Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/075d2f-46bd-4bde-9835-95ff5c5dbb50/1/NM5V-o4NYkPkaeslThoZGKavzC4.roa
File: NM5V-o4NYkPkaeslThoZGKavzC4.roa (raw, json)
Hash identifier: Y8QBCdLZteeNEFeZ7H7FYH55+/c13xpJBLV6Psda+Zs=
Subject key identifier: 34:CE:55:FA:8E:0D:62:43:E4:69:EB:25:4E:1A:19:18:A6:AF:CC:2E
Certificate issuer: /CN=fd658693ec327ead4fe83a57b82601cc2552aabd
Certificate serial: 018E7C745F110A17A4037108356BC2CFC135
Authority key identifier: FD:65:86:93:EC:32:7E:AD:4F:E8:3A:57:B8:26:01:CC:25:52:AA:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_WWGk-wyfq1P6DpXuCYBzCVSqr0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/075d2f-46bd-4bde-9835-95ff5c5dbb50/1/NM5V-o4NYkPkaeslThoZGKavzC4.roa
Signing time: Tue 26 Mar 2024 20:29:45 +0000
ROA not before: Tue 26 Mar 2024 20:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212150
IP address blocks: 185.130.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Mar 2024 17:48:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7c:74:5f:11:0a:17:a4:03:71:08:35:6b:c2:cf:c1:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd658693ec327ead4fe83a57b82601cc2552aabd
Validity
Not Before: Mar 26 20:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34ce55fa8e0d6243e469eb254e1a1918a6afcc2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:09:ff:9d:1a:fd:77:5d:0a:28:b4:a8:c9:72:
44:ee:95:1a:b9:b4:df:4e:4d:aa:b7:5b:0b:bb:ad:
bf:ec:bf:95:09:c4:80:cd:1b:e4:9d:f9:82:2b:9a:
92:bf:ec:d8:1e:47:9d:96:62:b7:6e:c0:1d:13:e5:
d9:2d:91:2a:5f:f4:45:ac:49:9b:2e:4b:82:52:e2:
67:ec:00:b0:d6:87:fb:15:d1:7c:b8:ec:d4:b9:47:
9f:6e:6c:13:2b:27:08:b9:59:5a:94:1a:dd:a2:98:
9c:ad:61:72:b9:aa:74:60:af:d8:98:23:d1:6f:5d:
f0:42:f3:39:52:be:5f:f1:2b:ad:9f:c7:c7:c1:fb:
b0:fe:97:4b:f3:cd:69:32:8a:d5:36:81:95:1f:f7:
89:ca:f3:e3:61:a8:ed:b8:16:5e:0d:97:57:2a:de:
c6:a4:d9:18:d3:bb:e6:33:88:68:ef:32:09:c7:c1:
a7:23:36:a9:94:d5:7e:87:d0:b6:90:b3:76:01:63:
b2:bf:27:ae:ed:73:fe:ab:78:cb:79:38:63:fa:98:
24:88:db:5f:f5:c9:bd:b7:c0:5c:08:d2:46:d8:e8:
fc:84:c2:59:ed:7f:f1:16:7e:15:46:13:56:fe:0e:
d8:1a:e5:8c:56:48:83:57:b5:53:80:7b:8e:93:d2:
41:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:CE:55:FA:8E:0D:62:43:E4:69:EB:25:4E:1A:19:18:A6:AF:CC:2E
X509v3 Authority Key Identifier:
