Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/G3CHlTU1qNWlbHfugv0GLB-G6g4.roa
File: G3CHlTU1qNWlbHfugv0GLB-G6g4.roa (raw, json)
Hash identifier: bhgAV8Ag/EHM8Mbjq+VDkMKZa0byChR4gnxH3B9b6Pc=
Subject key identifier: 1B:70:87:95:35:35:A8:D5:A5:6C:77:EE:82:FD:06:2C:1F:86:EA:0E
Certificate issuer: /CN=464952bc165441ec6e2e2010c933dc830f361731
Certificate serial: 018E83E680118B910F6E0854EE4B735CEA88
Authority key identifier: 46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/G3CHlTU1qNWlbHfugv0GLB-G6g4.roa
Signing time: Thu 28 Mar 2024 07:11:44 +0000
ROA not before: Thu 28 Mar 2024 07:11:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20668
IP address blocks: 89.35.0.0/24 maxlen: 24
89.40.42.0/24 maxlen: 24
93.113.205.0/24 maxlen: 24
188.213.50.0/24 maxlen: 24
188.213.213.0/24 maxlen: 24
188.214.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Apr 2024 16:38:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:83:e6:80:11:8b:91:0f:6e:08:54:ee:4b:73:5c:ea:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=464952bc165441ec6e2e2010c933dc830f361731
Validity
Not Before: Mar 28 07:11:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b7087953535a8d5a56c77ee82fd062c1f86ea0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:fc:55:d4:28:5e:36:fa:ed:f6:4d:e1:94:dd:
64:ee:8f:69:dc:6c:ac:95:99:ae:11:00:5b:6e:2d:
37:3a:fe:33:0a:1d:15:7a:c2:92:42:a4:2d:c4:55:
18:ad:53:f6:de:53:b9:5b:99:dc:b1:14:77:88:70:
9b:12:01:74:6a:8e:f6:2a:a6:20:8a:57:bb:b7:19:
c2:82:15:ed:81:ab:fc:14:b3:e1:87:58:7d:0c:30:
14:ed:2a:49:f7:70:3d:95:d6:1c:d3:bb:43:fd:3e:
f5:bd:bf:c5:16:2b:8f:82:42:12:23:28:ab:f9:b7:
65:f6:ff:ce:db:53:69:58:d1:24:84:77:7c:ba:6b:
b9:a9:4c:b8:33:94:61:44:7c:10:59:f4:79:ec:3b:
ac:4f:ef:3f:83:bb:ee:78:48:5c:58:7d:54:7e:1f:
b1:9c:6c:ad:5c:d4:82:79:dc:d0:42:1e:44:7a:04:
6a:ea:74:00:1a:ad:47:5a:2e:bd:b9:ed:e1:be:15:
cb:74:b5:01:76:6f:69:f6:38:d4:50:6f:81:76:68:
6d:08:db:e5:57:98:49:77:79:99:5e:df:5b:16:68:
1e:20:63:f5:8c:9c:d1:57:3b:db:e1:2c:dd:42:b9:
6e:48:73:39:cc:52:4c:34:34:fd:87:81:85:d5:09:
b7:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:70:87:95:35:35:A8:D5:A5:6C:77:EE:82:FD:06:2C:1F:86:EA:0E
X509v3 Authority Key Identifier:
keyid:46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/G3CHlTU1qNWlbHfugv0GLB-G6g4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.0.0/24
89.40.42.0/24
93.113.205.0/24
188.213.50.0/24
188.213.213.0/24
188.214.150.0/24
