Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/5He6iVirDZbYEgC78q8VckVjQO4.roa
File: 5He6iVirDZbYEgC78q8VckVjQO4.roa (raw, json)
Hash identifier: DvAzEKxNWmmY/qHW5PbZMkHI96ojG3l6vGZLSCUxKhs=
Subject key identifier: E4:77:BA:89:58:AB:0D:96:D8:12:00:BB:F2:AF:15:72:45:63:40:EE
Certificate issuer: /CN=4d70af1a99886c9101d135f54bd2bdef358b266e
Certificate serial: 0185720C8AF59A83F691C5C053C741792417
Authority key identifier: 4D:70:AF:1A:99:88:6C:91:01:D1:35:F5:4B:D2:BD:EF:35:8B:26:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TXCvGpmIbJEB0TX1S9K97zWLJm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/5He6iVirDZbYEgC78q8VckVjQO4.roa
Signing time: Mon 02 Jan 2023 10:35:02 +0000
ROA not before: Mon 02 Jan 2023 10:35:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39345
IP address blocks: 89.39.14.0/24 maxlen: 32
89.39.15.0/24 maxlen: 32
89.39.12.0/24 maxlen: 32
89.39.13.0/24 maxlen: 32
86.107.246.0/24 maxlen: 32
86.107.247.0/24 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:8a:f5:9a:83:f6:91:c5:c0:53:c7:41:79:24:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d70af1a99886c9101d135f54bd2bdef358b266e
Validity
Not Before: Jan 2 10:35:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e477ba8958ab0d96d81200bbf2af1572456340ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:97:bb:7b:ea:26:7c:43:f2:31:2f:f7:29:d7:
bc:d1:d4:9a:a8:03:91:68:df:2a:42:6b:84:93:46:
1d:ed:c0:c7:58:87:00:60:cc:1c:d8:6f:c6:6c:49:
b9:f0:df:09:77:2b:fa:c7:18:d8:52:82:86:56:c9:
91:83:22:2c:18:bd:34:ce:5b:21:4c:20:d0:dc:aa:
bd:29:ea:73:38:a3:c9:44:fd:77:b8:71:85:d4:91:
d2:7b:43:26:83:79:9d:b0:d7:fa:78:96:c0:7f:58:
75:a6:8f:4b:d1:f2:93:84:d4:a2:0c:57:1c:c2:cc:
f3:bf:ac:88:62:e0:4a:e5:e7:c8:23:82:84:89:7c:
08:3c:08:1a:64:f9:ff:75:c0:bc:3a:2c:bb:4d:ac:
d1:34:c4:97:c4:75:f3:e1:a6:c5:68:d0:75:2e:76:
67:44:d6:e3:7b:60:a3:cd:35:e5:c4:c3:90:7c:39:
0d:49:40:5c:5c:fa:8e:8d:d6:a5:03:96:61:94:a3:
7e:93:00:89:85:18:91:c7:32:96:5e:ac:f5:b8:58:
14:f6:43:59:a2:5c:18:62:0e:1d:31:ad:dd:c2:b5:
dd:0b:af:05:4f:2a:ee:98:31:e9:e4:22:e0:4c:28:
18:c4:a0:5e:01:0a:b1:7d:1e:26:ac:2b:c8:26:d1:
08:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:77:BA:89:58:AB:0D:96:D8:12:00:BB:F2:AF:15:72:45:63:40:EE
X509v3 Authority Key Identifier:
keyid:4D:70:AF:1A:99:88:6C:91:01:D1:35:F5:4B:D2:BD:EF:35:8B:26:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TXCvGpmIbJEB0TX1S9K97zWLJm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/5He6iVirDZbYEgC78q8VckVjQO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/TXCvGpmIbJEB0TX1S9K97zWLJm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.246.0/23
