Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/9ce742-0c5d-4c34-8765-5ed5157ced0a/1/OprXGcHqgdABu2OLPbA-gX1YWko.roa
File: OprXGcHqgdABu2OLPbA-gX1YWko.roa (raw, json)
Hash identifier: C3LHzZDbhrNPU88WIBQ2P1G+4DulrBtWPSXqZ69Dq8o=
Subject key identifier: 3A:9A:D7:19:C1:EA:81:D0:01:BB:63:8B:3D:B0:3E:81:7D:58:5A:4A
Certificate issuer: /CN=89887de01d8b1cbd50b75dbac91339f6617a4d8a
Certificate serial: 018CC2DB47B0B428E0CD2F196B6A440405AA
Authority key identifier: 89:88:7D:E0:1D:8B:1C:BD:50:B7:5D:BA:C9:13:39:F6:61:7A:4D:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iYh94B2LHL1Qt126yRM59mF6TYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/9ce742-0c5d-4c34-8765-5ed5157ced0a/1/OprXGcHqgdABu2OLPbA-gX1YWko.roa
Signing time: Mon 01 Jan 2024 02:29:59 +0000
ROA not before: Mon 01 Jan 2024 02:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47806
IP address blocks: 152.89.145.0/24 maxlen: 24
152.89.144.0/22 maxlen: 22
152.89.144.0/24 maxlen: 24
152.89.144.0/23 maxlen: 23
152.89.147.0/24 maxlen: 24
152.89.146.0/23 maxlen: 23
152.89.146.0/24 maxlen: 24
185.251.210.0/24 maxlen: 24
185.251.210.0/23 maxlen: 23
185.251.209.0/24 maxlen: 24
185.251.208.0/24 maxlen: 24
185.251.208.0/22 maxlen: 22
185.251.208.0/23 maxlen: 23
185.251.211.0/24 maxlen: 24
93.88.31.0/24 maxlen: 24
93.88.30.0/23 maxlen: 23
93.88.30.0/24 maxlen: 24
93.88.28.0/22 maxlen: 22
93.88.29.0/24 maxlen: 24
93.88.28.0/24 maxlen: 24
93.88.28.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 03 Jan 2024 16:12:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:47:b0:b4:28:e0:cd:2f:19:6b:6a:44:04:05:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89887de01d8b1cbd50b75dbac91339f6617a4d8a
Validity
Not Before: Jan 1 02:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a9ad719c1ea81d001bb638b3db03e817d585a4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:be:52:64:05:d8:4b:09:1a:fb:2a:14:9d:58:
79:b9:0e:85:10:0e:60:00:78:f1:f2:41:8b:ff:db:
d8:0c:d6:49:10:d8:2a:c9:35:9c:0f:b3:66:29:e5:
99:36:e4:c3:f0:c1:be:f5:ca:7b:3e:2d:ff:f1:16:
a6:9a:ca:89:eb:63:a5:f2:a3:c1:4b:19:83:75:1a:
b4:08:07:ea:33:3c:92:25:38:c4:3b:1e:a6:f9:c5:
e8:eb:7d:c4:56:e6:0a:4b:2e:56:0b:c7:82:6a:ac:
ac:83:a2:fd:c8:e4:e2:5b:6d:8c:d5:db:4d:fe:ad:
b4:f7:58:56:df:c1:7c:63:d9:cc:dc:76:e8:44:29:
bc:13:1d:6f:f6:6b:25:85:2a:f8:a3:f8:20:29:50:
1a:5f:8b:0b:33:5c:37:90:42:4a:c4:e3:6c:c6:50:
92:2d:4d:b3:ba:05:ef:da:3e:98:f4:01:b5:84:10:
a8:b6:99:e2:bd:fa:1d:49:25:dc:db:f0:64:dd:a2:
56:b3:85:e7:6b:10:0e:1b:ea:0b:59:14:68:04:aa:
8d:46:3b:62:03:74:cb:94:e6:ac:5a:6f:2a:bd:d5:
48:69:95:2f:47:43:2b:56:b5:e0:73:5e:83:09:d0:
b1:5d:ef:90:0a:db:32:eb:d7:2e:d6:25:f2:0e:a5:
f0:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:9A:D7:19:C1:EA:81:D0:01:BB:63:8B:3D:B0:3E:81:7D:58:5A:4A
X509v3 Authority Key Identifier:
