Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/rWZmSw90yBWMughlf0zG99H97xw.roa
File: rWZmSw90yBWMughlf0zG99H97xw.roa (raw, json)
Hash identifier: c3NYoF/imykgCf8+ezGMkmx457HDHGQTaftn/97wvbY=
Subject key identifier: AD:66:66:4B:0F:74:C8:15:8C:BA:08:65:7F:4C:C6:F7:D1:FD:EF:1C
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018E267E38EB5B094977DF64C330DF92A41A
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/rWZmSw90yBWMughlf0zG99H97xw.roa
Signing time: Sun 10 Mar 2024 03:53:10 +0000
ROA not before: Sun 10 Mar 2024 03:53:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 89.23.103.0/24 maxlen: 24
89.23.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 17 Mar 2024 12:14:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:26:7e:38:eb:5b:09:49:77:df:64:c3:30:df:92:a4:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Mar 10 03:53:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad66664b0f74c8158cba08657f4cc6f7d1fdef1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ae:db:e5:45:0c:9a:c8:88:d7:90:ae:ce:62:
75:08:c3:12:d3:99:da:96:c7:7b:27:50:34:a2:43:
f8:91:3b:36:63:35:e3:cd:52:33:2a:cb:19:b1:bb:
9e:94:f4:82:cb:99:69:f0:a2:9f:7b:f3:e4:a6:52:
78:a0:bc:ca:5e:cf:db:88:37:3b:fe:fb:a4:f5:c7:
7f:cc:ec:9b:61:cf:46:fe:bf:dc:7b:90:92:b8:86:
08:f3:89:d7:26:5c:db:45:5a:94:5f:21:73:56:39:
79:1e:0a:b9:8d:cf:57:b3:d2:02:bf:e3:92:f7:f6:
4c:73:fc:e3:7b:b3:ad:1d:6e:77:ec:cb:2a:6b:6b:
cc:c5:90:77:f2:17:38:04:6b:73:e0:93:97:fc:22:
73:f6:5c:c0:3f:94:4b:2a:b4:04:ef:7e:f2:32:ac:
cd:ff:46:17:d3:ba:d8:c8:d5:9e:63:15:c0:92:e9:
f3:84:e6:1f:b2:87:12:07:8d:f7:7b:cf:6f:80:7e:
d5:8b:0e:88:34:e1:00:8b:ee:82:e8:d7:6d:57:0c:
ea:05:88:3c:41:fb:ea:8d:6e:7e:09:5a:5f:8d:e0:
3b:08:55:78:c8:4b:36:c1:1a:a6:f7:42:8e:3b:39:
90:fb:fc:e3:c6:2a:59:5b:fb:f3:57:f1:2c:41:34:
ab:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:66:66:4B:0F:74:C8:15:8C:BA:08:65:7F:4C:C6:F7:D1:FD:EF:1C
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/rWZmSw90yBWMughlf0zG99H97xw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.103.0/24
89.23.107.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:ce:cf:63:89:21:b6:28:de:bd:dc:3f:0a:dd:94:53:9a:90:
42:e9:a2:4b:94:25:1f:ac:e4:46:df:c5:73:22:9b:90:31:db:
41:66:d7:ab:c7:e2:7e:3d:6a:02:8a:d6:ac:4f:49:0d:57:af:
e0:38:b5:fa:31:af:3f:ae:43:34:1c:b8:24:6a:7a:8f:41:62:
9b:91:c1:98:20:c7:40:fc:fe:02:9c:c5:86:6b:de:f5:ab:c7:
5e:57:5b:20:ed:96:28:2d:a9:c2:fe:90:dc:1f:51:53:a9:38:
3f:21:19:cd:61:f6:95:9c:a3:eb:46:bf:e0:ef:07:8f:4b:2d:
e4:56:2d:f5:ff:b1:46:c9:95:f1:0a:c4:09:99:b5:db:9c:90:
e5:09:ce:f8:5d:0e:a7:5b:2b:ac:e2:1d:a1:bc:84:67:cc:6b:
f8:21:43:27:6a:e8:59:60:d5:bc:23:44:dc:5c:db:b8:55:10:
72:94:d8:d6:1c:11:3f:66:e7:75:6a:d6:e2:3f:96:d5:e1:55:
6e:5a:cc:c4:7f:38:df:53:40:37:e2:5f:97:33:85:f5:c9:e4:
f7:99:2c:26:44:da:56:83:8a:4d:d7:1f:41:b2:ad:bf:a1:56:
bb:18:9c:5b:45:bb:ee:51:d7:cb:b8:84:ab:11:cb:7c:44:cd:
2b:6e:14:b2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4mfjjrWwlJd99kwzDfkqQaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMzEwMDM1MzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDY2NjY0YjBmNzRjODE1OGNiYTA4NjU3ZjRjYzZmN2QxZmRlZjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0q7b5UUMmsiI15CuzmJ1CMMS05na
lsd7J1A0okP4kTs2YzXjzVIzKssZsbuelPSCy5lp8KKfe/PkplJ4oLzKXs/biDc7
/vuk9cd/zOybYc9G/r/ce5CSuIYI84nXJlzbRVqUXyFzVjl5Hgq5jc9Xs9ICv+OS
9/ZMc/zje7OtHW537Msqa2vMxZB38hc4BGtz4JOX/CJz9lzAP5RLKrQE737yMqzN
/0YX07rYyNWeYxXAkunzhOYfsocSB433e89vgH7Viw6INOEAi+6C6NdtVwzqBYg8
QfvqjW5+CVpfjeA7CFV4yEs2wRqm90KOOzmQ+/zjxipZW/vzV/EsQTSrDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK1mZksPdMgVjLoIZX9MxvfR/e8cMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvcldabVN3OTB5QldNdWdobGYwekc5OUg5N3h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWRdnAwQA
WRdrMA0GCSqGSIb3DQEBCwUAA4IBAQA7zs9jiSG2KN693D8K3ZRTmpBC6aJLlCUf
rORG38VzIpuQMdtBZterx+J+PWoCitasT0kNV6/gOLX6Ma8/rkM0HLgkanqPQWKb
kcGYIMdA/P4CnMWGa971q8deV1sg7ZYoLanC/pDcH1FTqTg/IRnNYfaVnKPrRr/g
7wePSy3kVi31/7FGyZXxCsQJmbXbnJDlCc74XQ6nWyus4h2hvIRnzGv4IUMnauhZ
YNW8I0TcXNu4VRBylNjWHBE/Zud1atbiP5bV4VVuWszEfzjfU0A34l+XM4X1yeT3
mSwmRNpWg4pN1x9Bsq2/oVa7GJxbRbvuUdfLuISrEct8RM0rbhSy
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:23 2025 by rpki-client