Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/89abb8-636d-4084-81a0-c63adb6ee5d9/1/789Apmbw5ks4Pfphn0ScmGzGfmI.roa
File: 789Apmbw5ks4Pfphn0ScmGzGfmI.roa (raw, json)
Hash identifier: AplKBLDTQsGWdJt2vvt/yyduPrz4tY5EGlu5cygy7L8=
Subject key identifier: EF:CF:40:A6:66:F0:E6:4B:38:3D:FA:61:9F:44:9C:98:6C:C6:7E:62
Certificate issuer: /CN=9bea3a3a4a3606c7396f15f501ac5c641785750c
Certificate serial: 019122DF4A96434761C9EA9297B5991DD0EF
Authority key identifier: 9B:EA:3A:3A:4A:36:06:C7:39:6F:15:F5:01:AC:5C:64:17:85:75:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m-o6Oko2Bsc5bxX1AaxcZBeFdQw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/89abb8-636d-4084-81a0-c63adb6ee5d9/1/789Apmbw5ks4Pfphn0ScmGzGfmI.roa
Signing time: Mon 05 Aug 2024 14:09:04 +0000
ROA not before: Mon 05 Aug 2024 14:09:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197524
IP address blocks: 5.22.240.0/21 maxlen: 21
88.133.0.0/17 maxlen: 17
88.133.0.0/19 maxlen: 19
88.133.64.0/19 maxlen: 19
88.133.128.0/20 maxlen: 21
88.133.156.0/22 maxlen: 24
109.199.160.0/19 maxlen: 19
185.9.64.0/22 maxlen: 22
2a01:a980::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 06 Aug 2024 11:04:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:22:df:4a:96:43:47:61:c9:ea:92:97:b5:99:1d:d0:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bea3a3a4a3606c7396f15f501ac5c641785750c
Validity
Not Before: Aug 5 14:09:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=efcf40a666f0e64b383dfa619f449c986cc67e62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:24:ca:c9:b1:ba:d5:37:92:c9:1b:21:13:c0:
93:d8:3f:64:ae:24:0e:85:40:69:4d:ad:05:60:8b:
31:91:68:fc:7c:45:85:58:7c:da:d1:fa:fc:3a:c3:
b5:da:f3:f5:cb:78:ff:20:5e:ce:38:42:e0:b4:d1:
a3:90:79:e9:e5:e9:7d:a1:60:48:69:3b:cf:93:85:
8d:95:9c:c6:ef:1c:ab:eb:87:0d:4a:1d:89:51:54:
6c:06:4a:d8:7f:06:3f:be:44:7a:73:4f:71:ef:f6:
05:c5:6a:80:7f:cb:9d:a7:11:71:90:89:be:59:ea:
fe:96:98:6e:2c:8f:78:e6:0a:96:ae:50:60:95:e5:
fa:14:70:2d:28:05:2a:a8:d6:16:77:a8:ab:d2:a4:
03:14:c7:cd:87:a0:83:83:56:7c:b7:b4:12:ba:ad:
45:e6:25:a3:45:91:7a:3c:e2:b2:01:03:cf:8c:ee:
80:1a:e6:f0:ad:c7:bb:05:dd:55:95:90:a9:30:38:
e9:15:c0:b5:56:ce:c4:97:c5:d6:e1:f9:db:c3:df:
1b:12:53:6a:89:ee:80:b1:38:59:99:7d:3a:4b:b9:
89:55:f0:6c:ad:d5:de:ba:90:9d:3a:40:2c:29:d2:
4d:b1:6a:86:02:08:04:c6:bc:6d:3c:f7:6a:c9:b9:
3d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:CF:40:A6:66:F0:E6:4B:38:3D:FA:61:9F:44:9C:98:6C:C6:7E:62
X509v3 Authority Key Identifier:
keyid:9B:EA:3A:3A:4A:36:06:C7:39:6F:15:F5:01:AC:5C:64:17:85:75:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m-o6Oko2Bsc5bxX1AaxcZBeFdQw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/89abb8-636d-4084-81a0-c63adb6ee5d9/1/789Apmbw5ks4Pfphn0ScmGzGfmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/89abb8-636d-4084-81a0-c63adb6ee5d9/1/m-o6Oko2Bsc5bxX1AaxcZBeFdQw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.240.0/21
