Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/bqKTYgHWG7BZgLrLZP0LmD-I2Us.roa
File: bqKTYgHWG7BZgLrLZP0LmD-I2Us.roa (raw, json)
Hash identifier: zwzO0P3SGd9I6oUlyRHYGREKvLxh06BeSae43tOHhJM=
Subject key identifier: 6E:A2:93:62:01:D6:1B:B0:59:80:BA:CB:64:FD:0B:98:3F:88:D9:4B
Certificate issuer: /CN=618cc46d71e7848978488961d7b51aba1541f3c4
Certificate serial: 0191035D7F2B0A0267463E7E963EE8D21766
Authority key identifier: 61:8C:C4:6D:71:E7:84:89:78:48:89:61:D7:B5:1A:BA:15:41:F3:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYzEbXHnhIl4SIlh17UauhVB88Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/bqKTYgHWG7BZgLrLZP0LmD-I2Us.roa
Signing time: Tue 30 Jul 2024 11:19:04 +0000
ROA not before: Tue 30 Jul 2024 11:19:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209372
IP address blocks: 89.184.16.0/21 maxlen: 24
89.184.24.0/21 maxlen: 24
193.223.103.0/24 maxlen: 24
193.223.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 01:25:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:03:5d:7f:2b:0a:02:67:46:3e:7e:96:3e:e8:d2:17:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618cc46d71e7848978488961d7b51aba1541f3c4
Validity
Not Before: Jul 30 11:19:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ea2936201d61bb05980bacb64fd0b983f88d94b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e9:28:87:a9:00:74:60:f8:fd:94:b4:3a:db:
d2:d1:f3:75:ef:9a:61:87:45:40:87:e6:97:92:33:
fb:d0:c7:49:ad:41:3e:b1:19:00:f7:bf:d8:d5:ef:
04:83:4b:23:92:b3:d9:ed:88:01:c5:0c:1a:c3:57:
b5:82:06:bf:66:72:04:0b:8f:57:ae:4e:60:22:83:
fb:d6:9b:c9:e8:14:dd:32:c0:49:b1:e1:80:d4:9b:
2b:34:6f:bf:0a:81:91:9c:3b:03:c5:99:25:77:13:
06:de:ec:02:7e:ac:80:e3:35:01:ad:bc:52:e0:db:
aa:b0:f6:93:6f:b6:a1:df:92:86:55:5d:5d:a3:77:
50:53:59:b1:4e:3e:a8:b3:55:4d:dd:f3:c6:98:55:
43:79:04:26:5c:87:30:3b:f8:8b:6e:36:0f:6c:ba:
df:5a:f5:73:08:79:07:60:8a:75:12:28:45:a4:bc:
92:9a:8f:f3:f1:53:de:5e:69:b8:92:5b:74:03:50:
d5:24:f8:bf:32:2c:b4:eb:53:af:96:48:03:fe:a3:
28:70:98:7a:4b:f0:60:e5:32:0a:6a:8a:17:8e:9e:
4d:a3:b1:c9:44:ef:22:1e:b3:ab:9b:eb:d4:4b:3c:
85:bd:6a:97:68:c7:cf:95:6f:97:80:44:6e:b2:3f:
b3:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:A2:93:62:01:D6:1B:B0:59:80:BA:CB:64:FD:0B:98:3F:88:D9:4B
X509v3 Authority Key Identifier:
keyid:61:8C:C4:6D:71:E7:84:89:78:48:89:61:D7:B5:1A:BA:15:41:F3:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYzEbXHnhIl4SIlh17UauhVB88Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/bqKTYgHWG7BZgLrLZP0LmD-I2Us.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/YYzEbXHnhIl4SIlh17UauhVB88Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.184.16.0/20