Signature Algorithm: sha256WithRSAEncryption
38:25:be:79:f8:ef:3f:00:e5:7d:f3:af:d8:fa:fe:72:49:3c:
0f:b1:4f:39:2f:c1:b5:6c:56:c2:d8:f0:51:77:bd:77:2f:7d:
b7:1c:fb:d9:d8:e2:e0:4c:f0:dc:6d:8a:b8:bf:ee:6d:6e:2b:
d8:63:8f:1d:d8:05:3b:d6:43:f6:6c:2d:c3:17:ac:7e:17:d9:
db:7a:fe:c1:28:e6:80:bf:eb:c7:18:21:8e:6b:31:63:9b:2d:
c1:0c:0d:b7:52:a9:d4:e2:56:ed:ad:2b:98:a1:53:0c:37:48:
03:c5:27:1b:55:98:b8:7c:68:61:e4:25:4c:f2:b6:66:45:c9:
5b:eb:70:4a:98:4f:a0:6f:2c:d8:1e:f9:3c:04:51:34:dd:2f:
30:b1:23:db:0c:bf:d8:eb:57:2f:31:1e:b8:77:88:30:41:9e:
7d:cb:12:14:b9:1f:0e:78:42:61:2d:d0:2b:63:e6:88:a2:90:
a0:f0:4f:49:e2:d2:09:a2:94:2d:35:99:48:14:ec:4b:8d:15:
f7:8b:47:44:fb:e3:04:87:7b:2d:13:12:cb:25:d1:9c:25:e3:
03:6e:d6:2a:5b:f9:82:bf:5e:54:71:3e:82:21:3c:ef:13:e5:
8e:d9:dc:d1:47:d9:87:a5:72:86:8c:b7:7c:1b:04:ff:8c:3d:
1c:a2:59:5e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY6D5oARi5EPbghU7ktzXOqIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NDk1MmJjMTY1NDQxZWM2ZTJlMjAxMGM5MzNkYzgzMGYz
NjE3MzEwHhcNMjQwMzI4MDcxMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjcwODc5NTM1MzVhOGQ1YTU2Yzc3ZWU4MmZkMDYyYzFmODZlYTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPxV1CheNvrt9k3hlN1k7o9p3Gys
lZmuEQBbbi03Ov4zCh0VesKSQqQtxFUYrVP23lO5W5ncsRR3iHCbEgF0ao72KqYg
ile7txnCghXtgav8FLPhh1h9DDAU7SpJ93A9ldYc07tD/T71vb/FFiuPgkISIyir
+bdl9v/O21NpWNEkhHd8umu5qUy4M5RhRHwQWfR57DusT+8/g7vueEhcWH1Ufh+x
nGytXNSCedzQQh5EegRq6nQAGq1HWi69ue3hvhXLdLUBdm9p9jjUUG+BdmhtCNvl
V5hJd3mZXt9bFmgeIGP1jJzRVzvb4SzdQrluSHM5zFJMNDT9h4GF1Qm3ZwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBtwh5U1NajVpWx37oL9BiwfhuoOMB8GA1UdIwQY
MBaAFEZJUrwWVEHsbi4gEMkz3IMPNhcxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQt
ODQyODU4MTIyYmJjLzEvRzNDSGxUVTFxTldsYkhmdWd2MEdMQi1HNmc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQtODQyODU4MTIyYmJj
LzEvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAWSMAAwQA
WSgqAwQAXXHNAwQAvNUyAwQAvNXVAwQAvNaWMA0GCSqGSIb3DQEBCwUAA4IBAQA4
Jb55+O8/AOV986/Y+v5ySTwPsU85L8G1bFbC2PBRd713L323HPvZ2OLgTPDcbYq4
v+5tbivYY48d2AU71kP2bC3DF6x+F9nbev7BKOaAv+vHGCGOazFjmy3BDA23UqnU
4lbtrSuYoVMMN0gDxScbVZi4fGhh5CVM8rZmRclb63BKmE+gbyzYHvk8BFE03S8w
sSPbDL/Y61cvMR64d4gwQZ59yxIUuR8OeEJhLdArY+aIopCg8E9J4tIJopQtNZlI
FOxLjRX3i0dE++MEh3stExLLJdGcJeMDbtYqW/mCv15UcT6CITzvE+WO2dzRR9mH
pXKGjLd8GwT/jD0colle
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:38 2024 by rpki-client on console-fra.rpki-client.org