Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/j7MbtDb0ydRMtbjscsKfjltxoc0.roa
File: j7MbtDb0ydRMtbjscsKfjltxoc0.roa (raw, json)
Hash identifier: T5oWberkmm3Px11qaRxKGjbkzBo5Q4qyDgTHWxvei+o=
Subject key identifier: 8F:B3:1B:B4:36:F4:C9:D4:4C:B5:B8:EC:72:C2:9F:8E:5B:71:A1:CD
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 0191123982EF8C55396BC211556405843A33
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/j7MbtDb0ydRMtbjscsKfjltxoc0.roa
Signing time: Fri 02 Aug 2024 08:34:04 +0000
ROA not before: Fri 02 Aug 2024 08:34:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57353
IP address blocks: 89.48.0.0/16 maxlen: 16
89.58.192.0/18 maxlen: 18
Validation: Failed, certificate revoked on Mon 19 Aug 2024 11:47:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:12:39:82:ef:8c:55:39:6b:c2:11:55:64:05:84:3a:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Aug 2 08:34:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8fb31bb436f4c9d44cb5b8ec72c29f8e5b71a1cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:18:e8:15:7c:34:0f:65:81:fa:cf:00:57:9b:
90:9f:04:86:3b:81:3d:8d:c2:3f:b9:e1:9c:37:4e:
5e:f4:84:b4:c8:34:30:70:e3:2a:3f:e4:64:3b:ed:
77:12:b8:fa:8a:6f:26:68:c6:51:24:5c:67:f1:64:
7e:c3:41:4c:f6:8a:7e:d6:83:f8:5d:64:b9:13:79:
41:38:11:98:bd:3b:56:44:19:b7:cf:aa:61:94:49:
1f:98:69:2f:55:3e:7a:59:d2:27:96:86:62:ad:c5:
f6:6e:c0:d8:bf:13:d3:4e:26:0e:b5:f5:89:23:cd:
e6:3f:57:b2:27:97:b4:7d:a3:74:73:7e:86:69:8f:
1f:3b:b6:84:f4:94:e3:9a:46:a1:8a:96:e6:95:52:
9d:f7:02:c7:7f:95:dc:14:86:5e:0d:20:02:24:a0:
de:38:b8:0a:e7:6e:e2:cf:6d:fa:e4:19:27:99:c5:
20:db:35:29:90:94:d4:07:99:74:9b:14:72:15:d2:
2f:ae:89:7c:e1:bc:27:8a:46:b8:d3:51:06:b7:a5:
20:71:2d:ef:b6:a3:8c:3d:cd:0b:56:04:6d:4b:ca:
c3:b5:f3:a9:39:94:06:3b:a5:6c:6b:9d:da:e5:8b:
69:e8:d1:d0:6b:9d:09:37:c3:46:c5:57:75:69:49:
62:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:B3:1B:B4:36:F4:C9:D4:4C:B5:B8:EC:72:C2:9F:8E:5B:71:A1:CD
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/j7MbtDb0ydRMtbjscsKfjltxoc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.48.0.0/16
89.58.192.0/18
Signature Algorithm: sha256WithRSAEncryption
31:b2:6c:c0:22:ae:c6:e1:e6:44:39:7f:fe:d1:31:10:91:ce:
fe:84:24:9d:a2:01:8a:66:84:f3:08:0b:69:5e:73:ca:27:b5:
81:08:1a:c8:26:ce:f6:17:e2:5a:78:40:2e:9a:f0:ac:6d:57:
3d:45:e7:c0:df:6d:7e:53:27:7e:93:c6:57:65:ec:66:7e:29:
b8:13:6b:65:bc:77:eb:a8:d6:0c:e9:f2:db:22:fe:5b:c1:cf:
ab:b0:63:1f:1c:05:bd:0a:c5:d2:dd:b8:a6:0c:43:d4:e5:90:
5e:98:07:1e:c9:80:aa:57:48:84:5d:94:f6:f2:85:96:4e:ce:
8e:ff:57:8f:e8:a9:77:44:21:d7:c5:e4:ac:f6:1a:f7:79:53:
d4:30:93:70:bf:77:cb:7f:57:b2:15:30:0c:b5:91:20:a5:71:
30:66:ad:d7:31:80:95:79:31:8b:d6:54:7a:1a:2c:8a:b5:f5:
89:4d:a7:8e:46:9a:1a:d6:44:a6:40:d7:ed:82:3d:6e:37:5e:
55:fb:c4:2e:cd:93:10:21:09:1b:0a:80:6e:42:5d:91:dd:8a:
7c:c7:fe:05:e3:f9:b6:21:e7:11:f0:bf:78:da:9f:bb:49:1d:
06:e6:29:79:c6:0c:9b:20:9e:55:b2:c3:ea:a5:b0:fa:53:ca:
27:f6:ce:e7
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAZESOYLvjFU5a8IRVWQFhDozMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjQwODAyMDgzNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmIzMWJiNDM2ZjRjOWQ0NGNiNWI4ZWM3MmMyOWY4ZTViNzFhMWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhjoFXw0D2WB+s8AV5uQnwSGO4E9
jcI/ueGcN05e9IS0yDQwcOMqP+RkO+13Erj6im8maMZRJFxn8WR+w0FM9op+1oP4
XWS5E3lBOBGYvTtWRBm3z6phlEkfmGkvVT56WdInloZircX2bsDYvxPTTiYOtfWJ
I83mP1eyJ5e0faN0c36GaY8fO7aE9JTjmkahipbmlVKd9wLHf5XcFIZeDSACJKDe
OLgK527iz2365BknmcUg2zUpkJTUB5l0mxRyFdIvrol84bwnika401EGt6UgcS3v
tqOMPc0LVgRtS8rDtfOpOZQGO6Vsa53a5Ytp6NHQa50JN8NGxVd1aUliZwIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFI+zG7Q29MnUTLW47HLCn45bcaHNMB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEvajdNYnREYjB5ZFJNdGJqc2NzS2ZqbHR4b2MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMAWTADBAZZ
OsAwDQYJKoZIhvcNAQELBQADggEBADGybMAirsbh5kQ5f/7RMRCRzv6EJJ2iAYpm
hPMIC2lec8ontYEIGsgmzvYX4lp4QC6a8KxtVz1F58DfbX5TJ36Txldl7GZ+KbgT
a2W8d+uo1gzp8tsi/lvBz6uwYx8cBb0KxdLduKYMQ9TlkF6YBx7JgKpXSIRdlPby
hZZOzo7/V4/oqXdEIdfF5Kz2Gvd5U9Qwk3C/d8t/V7IVMAy1kSClcTBmrdcxgJV5
MYvWVHoaLIq19YlNp45GmhrWRKZA1+2CPW43XlX7xC7NkxAhCRsKgG5CXZHdinzH
/gXj+bYh5xHwv3jan7tJHQbmKXnGDJsgnlWyw+qlsPpTyif2zuc=
-----END CERTIFICATE-----
Generated at Mon Aug 19 17:20:31 2024 by rpki-client on console-fra.rpki-client.org