193.223.103.0/24
193.223.108.0/24
Signature Algorithm: sha256WithRSAEncryption
67:3d:79:a4:a7:4f:1f:f8:0f:2a:d4:38:51:af:fe:59:ff:fb:
c6:1d:a8:ca:39:0a:6b:46:26:4e:ee:fe:12:6a:fe:20:6f:47:
c4:dd:0e:74:29:dd:8a:3b:43:e6:23:7b:8e:c4:01:83:d4:a5:
28:ab:7e:a5:bd:e1:1e:b8:78:87:72:4b:46:da:8f:50:7f:fc:
e8:9b:10:ab:14:b7:54:f7:60:19:04:47:40:19:ea:12:6d:e9:
20:cd:45:97:54:47:83:34:47:15:fe:83:d4:ad:a0:40:5d:31:
c8:7d:76:2e:53:95:fc:20:3b:63:56:dd:55:da:29:3f:56:f5:
51:b3:0e:12:da:7a:2d:c4:44:bd:d0:68:fb:e5:8d:8c:af:97:
b3:f0:b8:35:4c:c0:19:df:db:5b:34:a6:ea:e2:be:b8:50:90:
b2:b9:52:b0:8c:fb:8a:3e:e7:40:ed:a7:f8:d8:01:1f:78:be:
fa:ed:fc:12:d8:2f:1a:28:10:9a:4e:56:16:85:45:52:2c:d1:
de:36:8f:26:56:c6:34:59:c4:4e:3c:a0:00:5c:2f:cd:ef:bd:
bc:34:5d:53:39:4b:b9:4b:25:73:b6:44:4f:48:28:af:31:26:
6c:d8:ba:d8:14:61:0d:c7:e4:7f:d4:6c:2d:4b:62:ab:2b:44:
0a:f6:74:2b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZEDXX8rCgJnRj5+lj7o0hdmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxOGNjNDZkNzFlNzg0ODk3ODQ4ODk2MWQ3YjUxYWJhMTU0
MWYzYzQwHhcNMjQwNzMwMTExOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWEyOTM2MjAxZDYxYmIwNTk4MGJhY2I2NGZkMGI5ODNmODhkOTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ekoh6kAdGD4/ZS0OtvS0fN175ph
h0VAh+aXkjP70MdJrUE+sRkA97/Y1e8Eg0sjkrPZ7YgBxQwaw1e1gga/ZnIEC49X
rk5gIoP71pvJ6BTdMsBJseGA1JsrNG+/CoGRnDsDxZkldxMG3uwCfqyA4zUBrbxS
4NuqsPaTb7ah35KGVV1do3dQU1mxTj6os1VN3fPGmFVDeQQmXIcwO/iLbjYPbLrf
WvVzCHkHYIp1EihFpLySmo/z8VPeXmm4klt0A1DVJPi/Miy061OvlkgD/qMocJh6
S/Bg5TIKaooXjp5No7HJRO8iHrOrm+vUSzyFvWqXaMfPlW+XgERusj+z/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG6ik2IB1huwWYC6y2T9C5g/iNlLMB8GA1UdIwQY
MBaAFGGMxG1x54SJeEiJYde1GroVQfPEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVl6RWJYSG5oSWw0U0lsaDE3VWF1aFZCODhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8xMjc0MzAtZDRlOC00ZGEzLWJlYTIt
NGVmMTljY2M1N2QwLzEvYnFLVFlnSFdHN0JaZ0xyTFpQMExtRC1JMlVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8xMjc0MzAtZDRlOC00ZGEzLWJlYTItNGVmMTljY2M1N2Qw
LzEvWVl6RWJYSG5oSWw0U0lsaDE3VWF1aFZCODhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEWbgQAwQA
wd9nAwQAwd9sMA0GCSqGSIb3DQEBCwUAA4IBAQBnPXmkp08f+A8q1DhRr/5Z//vG
HajKOQprRiZO7v4Sav4gb0fE3Q50Kd2KO0PmI3uOxAGD1KUoq36lveEeuHiHcktG
2o9Qf/zomxCrFLdU92AZBEdAGeoSbekgzUWXVEeDNEcV/oPUraBAXTHIfXYuU5X8
IDtjVt1V2ik/VvVRsw4S2notxES90Gj75Y2Mr5ez8Lg1TMAZ39tbNKbq4r64UJCy
uVKwjPuKPudA7af42AEfeL767fwS2C8aKBCaTlYWhUVSLNHeNo8mVsY0WcROPKAA
XC/N7728NF1TOUu5SyVztkRPSCivMSZs2LrYFGENx+R/1GwtS2KrK0QK9nQr
-----END CERTIFICATE-----
Generated at Thu Nov 7 07:02:32 2024 by rpki-client on console-ams.rpki-client.org