Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/PB5Obwht1FD1yRe5zkOGcbHtgzo.roa
File: PB5Obwht1FD1yRe5zkOGcbHtgzo.roa (raw, json)
Hash identifier: qzyu8vHLs+mwrOCv7bcNdW9o7MqcGXhPfdAii6iNukg=
Subject key identifier: 3C:1E:4E:6F:08:6D:D4:50:F5:C9:17:B9:CE:43:86:71:B1:ED:83:3A
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018E4C56DDEF1FDAD5E9A51E8C697A8CCC2B
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/PB5Obwht1FD1yRe5zkOGcbHtgzo.roa
Signing time: Sun 17 Mar 2024 12:15:45 +0000
ROA not before: Sun 17 Mar 2024 12:15:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 89.23.103.0/24 maxlen: 24
89.23.107.0/24 maxlen: 24
89.23.108.0/24 maxlen: 24
185.39.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 May 2024 15:02:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:4c:56:dd:ef:1f:da:d5:e9:a5:1e:8c:69:7a:8c:cc:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Mar 17 12:15:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c1e4e6f086dd450f5c917b9ce438671b1ed833a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6a:10:ef:08:d7:cc:97:10:7c:d2:35:d0:23:
c3:dc:a4:d9:b6:52:55:b0:3c:e3:b5:30:79:56:5a:
09:37:ea:e4:70:5f:c7:36:75:e6:9b:25:fb:fc:03:
e3:3f:a6:06:42:29:35:1c:60:03:b5:b6:68:9f:33:
ea:cd:d5:c8:61:f6:6c:85:f5:9d:66:5f:ce:60:19:
ba:d2:4d:b9:55:11:08:4f:db:d5:53:a5:02:3d:7f:
51:6d:ba:84:dc:1d:b6:74:e8:18:05:3f:07:6a:3d:
4f:d0:d1:24:b9:11:b8:4f:5f:be:6b:cf:66:a6:e3:
ed:85:6d:bc:2c:05:b2:e4:3d:a8:3b:df:c0:42:3f:
da:ea:d1:bf:5d:57:cb:cf:29:8c:77:ab:88:b3:50:
be:13:fb:36:7f:cf:5f:30:99:0c:ce:51:30:00:70:
25:81:3c:b0:58:ce:63:6c:d0:28:6c:9d:b8:99:aa:
e2:ee:5a:eb:91:42:f2:b5:c1:f3:3b:83:bc:29:37:
b8:0b:c9:fc:8a:93:86:9b:aa:6d:4b:ae:26:51:f9:
85:48:6d:2f:b1:8e:af:0f:66:13:76:07:6d:2c:aa:
0c:b8:fb:eb:5b:54:02:c9:52:c1:12:63:7f:7e:19:
02:76:f3:fa:85:8d:46:39:dd:3e:35:9c:c3:00:81:
f7:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:1E:4E:6F:08:6D:D4:50:F5:C9:17:B9:CE:43:86:71:B1:ED:83:3A
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/PB5Obwht1FD1yRe5zkOGcbHtgzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.103.0/24
89.23.107.0-89.23.108.255
185.39.204.0/24
Signature Algorithm: sha256WithRSAEncryption
d8:83:df:48:90:fe:68:96:1a:63:7b:f0:07:10:f6:e6:a7:7f:
d9:75:cc:08:c2:70:79:d8:6e:3a:f6:24:d1:7f:94:90:95:a9:
0a:06:76:b2:58:5f:f4:9c:c6:01:cb:47:ca:8b:03:e5:02:d9:
8e:2c:64:af:68:1d:49:fe:7a:d1:90:cb:9d:c6:bd:23:71:22:
03:24:81:20:05:11:c2:77:0f:57:ae:5f:e3:ac:48:ff:5b:25:
9c:f8:c9:7f:f1:88:20:ee:24:d1:79:1c:cd:53:83:34:08:31:
8f:9d:2b:9c:66:a1:2f:de:e0:71:f5:22:9c:ab:1e:d3:2c:fe:
f6:31:ab:d6:4b:c9:7e:d6:a5:79:e5:94:af:a6:2f:85:4b:9c:
30:dd:d7:7e:75:eb:a5:48:f1:65:a9:2c:69:09:74:5a:c4:46:
f4:1e:fd:61:3a:1f:a4:2b:13:44:00:cb:fc:74:70:79:80:fb:
5e:9b:f4:9b:37:14:07:0f:cd:dc:6b:77:cd:dd:63:ef:97:d1:
e6:e6:6c:dc:ea:40:c6:8f:42:3a:90:12:71:24:60:49:92:9a:
8c:6c:fd:b1:6a:5b:0f:88:d6:d2:bf:a8:bc:e1:bd:77:6a:b8:
b5:de:76:03:6c:c7:73:9f:b0:8d:38:bb:4c:0f:9a:db:07:2d:
bf:c3:18:99
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY5MVt3vH9rV6aUejGl6jMwrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMzE3MTIxNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzFlNGU2ZjA4NmRkNDUwZjVjOTE3YjljZTQzODY3MWIxZWQ4MzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2oQ7wjXzJcQfNI10CPD3KTZtlJV
sDzjtTB5VloJN+rkcF/HNnXmmyX7/APjP6YGQik1HGADtbZonzPqzdXIYfZshfWd
Zl/OYBm60k25VREIT9vVU6UCPX9RbbqE3B22dOgYBT8Haj1P0NEkuRG4T1++a89m
puPthW28LAWy5D2oO9/AQj/a6tG/XVfLzymMd6uIs1C+E/s2f89fMJkMzlEwAHAl
gTywWM5jbNAobJ24mari7lrrkULytcHzO4O8KTe4C8n8ipOGm6ptS64mUfmFSG0v
sY6vD2YTdgdtLKoMuPvrW1QCyVLBEmN/fhkCdvP6hY1GOd0+NZzDAIH3rQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDweTm8IbdRQ9ckXuc5DhnGx7YM6MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvUEI1T2J3aHQxRkQxeVJlNXprT0djYkh0Z3pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAWRdnMAwD
BABZF2sDBABZF2wDBAC5J8wwDQYJKoZIhvcNAQELBQADggEBANiD30iQ/miWGmN7
8AcQ9uanf9l1zAjCcHnYbjr2JNF/lJCVqQoGdrJYX/ScxgHLR8qLA+UC2Y4sZK9o
HUn+etGQy53GvSNxIgMkgSAFEcJ3D1euX+OsSP9bJZz4yX/xiCDuJNF5HM1TgzQI
MY+dK5xmoS/e4HH1IpyrHtMs/vYxq9ZLyX7WpXnllK+mL4VLnDDd135166VI8WWp
LGkJdFrERvQe/WE6H6QrE0QAy/x0cHmA+16b9Js3FAcPzdxrd83dY++X0ebmbNzq
QMaPQjqQEnEkYEmSmoxs/bFqWw+I1tK/qLzhvXdquLXedgNsx3OfsI04u0wPmtsH
Lb/DGJk=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:53:01 2025 by rpki-client