Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/5MahmgeaWyQEHu9O_IRWCrFxYV0.roa
File: 5MahmgeaWyQEHu9O_IRWCrFxYV0.roa (raw, json)
Hash identifier: ftqz1OFyGJGN57WPC1VGverAZsp2RhPcp4kMBOIKT48=
Subject key identifier: E4:C6:A1:9A:07:9A:5B:24:04:1E:EF:4E:FC:84:56:0A:B1:71:61:5D
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 018FDE2E003A06CDAA794B0896F4E323AFF3
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/5MahmgeaWyQEHu9O_IRWCrFxYV0.roa
Signing time: Mon 03 Jun 2024 12:58:27 +0000
ROA not before: Mon 03 Jun 2024 12:58:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 89.49.0.0/21 maxlen: 24
89.49.8.0/21 maxlen: 24
89.50.0.0/16 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Jun 2024 07:07:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:de:2e:00:3a:06:cd:aa:79:4b:08:96:f4:e3:23:af:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Jun 3 12:58:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4c6a19a079a5b24041eef4efc84560ab171615d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7c:b2:08:07:3a:59:7a:92:a3:9f:4f:a0:c6:
49:05:e5:b5:13:0f:1c:34:76:4c:3d:29:3e:01:70:
f6:74:81:75:30:8d:09:6f:39:f7:77:f0:37:cd:9b:
5f:39:b2:58:16:65:22:d2:59:58:1b:18:65:05:5b:
86:1d:fd:10:16:01:eb:01:00:3e:98:b9:38:f0:02:
79:55:70:be:4a:bf:a9:3d:10:e2:fa:e9:3a:2a:f0:
7e:f1:88:4c:92:65:71:8c:2c:4a:4b:90:7a:5c:97:
ef:07:26:fa:49:1c:d8:d3:79:01:96:be:f6:c0:d2:
2a:ee:1e:57:be:e9:c6:39:00:5a:da:b2:74:64:2e:
4b:7b:48:1a:ec:6e:51:f1:05:30:be:98:f4:7e:c4:
20:96:d1:26:2d:b4:8e:ff:94:8e:fe:cd:47:78:19:
9a:a2:6a:0c:2b:e3:56:51:0c:0f:41:b3:29:cf:d2:
7d:70:9c:29:3a:a0:ee:5d:0a:97:0b:77:a8:e1:d4:
cf:0e:1c:99:74:e8:e7:26:a2:bd:75:87:96:95:e5:
ee:67:3b:c9:b2:c2:ba:a7:86:3a:af:c4:45:93:e0:
ec:b5:d2:49:45:5f:90:00:94:61:67:a6:16:cc:68:
d2:bb:78:77:b2:92:ed:19:09:6b:37:b2:b4:e4:1a:
f8:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:C6:A1:9A:07:9A:5B:24:04:1E:EF:4E:FC:84:56:0A:B1:71:61:5D
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/5MahmgeaWyQEHu9O_IRWCrFxYV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.49.0.0/20
89.50.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6b:47:40:37:12:ec:24:63:16:c2:52:c2:47:d6:4f:e9:7b:31:
ec:d9:b6:13:ed:af:2d:b1:55:8c:30:f9:3b:ec:e0:de:99:09:
d0:38:64:95:f4:9e:1c:c0:34:6c:39:fb:01:41:ae:27:b8:7d:
59:8a:f8:43:2d:57:99:5e:b3:47:d0:c9:2d:2b:6c:9e:9a:d3:
0f:3e:c0:e9:2d:11:e1:5c:5c:29:35:e3:0d:74:e0:9c:36:45:
fb:ee:21:a1:dd:18:ab:7d:4b:04:7b:99:fb:f5:9d:1b:9c:64:
c9:7f:27:90:e6:99:87:8c:4a:d9:3d:4b:b4:c3:3c:2a:25:86:
59:86:c2:27:ee:79:4b:24:df:09:cd:e7:bc:fe:a1:5c:d0:ae:
f3:00:15:c4:f9:57:22:28:8c:b3:6d:18:f8:80:aa:97:6f:ff:
dc:d8:09:3d:1a:24:c6:f8:18:db:f1:ad:a5:a5:b5:7f:a3:4f:
74:81:75:4e:fe:dd:48:1b:4e:0e:29:cb:62:7d:4a:b3:ef:06:
37:77:7a:19:0b:37:98:0b:5a:2b:0e:1e:2a:1a:1e:7a:52:3e:
55:81:76:e0:f7:4d:68:6e:aa:62:af:0c:f5:d7:0e:68:d3:08:
1d:11:5d:15:25:44:a9:b1:2b:7e:a5:92:ff:38:9a:cb:e9:ef:
76:81:b5:9d
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAY/eLgA6Bs2qeUsIlvTjI6/zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjQwNjAzMTI1ODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGM2YTE5YTA3OWE1YjI0MDQxZWVmNGVmYzg0NTYwYWIxNzE2MTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXyyCAc6WXqSo59PoMZJBeW1Ew8c
NHZMPSk+AXD2dIF1MI0Jbzn3d/A3zZtfObJYFmUi0llYGxhlBVuGHf0QFgHrAQA+
mLk48AJ5VXC+Sr+pPRDi+uk6KvB+8YhMkmVxjCxKS5B6XJfvByb6SRzY03kBlr72
wNIq7h5XvunGOQBa2rJ0ZC5Le0ga7G5R8QUwvpj0fsQgltEmLbSO/5SO/s1HeBma
omoMK+NWUQwPQbMpz9J9cJwpOqDuXQqXC3eo4dTPDhyZdOjnJqK9dYeWleXuZzvJ
ssK6p4Y6r8RFk+DstdJJRV+QAJRhZ6YWzGjSu3h3spLtGQlrN7K05Br4CwIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFOTGoZoHmlskBB7vTvyEVgqxcWFdMB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEvNU1haG1nZWFXeVFFSHU5T19JUldDckZ4WVYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwQEWTEAAwMA
WTIwDQYJKoZIhvcNAQELBQADggEBAGtHQDcS7CRjFsJSwkfWT+l7MezZthPtry2x
VYww+Tvs4N6ZCdA4ZJX0nhzANGw5+wFBrie4fVmK+EMtV5les0fQyS0rbJ6a0w8+
wOktEeFcXCk14w104Jw2RfvuIaHdGKt9SwR7mfv1nRucZMl/J5DmmYeMStk9S7TD
PColhlmGwifueUsk3wnN57z+oVzQrvMAFcT5VyIojLNtGPiAqpdv/9zYCT0aJMb4
GNvxraWltX+jT3SBdU7+3UgbTg4py2J9SrPvBjd3ehkLN5gLWisOHioaHnpSPlWB
duD3TWhuqmKvDPXXDmjTCB0RXRUlRKmxK36lkv84msvp73aBtZ0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:45 2024 by rpki-client on console-fra.rpki-client.org