89.39.12.0/22
Signature Algorithm: sha256WithRSAEncryption
63:ee:34:98:08:42:49:05:ed:69:28:79:56:34:1c:36:88:64:
43:a4:35:23:71:77:5d:fa:65:51:48:af:35:f7:32:23:60:da:
9d:f1:1a:ff:39:96:16:bd:47:5e:1f:b0:f3:33:9a:63:0f:74:
2b:c5:4d:55:d9:39:a2:59:38:5e:2d:c1:f6:de:e7:87:61:3e:
5b:e5:6f:3a:77:84:66:82:cd:81:d3:12:b3:44:df:66:57:d4:
f1:f7:76:b3:19:de:d5:cd:c8:10:ce:13:5c:8b:21:b7:0c:34:
91:b1:a0:52:f2:c7:4a:30:68:1f:4b:00:8d:97:90:ec:b8:70:
cf:de:ea:f9:6f:79:c2:16:18:63:a3:71:e7:98:f0:b0:27:5b:
bf:74:07:59:27:83:a5:b1:42:4d:3c:1e:7c:0f:7f:8c:be:2f:
20:6d:6d:56:34:66:3a:d0:0f:33:86:ae:d9:1d:8c:7d:b0:5a:
3d:2a:3b:57:16:87:d0:98:fd:54:35:cc:90:39:a5:d6:0b:8b:
fa:6c:ea:3b:9d:4e:2b:9f:34:1a:2d:aa:97:42:4d:0b:5e:26:
e2:ee:83:53:25:1d:45:38:af:b5:5f:d2:6a:66:df:29:2b:b9:
b2:8c:e2:77:b3:26:ea:0c:16:10:8e:ff:e5:7f:36:39:05:9d:
1f:ef:dc:88
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyDIr1moP2kcXAU8dBeSQXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNzBhZjFhOTk4ODZjOTEwMWQxMzVmNTRiZDJiZGVmMzU4
YjI2NmUwHhcNMjMwMTAyMTAzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDc3YmE4OTU4YWIwZDk2ZDgxMjAwYmJmMmFmMTU3MjQ1NjM0MGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJe7e+omfEPyMS/3Kde80dSaqAOR
aN8qQmuEk0Yd7cDHWIcAYMwc2G/GbEm58N8Jdyv6xxjYUoKGVsmRgyIsGL00zlsh
TCDQ3Kq9KepzOKPJRP13uHGF1JHSe0Mmg3mdsNf6eJbAf1h1po9L0fKThNSiDFcc
wszzv6yIYuBK5efII4KEiXwIPAgaZPn/dcC8Oiy7TazRNMSXxHXz4abFaNB1LnZn
RNbje2CjzTXlxMOQfDkNSUBcXPqOjdalA5ZhlKN+kwCJhRiRxzKWXqz1uFgU9kNZ
olwYYg4dMa3dwrXdC68FTyrumDHp5CLgTCgYxKBeAQqxfR4mrCvIJtEI9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOR3uolYqw2W2BIAu/KvFXJFY0DuMB8GA1UdIwQY
MBaAFE1wrxqZiGyRAdE19UvSve81iyZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFhDdkdwbUliSkVCMFRYMVM5Szk3eldMSm00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hOThmYzctNzkzNS00ZWFlLTk2MmEt
NDYxYWIwZWNlZTAxLzEvNUhlNmlWaXJEWmJZRWdDNzhxOFZja1ZqUU80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hOThmYzctNzkzNS00ZWFlLTk2MmEtNDYxYWIwZWNlZTAx
LzEvVFhDdkdwbUliSkVCMFRYMVM5Szk3eldMSm00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVmv2AwQC
WScMMA0GCSqGSIb3DQEBCwUAA4IBAQBj7jSYCEJJBe1pKHlWNBw2iGRDpDUjcXdd
+mVRSK819zIjYNqd8Rr/OZYWvUdeH7DzM5pjD3QrxU1V2TmiWTheLcH23ueHYT5b
5W86d4Rmgs2B0xKzRN9mV9Tx93azGd7VzcgQzhNciyG3DDSRsaBS8sdKMGgfSwCN
l5DsuHDP3ur5b3nCFhhjo3HnmPCwJ1u/dAdZJ4OlsUJNPB58D3+Mvi8gbW1WNGY6
0A8zhq7ZHYx9sFo9KjtXFofQmP1UNcyQOaXWC4v6bOo7nU4rnzQaLaqXQk0LXibi
7oNTJR1FOK+1X9JqZt8pK7myjOJ3sybqDBYQjv/lfzY5BZ0f79yI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:10 2024 by rpki-client on console-ams.rpki-client.org