Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/61c0Cp6ye4nTnuSc95QR42GfKbw.roa
File: 61c0Cp6ye4nTnuSc95QR42GfKbw.roa (raw, json)
Hash identifier: Y2jenuwKYNHbCFsO1Y7xa654fQoCl8yuSonn5UuGwvQ=
Subject key identifier: EB:57:34:0A:9E:B2:7B:89:D3:9E:E4:9C:F7:94:11:E3:61:9F:29:BC
Certificate issuer: /CN=464952bc165441ec6e2e2010c933dc830f361731
Certificate serial: 018E12FFB346239A87D1678DDA704ED5C18D
Authority key identifier: 46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/61c0Cp6ye4nTnuSc95QR42GfKbw.roa
Signing time: Wed 06 Mar 2024 09:02:11 +0000
ROA not before: Wed 06 Mar 2024 09:02:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20668
IP address blocks: 89.35.0.0/24 maxlen: 24
89.40.42.0/24 maxlen: 24
93.113.205.0/24 maxlen: 24
188.213.35.0/24 maxlen: 24
188.213.50.0/24 maxlen: 24
188.213.213.0/24 maxlen: 24
188.214.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Mar 2024 07:11:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:12:ff:b3:46:23:9a:87:d1:67:8d:da:70:4e:d5:c1:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=464952bc165441ec6e2e2010c933dc830f361731
Validity
Not Before: Mar 6 09:02:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb57340a9eb27b89d39ee49cf79411e3619f29bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c7:ff:76:7a:49:92:b3:08:b4:e1:f0:29:84:
01:de:37:ac:42:b9:53:d3:76:7d:c7:f2:21:f2:58:
34:2f:5e:c2:b8:14:c0:2f:46:df:ed:cc:13:12:2f:
25:59:2a:22:bf:d1:24:21:65:e7:df:83:31:f2:0b:
fc:80:c5:4b:7a:db:e3:f9:ed:24:c1:5a:67:56:b4:
07:c1:a6:15:49:7d:d5:e5:76:7b:43:7f:23:52:91:
ab:7e:64:c0:8b:57:e2:c1:90:73:fa:e7:ff:f9:85:
e7:75:37:57:7c:54:8f:ea:89:c9:57:b4:32:dc:8a:
f2:d7:79:e9:06:dd:95:d2:99:71:62:b0:95:28:d8:
4a:25:0e:af:64:9b:16:de:4a:11:99:1e:c6:e9:14:
cc:82:66:61:c3:84:62:4d:c0:fb:7c:b3:31:8e:ce:
ab:8d:e0:4e:75:02:b7:ad:c7:bd:e4:2e:ff:fd:13:
92:cd:12:e4:f6:35:d5:c1:48:d4:2f:71:bc:3c:ad:
45:00:a0:70:69:e5:50:f4:12:e4:a0:3a:c9:95:8b:
01:81:b7:be:10:a1:c9:2d:99:28:a9:01:d1:ad:99:
b1:08:a9:4c:f1:2a:32:a6:97:a9:03:b3:83:e9:aa:
6f:93:fa:d0:80:57:2f:06:34:00:a2:5c:21:bf:79:
6a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:57:34:0A:9E:B2:7B:89:D3:9E:E4:9C:F7:94:11:E3:61:9F:29:BC
X509v3 Authority Key Identifier:
keyid:46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/61c0Cp6ye4nTnuSc95QR42GfKbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.0.0/24
89.40.42.0/24
93.113.205.0/24
188.213.35.0/24
188.213.50.0/24
188.213.213.0/24
