Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/q4ItzuZluoiX3aOLA2zB7nuEnfA.roa
File: q4ItzuZluoiX3aOLA2zB7nuEnfA.roa (raw, json)
Hash identifier: 6NWPS0tjfMfWkkCkzhs80aH3QcqJZZPp9ZsM5gWSaCg=
Subject key identifier: AB:82:2D:CE:E6:65:BA:88:97:DD:A3:8B:03:6C:C1:EE:7B:84:9D:F0
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 018FDE43F94375BC844AA587E67DA3847ED4
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/q4ItzuZluoiX3aOLA2zB7nuEnfA.roa
Signing time: Mon 03 Jun 2024 13:22:27 +0000
ROA not before: Mon 03 Jun 2024 13:22:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 89.49.0.0/21 maxlen: 24
89.49.8.0/21 maxlen: 24
89.50.0.0/16 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Jun 2024 07:07:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:de:43:f9:43:75:bc:84:4a:a5:87:e6:7d:a3:84:7e:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Jun 3 13:22:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab822dcee665ba8897dda38b036cc1ee7b849df0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:0e:e0:12:03:0a:4c:35:63:e8:08:49:fc:bc:
c7:36:67:00:83:89:e3:d1:70:75:83:e1:92:07:3a:
a7:b4:e0:7c:c3:eb:46:ad:14:ff:cc:e0:94:42:48:
98:91:30:03:7d:37:6c:8c:ee:e5:7d:46:fa:82:9c:
4b:bb:d4:2d:14:54:58:ab:1e:54:b9:99:75:43:ff:
00:db:5b:e5:a8:1f:55:1f:49:59:a7:77:d1:2a:4f:
b8:44:5c:2d:70:5c:a5:91:90:68:c2:b4:18:d5:c2:
c0:36:8f:bb:a2:08:7c:f8:65:99:29:9b:dd:4e:e8:
c0:94:61:d8:16:95:98:5b:29:f8:ba:05:b2:09:8e:
89:72:ae:31:c8:68:c8:96:08:6c:84:2f:8b:b0:6f:
58:16:cd:0e:d0:cd:c0:28:67:bd:a9:30:9f:05:8a:
9a:73:ba:89:22:f9:e3:2c:e8:54:58:9a:fb:17:7a:
42:10:d3:dc:55:1a:7c:ce:e3:52:08:c8:47:81:4c:
4f:80:56:4b:58:69:33:94:25:ab:33:bf:07:95:dd:
83:e7:8c:fb:32:24:ef:18:67:82:dc:dc:b2:61:6b:
f0:22:61:f8:f8:cf:83:25:d8:3a:62:0c:59:b9:99:
ed:4b:3b:0c:f2:21:e8:20:c6:a0:6e:9d:56:8a:d8:
e8:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:82:2D:CE:E6:65:BA:88:97:DD:A3:8B:03:6C:C1:EE:7B:84:9D:F0
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/q4ItzuZluoiX3aOLA2zB7nuEnfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.49.0.0/20
89.50.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0c:04:29:d8:ee:5b:e2:53:1b:b8:8e:c4:71:28:d9:d4:b4:14:
5c:6b:21:80:99:d1:25:6d:1f:39:a9:c4:d8:94:56:27:4c:e6:
af:68:4c:a3:68:1d:15:0a:34:27:41:83:8d:fb:4a:37:51:88:
ae:b8:b1:c7:d6:2e:9e:1b:76:ce:b9:95:5b:d4:9b:38:30:52:
91:93:d6:26:2f:ab:4d:d4:2f:4c:bf:0c:85:24:dd:8a:52:7b:
49:03:90:bc:eb:2a:f0:af:42:bd:d1:42:09:b4:fa:09:60:d1:
c4:97:87:9a:92:48:1e:3b:f6:9a:1e:46:05:57:36:d9:53:0b:
2c:70:8e:fe:44:f2:9c:41:f3:2f:ee:88:37:90:b8:52:7b:4c:
00:8c:f9:66:05:60:bf:b9:b2:a3:46:ef:80:55:0d:07:05:ae:
dd:1f:72:90:02:28:bf:13:30:dc:8c:f8:86:ee:17:c5:96:5a:
19:71:2b:47:fe:d6:cb:93:3e:6e:89:d4:a6:cf:ed:29:47:58:
50:bd:c9:48:2f:3b:a6:28:30:b1:3b:50:43:1c:b6:bf:66:ba:
5a:ea:56:d8:44:24:3f:34:43:19:0b:35:91:ad:9a:02:8d:62:
5e:3f:85:dd:3c:7f:c5:3c:58:d7:a2:68:e1:e2:6e:5b:97:16:
7d:b1:37:32
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAY/eQ/lDdbyESqWH5n2jhH7UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjQwNjAzMTMyMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjgyMmRjZWU2NjViYTg4OTdkZGEzOGIwMzZjYzFlZTdiODQ5ZGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAng7gEgMKTDVj6AhJ/LzHNmcAg4nj
0XB1g+GSBzqntOB8w+tGrRT/zOCUQkiYkTADfTdsjO7lfUb6gpxLu9QtFFRYqx5U
uZl1Q/8A21vlqB9VH0lZp3fRKk+4RFwtcFylkZBowrQY1cLANo+7ogh8+GWZKZvd
TujAlGHYFpWYWyn4ugWyCY6Jcq4xyGjIlghshC+LsG9YFs0O0M3AKGe9qTCfBYqa
c7qJIvnjLOhUWJr7F3pCENPcVRp8zuNSCMhHgUxPgFZLWGkzlCWrM78Hld2D54z7
MiTvGGeC3NyyYWvwImH4+M+DJdg6YgxZuZntSzsM8iHoIMagbp1WitjonwIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFKuCLc7mZbqIl92jiwNswe57hJ3wMB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEvcTRJdHp1Wmx1b2lYM2FPTEEyekI3bnVFbmZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwQEWTEAAwMA
WTIwDQYJKoZIhvcNAQELBQADggEBAAwEKdjuW+JTG7iOxHEo2dS0FFxrIYCZ0SVt
HzmpxNiUVidM5q9oTKNoHRUKNCdBg437SjdRiK64scfWLp4bds65lVvUmzgwUpGT
1iYvq03UL0y/DIUk3YpSe0kDkLzrKvCvQr3RQgm0+glg0cSXh5qSSB479poeRgVX
NtlTCyxwjv5E8pxB8y/uiDeQuFJ7TACM+WYFYL+5sqNG74BVDQcFrt0fcpACKL8T
MNyM+IbuF8WWWhlxK0f+1suTPm6J1KbP7SlHWFC9yUgvO6YoMLE7UEMctr9mulrq
VthEJD80QxkLNZGtmgKNYl4/hd08f8U8WNeiaOHibluXFn2xNzI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:53 2024 by rpki-client on console-ams.rpki-client.org