Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/iTH942jBeQnUPk14jIXB4Q2-a4U.roa
File: iTH942jBeQnUPk14jIXB4Q2-a4U.roa (raw, json)
Hash identifier: LUlaNo6VZaK6aejBemn+dJmxqjhPutDrGa6XF6Hsjus=
Subject key identifier: 89:31:FD:E3:68:C1:79:09:D4:3E:4D:78:8C:85:C1:E1:0D:BE:6B:85
Certificate issuer: /CN=618cc46d71e7848978488961d7b51aba1541f3c4
Certificate serial: 018F7B35AA9BA6EEEC515E585E61E63FF8E1
Authority key identifier: 61:8C:C4:6D:71:E7:84:89:78:48:89:61:D7:B5:1A:BA:15:41:F3:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYzEbXHnhIl4SIlh17UauhVB88Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/iTH942jBeQnUPk14jIXB4Q2-a4U.roa
Signing time: Wed 15 May 2024 07:44:25 +0000
ROA not before: Wed 15 May 2024 07:44:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 89.184.16.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Jul 2024 11:21:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:7b:35:aa:9b:a6:ee:ec:51:5e:58:5e:61:e6:3f:f8:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618cc46d71e7848978488961d7b51aba1541f3c4
Validity
Not Before: May 15 07:44:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8931fde368c17909d43e4d788c85c1e10dbe6b85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:56:ee:3a:43:cd:c3:e2:37:18:54:a4:55:2b:
c2:93:c3:f2:bb:56:41:c5:27:b5:2c:fa:93:fd:0d:
70:32:3e:8b:ce:b3:17:44:1b:33:35:2a:66:e4:7e:
ed:7c:a0:f8:63:3b:de:f4:6b:73:47:51:73:60:59:
9b:f5:92:24:b1:6d:ff:46:a3:1c:21:28:6a:7f:7a:
78:95:03:0f:c8:e9:9f:f0:42:84:3a:db:83:c3:f3:
e0:c1:d0:eb:be:b1:01:be:59:68:06:72:e8:9e:b9:
0f:05:40:a1:06:eb:02:14:ae:47:3b:a9:9b:7e:b2:
36:a9:fc:1d:e4:64:33:95:d4:74:eb:b3:23:66:eb:
99:10:67:91:21:ab:70:fd:ce:82:3a:53:75:06:59:
1e:20:b0:b5:e4:cc:91:41:00:66:0a:41:1b:ad:ce:
11:e0:07:63:a3:96:10:10:14:77:7d:b7:99:f7:62:
db:e2:97:26:e1:ef:1e:24:f0:a2:c0:8e:d4:11:9e:
85:e5:05:c7:83:24:d6:ea:bb:5e:85:7e:20:c7:6f:
9d:12:ec:a2:99:4b:6d:14:e5:0f:05:0f:36:e9:8f:
81:46:ea:cf:ea:91:2c:07:42:7c:1b:40:32:07:7e:
86:38:f1:a3:d2:bf:6b:f0:a4:03:48:b0:c3:7a:d7:
53:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:31:FD:E3:68:C1:79:09:D4:3E:4D:78:8C:85:C1:E1:0D:BE:6B:85
X509v3 Authority Key Identifier:
keyid:61:8C:C4:6D:71:E7:84:89:78:48:89:61:D7:B5:1A:BA:15:41:F3:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYzEbXHnhIl4SIlh17UauhVB88Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/iTH942jBeQnUPk14jIXB4Q2-a4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/YYzEbXHnhIl4SIlh17UauhVB88Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.184.16.0/22
