Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/11592e-3296-48c6-a4d4-8708f697e669/1/iehNwNmvDQ9Zhx09008WGI8i5SE.roa
File: iehNwNmvDQ9Zhx09008WGI8i5SE.roa (raw, json)
Hash identifier: t+1ci00Lz1l17IluEdW18lqILcmpoYxQgYl4eiQkehs=
Subject key identifier: 89:E8:4D:C0:D9:AF:0D:0F:59:87:1D:3D:D3:4F:16:18:8F:22:E5:21
Certificate issuer: /CN=9748fcd3ceecdb8e04a524af9674cb58803ff668
Certificate serial: 018E9E4FABF9C0AAA55C86664C58FA8C061A
Authority key identifier: 97:48:FC:D3:CE:EC:DB:8E:04:A5:24:AF:96:74:CB:58:80:3F:F6:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l0j8087s244EpSSvlnTLWIA_9mg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/11592e-3296-48c6-a4d4-8708f697e669/1/iehNwNmvDQ9Zhx09008WGI8i5SE.roa
Signing time: Tue 02 Apr 2024 10:16:45 +0000
ROA not before: Tue 02 Apr 2024 10:16:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202499
IP address blocks: 193.142.188.0/22 maxlen: 24
195.216.208.0/23 maxlen: 24
2a0c:9b40::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 05 Apr 2024 09:54:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9e:4f:ab:f9:c0:aa:a5:5c:86:66:4c:58:fa:8c:06:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9748fcd3ceecdb8e04a524af9674cb58803ff668
Validity
Not Before: Apr 2 10:16:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89e84dc0d9af0d0f59871d3dd34f16188f22e521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:05:f7:e4:9c:6e:fa:95:47:2e:ec:fd:49:ff:
92:4f:ed:c1:f5:42:f9:c9:7c:e9:d9:62:16:85:d7:
c1:9b:05:66:e6:02:4a:b1:7f:62:8f:f9:07:39:4f:
2d:53:16:7a:00:ad:4d:0a:90:3c:9f:c1:fc:f6:8e:
d6:c2:4b:ae:82:4e:4b:1a:f5:fe:3b:e3:d1:76:6e:
3e:ae:5e:ea:ed:ac:7a:65:d7:45:e7:18:7b:5a:41:
c1:ef:02:75:8f:90:5c:26:48:8e:5a:7a:71:42:f2:
d0:74:dd:61:49:81:03:90:03:65:f5:e0:23:13:7a:
7f:8b:e3:77:e7:3f:0c:d2:d8:ad:f1:b9:77:8f:50:
4c:91:c0:67:2d:41:e4:18:16:32:d5:9f:8f:32:43:
87:8a:9f:be:18:dd:2b:58:59:6b:7d:49:96:04:8f:
8c:a2:17:c6:7a:22:5c:86:8b:5b:c7:74:0e:77:0b:
39:56:03:10:57:6e:32:a5:1b:33:d5:9a:23:04:cb:
bb:40:66:17:ec:fe:15:10:0b:e9:c8:46:1a:75:f5:
f2:46:5b:34:52:94:df:b9:48:34:fa:67:3b:aa:27:
5c:f2:25:4c:56:15:e8:a4:d8:9e:24:9a:d8:6b:14:
42:4d:8f:a2:e4:f9:ff:52:f2:5e:2d:6f:a7:3b:8c:
d8:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:E8:4D:C0:D9:AF:0D:0F:59:87:1D:3D:D3:4F:16:18:8F:22:E5:21
X509v3 Authority Key Identifier:
keyid:97:48:FC:D3:CE:EC:DB:8E:04:A5:24:AF:96:74:CB:58:80:3F:F6:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l0j8087s244EpSSvlnTLWIA_9mg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/11592e-3296-48c6-a4d4-8708f697e669/1/iehNwNmvDQ9Zhx09008WGI8i5SE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/11592e-3296-48c6-a4d4-8708f697e669/1/l0j8087s244EpSSvlnTLWIA_9mg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.142.188.0/22
