aHgzSHdxWWFGZ3Z6NVhjU3NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEWfhgAwQD
Xa4AAwQCuQ9MAwQCuVAEMA0EAgACMAcDBQMqBXkAMA0GCSqGSIb3DQEBCwUAA4IB
AQBi9GkUSKJDSwCw1na6SGz/yUF6zFwJESHOqFWTMeBW3k5ZmexWRAjTiwiH4ek6
sTLZLRjOftz4dRIKRdm2cEx5RJ7mrmNV2c+h1d4lJrQ8yJ8F1ySGebYalSjHEjS7
lN1BrfHysiIjxrvOApOmIFEA0ISE1zu5Fjkocth8MnBwXKr5G3laCg+nFOP22Pqm
B7G6A/MZLbaPMkVHZmhBemeT/iSHXZ4wxoXPZWk7oQXGJuy9JI67oqSGgfwAZ9me
L5Pzbq6kAid4kmBzyMaxsDkdAsauVMFjzVS5kfKTkzBr7dPTKf/UM+CzA5GLbWJ6
Xehs4IzVh+DvINz7PsGvyCLG
-----END CERTIFICATE-----
Generated at Mon Sep 9 10:49:00 2024 by rpki-client on console-fra.rpki-client.org