keyid:89:88:7D:E0:1D:8B:1C:BD:50:B7:5D:BA:C9:13:39:F6:61:7A:4D:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iYh94B2LHL1Qt126yRM59mF6TYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/9ce742-0c5d-4c34-8765-5ed5157ced0a/1/OprXGcHqgdABu2OLPbA-gX1YWko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/9ce742-0c5d-4c34-8765-5ed5157ced0a/1/iYh94B2LHL1Qt126yRM59mF6TYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.88.28.0/22
152.89.144.0/22
185.251.208.0/22
Signature Algorithm: sha256WithRSAEncryption
98:25:fa:b5:54:77:93:54:27:01:61:a1:45:cd:5c:e2:0c:f3:
b9:c0:61:69:0e:d2:1a:1e:c2:9a:3c:b8:91:f1:ce:76:cd:ba:
98:02:aa:a8:cc:bf:64:30:e4:c2:7d:46:4b:0c:8e:ca:a5:3a:
1b:8e:1d:d9:92:5e:2a:2d:28:f1:a5:78:b0:4b:cd:f3:0d:a4:
89:e6:30:bc:02:0d:29:12:68:2c:f0:86:ee:54:b0:ae:f0:cf:
99:b7:dd:2f:42:22:c8:89:29:c3:31:ef:e0:14:de:aa:fd:4f:
3f:8b:4c:07:8c:ee:3e:f4:7e:46:9d:31:44:61:47:cc:83:19:
c7:af:9d:2e:20:5e:aa:97:e8:b1:44:48:b1:77:22:75:7c:9d:
62:b1:9c:6e:f4:d7:0b:26:0e:11:7e:d9:20:ee:73:ac:1a:f5:
e1:43:3c:f1:4b:89:bc:19:79:98:34:0f:d6:fb:0e:af:f9:72:
62:75:81:f0:15:81:45:16:07:fb:49:b1:28:c1:db:32:4d:d9:
28:07:a8:20:cc:ee:dc:3b:63:3a:e4:c3:c5:7d:c4:0b:5e:63:
6e:10:e2:28:1c:fb:e6:18:c7:70:f5:17:24:47:46:e8:0f:7b:
78:e7:b1:e6:bd:8b:04:00:24:ad:06:44:08:47:3e:45:e4:62:
9c:f9:76:89
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzC20ewtCjgzS8Za2pEBAWqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ODg3ZGUwMWQ4YjFjYmQ1MGI3NWRiYWM5MTMzOWY2NjE3
YTRkOGEwHhcNMjQwMTAxMDIyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTlhZDcxOWMxZWE4MWQwMDFiYjYzOGIzZGIwM2U4MTdkNTg1YTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz75SZAXYSwka+yoUnVh5uQ6FEA5g
AHjx8kGL/9vYDNZJENgqyTWcD7NmKeWZNuTD8MG+9cp7Pi3/8RammsqJ62Ol8qPB
SxmDdRq0CAfqMzySJTjEOx6m+cXo633EVuYKSy5WC8eCaqysg6L9yOTiW22M1dtN
/q2091hW38F8Y9nM3HboRCm8Ex1v9mslhSr4o/ggKVAaX4sLM1w3kEJKxONsxlCS
LU2zugXv2j6Y9AG1hBCotpnivfodSSXc2/Bk3aJWs4XnaxAOG+oLWRRoBKqNRjti
A3TLlOasWm8qvdVIaZUvR0MrVrXgc16DCdCxXe+QCtsy69cu1iXyDqXwxQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDqa1xnB6oHQAbtjiz2wPoF9WFpKMB8GA1UdIwQY
MBaAFImIfeAdixy9ULdduskTOfZhek2KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVloOTRCMkxITDFRdDEyNnlSTTU5bUY2VFlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS85Y2U3NDItMGM1ZC00YzM0LTg3NjUt
NWVkNTE1N2NlZDBhLzEvT3ByWEdjSHFnZEFCdTJPTFBiQS1nWDFZV2tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS85Y2U3NDItMGM1ZC00YzM0LTg3NjUtNWVkNTE1N2NlZDBh
LzEvaVloOTRCMkxITDFRdDEyNnlSTTU5bUY2VFlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCXVgcAwQC
mFmQAwQCufvQMA0GCSqGSIb3DQEBCwUAA4IBAQCYJfq1VHeTVCcBYaFFzVziDPO5
wGFpDtIaHsKaPLiR8c52zbqYAqqozL9kMOTCfUZLDI7KpTobjh3Zkl4qLSjxpXiw
S83zDaSJ5jC8Ag0pEmgs8IbuVLCu8M+Zt90vQiLIiSnDMe/gFN6q/U8/i0wHjO4+
9H5GnTFEYUfMgxnHr50uIF6ql+ixREixdyJ1fJ1isZxu9NcLJg4Rftkg7nOsGvXh
QzzxS4m8GXmYNA/W+w6v+XJidYHwFYFFFgf7SbEowdsyTdkoB6ggzO7cO2M65MPF
fcQLXmNuEOIoHPvmGMdw9RckR0boD3t457HmvYsEACStBkQIRz5F5GKc+XaJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:36 2024 by rpki-client on console-fra.rpki-client.org