195.216.208.0/23
IPv6:
2a0c:9b40::/29
Signature Algorithm: sha256WithRSAEncryption
3e:d7:66:43:08:d2:33:1e:9e:3b:33:3b:f1:71:f7:73:d9:23:
f4:18:23:e7:2c:a2:7a:2b:5e:35:99:73:fe:49:10:63:61:d6:
31:1b:50:44:81:b3:70:16:04:07:f7:86:68:d1:a2:f8:97:47:
62:ba:57:ab:85:ae:e6:68:24:96:d3:69:94:b6:12:a1:68:b4:
2d:df:76:24:fb:f5:1e:f3:ce:ba:db:df:33:a6:d1:37:51:ff:
70:3a:e3:9f:ca:0f:47:29:80:ed:fe:f9:4c:29:a1:c7:80:65:
0f:e1:72:db:6e:53:37:ad:59:54:11:22:5a:06:af:13:e3:b2:
fc:ee:2a:3e:55:15:c1:de:35:3d:c8:de:57:9b:4c:30:34:1a:
a3:d2:01:21:8a:c5:86:0c:cd:fc:5c:a2:64:3e:6c:06:40:1c:
cf:0a:42:cc:a4:c3:71:9e:02:71:57:52:49:f7:87:1f:01:ac:
38:27:5c:a3:c2:37:d5:47:39:88:e8:2f:28:d9:2c:41:29:f0:
07:d7:e5:c7:b8:8f:dc:b9:a7:c4:c1:cb:7d:39:d0:9c:44:48:
c9:6d:96:c2:17:92:b3:55:99:7a:99:13:26:58:59:60:d2:c1:
32:f0:6a:91:80:a1:01:a4:2d:a8:af:46:64:f8:7d:55:fc:85:
90:7b:89:e5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY6eT6v5wKqlXIZmTFj6jAYaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NDhmY2QzY2VlY2RiOGUwNGE1MjRhZjk2NzRjYjU4ODAz
ZmY2NjgwHhcNMjQwNDAyMTAxNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWU4NGRjMGQ5YWYwZDBmNTk4NzFkM2RkMzRmMTYxODhmMjJlNTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgX35Jxu+pVHLuz9Sf+ST+3B9UL5
yXzp2WIWhdfBmwVm5gJKsX9ij/kHOU8tUxZ6AK1NCpA8n8H89o7Wwkuugk5LGvX+
O+PRdm4+rl7q7ax6ZddF5xh7WkHB7wJ1j5BcJkiOWnpxQvLQdN1hSYEDkANl9eAj
E3p/i+N35z8M0tit8bl3j1BMkcBnLUHkGBYy1Z+PMkOHip++GN0rWFlrfUmWBI+M
ohfGeiJchotbx3QOdws5VgMQV24ypRsz1ZojBMu7QGYX7P4VEAvpyEYadfXyRls0
UpTfuUg0+mc7qidc8iVMVhXopNieJJrYaxRCTY+i5Pn/UvJeLW+nO4zYuQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFInoTcDZrw0PWYcdPdNPFhiPIuUhMB8GA1UdIwQY
MBaAFJdI/NPO7NuOBKUkr5Z0y1iAP/ZoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDBqODA4N3MyNDRFcFNTdmxuVExXSUFfOW1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8xMTU5MmUtMzI5Ni00OGM2LWE0ZDQt
ODcwOGY2OTdlNjY5LzEvaWVoTndObXZEUTlaaHgwOTAwOFdHSThpNVNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8xMTU5MmUtMzI5Ni00OGM2LWE0ZDQtODcwOGY2OTdlNjY5
LzEvbDBqODA4N3MyNDRFcFNTdmxuVExXSUFfOW1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCwY68AwQB
w9jQMA0EAgACMAcDBQMqDJtAMA0GCSqGSIb3DQEBCwUAA4IBAQA+12ZDCNIzHp47
Mzvxcfdz2SP0GCPnLKJ6K141mXP+SRBjYdYxG1BEgbNwFgQH94Zo0aL4l0diuler
ha7maCSW02mUthKhaLQt33Yk+/Ue8866298zptE3Uf9wOuOfyg9HKYDt/vlMKaHH
gGUP4XLbblM3rVlUESJaBq8T47L87io+VRXB3jU9yN5Xm0wwNBqj0gEhisWGDM38
XKJkPmwGQBzPCkLMpMNxngJxV1JJ94cfAaw4J1yjwjfVRzmI6C8o2SxBKfAH1+XH
uI/cuafEwct9OdCcREjJbZbCF5KzVZl6mRMmWFlg0sEy8GqRgKEBpC2or0Zk+H1V
/IWQe4nl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:34 2024 by rpki-client on console-ams.rpki-client.org