88.133.0.0-88.133.143.255
88.133.156.0/22
109.199.160.0/19
185.9.64.0/22
IPv6:
2a01:a980::/29
Signature Algorithm: sha256WithRSAEncryption
78:86:f4:e3:a4:25:c0:81:85:b9:8c:91:34:c8:58:31:06:d0:
91:53:58:f9:59:2e:7a:7e:72:e1:b2:02:d3:e0:e4:ed:f6:4b:
59:99:60:51:dc:ac:01:58:d4:02:26:df:40:e4:fe:4f:0b:3a:
53:48:a2:dd:27:88:02:9f:7c:a9:49:6f:22:e3:1f:34:bf:7d:
12:12:e5:11:b3:d1:da:0f:d2:0b:97:9a:69:98:eb:ef:3d:e1:
15:b3:46:69:a2:80:aa:54:a6:6c:14:e4:5e:b4:76:83:c0:cb:
b2:ba:68:4a:0f:80:17:53:7c:d0:59:93:c8:0e:fc:2e:d2:ba:
39:e7:ae:36:45:b1:35:13:1f:f3:e8:c5:57:ca:ce:50:18:9d:
62:88:2b:0e:d8:e5:bb:93:43:83:68:15:c4:cb:8f:3f:28:b4:
70:89:1c:1e:de:a0:91:dc:01:7e:34:be:16:07:f0:11:55:f8:
2f:2d:bc:6d:89:1d:20:ae:59:99:21:ab:57:ac:d2:36:eb:a8:
87:e7:ad:7f:df:a8:4e:f0:a8:71:b0:8a:9d:2c:41:e1:37:ae:
86:a1:8e:14:61:0d:a6:3c:e2:7b:a2:17:b4:47:89:b7:e5:6b:
9d:75:f8:c9:68:81:58:cb:e5:7f:a2:87:90:99:dc:41:fd:fe:
86:34:cd:f4
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZEi30qWQ0dhyeqSl7WZHdDvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliZWEzYTNhNGEzNjA2YzczOTZmMTVmNTAxYWM1YzY0MTc4
NTc1MGMwHhcNMjQwODA1MTQwOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmNmNDBhNjY2ZjBlNjRiMzgzZGZhNjE5ZjQ0OWM5ODZjYzY3ZTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyTKybG61TeSyRshE8CT2D9kriQO
hUBpTa0FYIsxkWj8fEWFWHza0fr8OsO12vP1y3j/IF7OOELgtNGjkHnp5el9oWBI
aTvPk4WNlZzG7xyr64cNSh2JUVRsBkrYfwY/vkR6c09x7/YFxWqAf8udpxFxkIm+
Wer+lphuLI945gqWrlBgleX6FHAtKAUqqNYWd6ir0qQDFMfNh6CDg1Z8t7QSuq1F
5iWjRZF6POKyAQPPjO6AGubwrce7Bd1VlZCpMDjpFcC1Vs7El8XW4fnbw98bElNq
ie6AsThZmX06S7mJVfBsrdXeupCdOkAsKdJNsWqGAggExrxtPPdqybk9IQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFO/PQKZm8OZLOD36YZ9EnJhsxn5iMB8GA1UdIwQY
MBaAFJvqOjpKNgbHOW8V9QGsXGQXhXUMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbS1vNk9rbzJCc2M1YnhYMUFheGNaQmVGZFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC84OWFiYjgtNjM2ZC00MDg0LTgxYTAt
YzYzYWRiNmVlNWQ5LzEvNzg5QXBtYnc1a3M0UGZwaG4wU2NtR3pHZm1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC84OWFiYjgtNjM2ZC00MDg0LTgxYTAtYzYzYWRiNmVlNWQ5
LzEvbS1vNk9rbzJCc2M1YnhYMUFheGNaQmVGZFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDArBAIAATAlAwQDBRbwMAsD
AwBYhQMEBFiFgAMEAliFnAMEBW3HoAMEArkJQDANBAIAAjAHAwUDKgGpgDANBgkq
hkiG9w0BAQsFAAOCAQEAeIb046QlwIGFuYyRNMhYMQbQkVNY+Vkuen5y4bIC0+Dk
7fZLWZlgUdysAVjUAibfQOT+Tws6U0ii3SeIAp98qUlvIuMfNL99EhLlEbPR2g/S
C5eaaZjr7z3hFbNGaaKAqlSmbBTkXrR2g8DLsrpoSg+AF1N80FmTyA78LtK6Oeeu
NkWxNRMf8+jFV8rOUBidYogrDtjlu5NDg2gVxMuPPyi0cIkcHt6gkdwBfjS+Fgfw
EVX4Ly28bYkdIK5ZmSGrV6zSNuuoh+etf9+oTvCocbCKnSxB4TeuhqGOFGENpjzi
e6IXtEeJt+VrnXX4yWiBWMvlf6KHkJncQf3+hjTN9A==
-----END CERTIFICATE-----
Generated at Tue Aug 6 15:08:09 2024 by rpki-client on console-ams.rpki-client.org