Signature Algorithm: sha256WithRSAEncryption
42:70:db:4f:c1:8c:88:b5:03:a5:e5:b8:e1:74:78:6a:5b:d5:
d5:f1:d1:7b:29:bb:36:30:1a:9b:2d:ae:68:40:55:6c:e7:a9:
8e:2f:b0:46:1b:f0:40:5b:17:c1:85:cb:cc:f0:98:53:5e:80:
81:45:d8:16:3f:9e:52:65:9c:3b:50:a2:6c:b6:c4:f3:60:d8:
9b:24:d9:ec:70:39:e6:0f:dc:88:30:c6:93:3f:d9:f4:1a:2e:
db:34:5b:bc:ab:b3:f2:78:0e:f1:bf:c1:06:7f:c3:e6:5a:79:
15:68:5e:45:79:63:0f:ce:98:c9:41:dc:62:01:1a:2f:e1:c0:
44:40:a3:74:6b:b3:a0:5c:a6:e8:fb:19:e2:71:0f:fb:80:e7:
9b:74:86:f2:79:96:a7:a9:6c:2a:f3:ea:5f:a9:b8:6c:fc:55:
96:6a:16:8b:de:b6:ff:2c:c4:9e:14:56:46:c1:f9:f2:2a:79:
93:fa:0b:cd:ea:44:52:07:35:6e:1a:d2:9f:c7:5f:b3:07:77:
1b:69:7b:4d:8f:7f:ae:1b:d7:42:36:e2:f8:3d:ad:73:ec:ae:
42:e7:10:6f:dd:80:81:d4:d7:ec:1b:47:97:0d:5e:7d:e7:86:
9b:71:f7:78:bd:26:ec:47:7e:50:8c:2d:9a:09:9a:b8:90:86:
af:2d:07:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY97Naqbpu7sUV5YXmHmP/jhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxOGNjNDZkNzFlNzg0ODk3ODQ4ODk2MWQ3YjUxYWJhMTU0
MWYzYzQwHhcNMjQwNTE1MDc0NDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTMxZmRlMzY4YzE3OTA5ZDQzZTRkNzg4Yzg1YzFlMTBkYmU2Yjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1buOkPNw+I3GFSkVSvCk8Pyu1ZB
xSe1LPqT/Q1wMj6LzrMXRBszNSpm5H7tfKD4Yzve9GtzR1FzYFmb9ZIksW3/RqMc
IShqf3p4lQMPyOmf8EKEOtuDw/PgwdDrvrEBvlloBnLonrkPBUChBusCFK5HO6mb
frI2qfwd5GQzldR067MjZuuZEGeRIatw/c6COlN1BlkeILC15MyRQQBmCkEbrc4R
4Adjo5YQEBR3fbeZ92Lb4pcm4e8eJPCiwI7UEZ6F5QXHgyTW6rtehX4gx2+dEuyi
mUttFOUPBQ826Y+BRurP6pEsB0J8G0AyB36GOPGj0r9r8KQDSLDDetdTvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIkx/eNowXkJ1D5NeIyFweENvmuFMB8GA1UdIwQY
MBaAFGGMxG1x54SJeEiJYde1GroVQfPEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVl6RWJYSG5oSWw0U0lsaDE3VWF1aFZCODhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8xMjc0MzAtZDRlOC00ZGEzLWJlYTIt
NGVmMTljY2M1N2QwLzEvaVRIOTQyakJlUW5VUGsxNGpJWEI0UTItYTRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8xMjc0MzAtZDRlOC00ZGEzLWJlYTItNGVmMTljY2M1N2Qw
LzEvWVl6RWJYSG5oSWw0U0lsaDE3VWF1aFZCODhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWbgQMA0G
CSqGSIb3DQEBCwUAA4IBAQBCcNtPwYyItQOl5bjhdHhqW9XV8dF7Kbs2MBqbLa5o
QFVs56mOL7BGG/BAWxfBhcvM8JhTXoCBRdgWP55SZZw7UKJstsTzYNibJNnscDnm
D9yIMMaTP9n0Gi7bNFu8q7PyeA7xv8EGf8PmWnkVaF5FeWMPzpjJQdxiARov4cBE
QKN0a7OgXKbo+xnicQ/7gOebdIbyeZanqWwq8+pfqbhs/FWWahaL3rb/LMSeFFZG
wfnyKnmT+gvN6kRSBzVuGtKfx1+zB3cbaXtNj3+uG9dCNuL4Pa1z7K5C5xBv3YCB
1NfsG0eXDV5954abcfd4vSbsR35QjC2aCZq4kIavLQcs
-----END CERTIFICATE-----
Generated at Tue Jul 30 13:39:24 2024 by rpki-client on console-fra.rpki-client.org