188.214.150.0/24
Signature Algorithm: sha256WithRSAEncryption
83:04:e6:72:6e:d7:75:92:20:4a:1c:3e:d4:49:95:79:33:d1:
a3:cf:73:12:18:50:28:05:36:f3:d3:b5:b4:3b:69:e0:71:d3:
78:b5:fe:15:68:2e:ac:1d:d9:69:a2:20:d8:e5:75:5f:57:51:
9e:6a:73:8d:6c:a6:89:97:ac:ae:ab:f5:e2:65:0c:12:6e:76:
a3:38:af:7a:f3:90:19:8d:3f:25:d5:7c:94:39:7c:92:1c:e4:
47:12:04:a0:44:6a:ba:a1:b7:db:f8:d5:e7:ee:1a:2e:39:bc:
1d:23:e3:0a:5a:27:1b:29:95:10:ce:7d:81:f5:53:23:b5:fd:
33:66:86:b9:3d:d4:4e:df:44:0e:9b:7d:5e:20:bd:b5:a0:72:
ee:7a:67:39:b8:15:26:32:de:74:04:09:ff:49:b9:b4:30:47:
d6:9a:3b:9a:2b:53:1f:e8:dd:3d:6f:8f:f4:ac:69:8b:72:22:
9a:a7:e9:8f:d3:be:1f:a2:59:b5:52:98:44:6d:70:bc:e1:1d:
c2:af:45:2b:49:73:b6:42:25:74:8d:1b:a0:0f:eb:53:00:f7:
3d:85:ba:f6:0c:63:c0:9e:21:9d:4b:60:3b:fb:82:fd:82:84:
4d:3a:fd:b5:54:1e:29:45:3c:d0:14:f2:36:5a:4b:c9:0e:62:
4c:02:0a:08
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY4S/7NGI5qH0WeN2nBO1cGNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NDk1MmJjMTY1NDQxZWM2ZTJlMjAxMGM5MzNkYzgzMGYz
NjE3MzEwHhcNMjQwMzA2MDkwMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjU3MzQwYTllYjI3Yjg5ZDM5ZWU0OWNmNzk0MTFlMzYxOWYyOWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMf/dnpJkrMItOHwKYQB3jesQrlT
03Z9x/Ih8lg0L17CuBTAL0bf7cwTEi8lWSoiv9EkIWXn34Mx8gv8gMVLetvj+e0k
wVpnVrQHwaYVSX3V5XZ7Q38jUpGrfmTAi1fiwZBz+uf/+YXndTdXfFSP6onJV7Qy
3Iry13npBt2V0plxYrCVKNhKJQ6vZJsW3koRmR7G6RTMgmZhw4RiTcD7fLMxjs6r
jeBOdQK3rce95C7//ROSzRLk9jXVwUjUL3G8PK1FAKBwaeVQ9BLkoDrJlYsBgbe+
EKHJLZkoqQHRrZmxCKlM8SoyppepA7OD6apvk/rQgFcvBjQAolwhv3lqkwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOtXNAqesnuJ057knPeUEeNhnym8MB8GA1UdIwQY
MBaAFEZJUrwWVEHsbi4gEMkz3IMPNhcxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQt
ODQyODU4MTIyYmJjLzEvNjFjMENwNnllNG5UbnVTYzk1UVI0MkdmS2J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQtODQyODU4MTIyYmJj
LzEvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAWSMAAwQA
WSgqAwQAXXHNAwQAvNUjAwQAvNUyAwQAvNXVAwQAvNaWMA0GCSqGSIb3DQEBCwUA
A4IBAQCDBOZybtd1kiBKHD7USZV5M9Gjz3MSGFAoBTbz07W0O2ngcdN4tf4VaC6s
HdlpoiDY5XVfV1GeanONbKaJl6yuq/XiZQwSbnajOK9685AZjT8l1XyUOXySHORH
EgSgRGq6obfb+NXn7houObwdI+MKWicbKZUQzn2B9VMjtf0zZoa5PdRO30QOm31e
IL21oHLuemc5uBUmMt50BAn/Sbm0MEfWmjuaK1Mf6N09b4/0rGmLciKap+mP074f
olm1UphEbXC84R3Cr0UrSXO2QiV0jRugD+tTAPc9hbr2DGPAniGdS2A7+4L9goRN
Ov21VB4pRTzQFPI2WkvJDmJMAgoI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:38 2024 by rpki-client on console-fra.rpki-client.org