keyid:FD:65:86:93:EC:32:7E:AD:4F:E8:3A:57:B8:26:01:CC:25:52:AA:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_WWGk-wyfq1P6DpXuCYBzCVSqr0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/075d2f-46bd-4bde-9835-95ff5c5dbb50/1/NM5V-o4NYkPkaeslThoZGKavzC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/075d2f-46bd-4bde-9835-95ff5c5dbb50/1/_WWGk-wyfq1P6DpXuCYBzCVSqr0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.130.89.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:f7:61:af:22:5b:ff:69:47:5c:e8:35:f1:a4:9f:00:92:77:
cc:27:97:4b:a9:39:b3:71:5f:7a:9c:71:ea:a9:e0:ee:2e:2b:
87:71:b8:d7:cf:8c:00:f4:e2:1d:c0:7f:95:d8:5a:d0:54:b9:
8e:97:a0:00:af:4c:bd:38:41:50:95:d3:b5:48:21:76:ed:a7:
75:58:64:54:b6:d4:2d:57:c7:98:88:93:f1:fe:6b:17:89:05:
22:6e:d1:09:d7:a8:bb:07:ab:5f:95:bd:e5:0f:28:05:24:89:
27:fe:f7:3b:c6:15:6a:d5:35:8d:07:b8:c3:c1:37:2c:f3:0b:
fd:ee:39:82:7e:7c:82:ef:15:82:58:76:cf:5b:87:10:b7:e3:
6f:4a:81:26:24:7b:36:9b:77:6f:87:df:ac:55:4b:20:2e:d3:
f6:32:c0:9f:40:ed:6a:1b:b9:59:a0:2a:f7:8d:2c:bf:13:e3:
67:0f:2e:f7:cb:72:42:d8:20:07:d6:4e:cd:39:a0:75:b9:4d:
35:ce:4a:4c:32:96:1e:9f:3f:bd:73:3f:00:5b:77:88:ff:85:
af:dd:b6:57:9e:9d:ca:70:28:f4:e6:29:0e:20:87:48:11:0a:
c8:b8:0b:40:b7:71:12:b9:4e:aa:b9:93:4b:7a:2d:2d:97:ee:
f8:0d:31:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY58dF8RChekA3EINWvCz8E1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkNjU4NjkzZWMzMjdlYWQ0ZmU4M2E1N2I4MjYwMWNjMjU1
MmFhYmQwHhcNMjQwMzI2MjAyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGNlNTVmYThlMGQ2MjQzZTQ2OWViMjU0ZTFhMTkxOGE2YWZjYzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgn/nRr9d10KKLSoyXJE7pUaubTf
Tk2qt1sLu62/7L+VCcSAzRvknfmCK5qSv+zYHkedlmK3bsAdE+XZLZEqX/RFrEmb
LkuCUuJn7ACw1of7FdF8uOzUuUefbmwTKycIuVlalBrdopicrWFyuap0YK/YmCPR
b13wQvM5Ur5f8Sutn8fHwfuw/pdL881pMorVNoGVH/eJyvPjYajtuBZeDZdXKt7G
pNkY07vmM4ho7zIJx8GnIzaplNV+h9C2kLN2AWOyvyeu7XP+q3jLeThj+pgkiNtf
9cm9t8BcCNJG2Oj8hMJZ7X/xFn4VRhNW/g7YGuWMVkiDV7VTgHuOk9JBDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDTOVfqODWJD5GnrJU4aGRimr8wuMB8GA1UdIwQY
MBaAFP1lhpPsMn6tT+g6V7gmAcwlUqq9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1dXR2std3lmcTFQNkRwWHVDWUJ6Q1ZTcXIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8wNzVkMmYtNDZiZC00YmRlLTk4MzUt
OTVmZjVjNWRiYjUwLzEvTk01Vi1vNE5Za1BrYWVzbFRob1pHS2F2ekM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8wNzVkMmYtNDZiZC00YmRlLTk4MzUtOTVmZjVjNWRiYjUw
LzEvX1dXR2std3lmcTFQNkRwWHVDWUJ6Q1ZTcXIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYJZMA0G
CSqGSIb3DQEBCwUAA4IBAQCx92GvIlv/aUdc6DXxpJ8AknfMJ5dLqTmzcV96nHHq
qeDuLiuHcbjXz4wA9OIdwH+V2FrQVLmOl6AAr0y9OEFQldO1SCF27ad1WGRUttQt
V8eYiJPx/msXiQUibtEJ16i7B6tflb3lDygFJIkn/vc7xhVq1TWNB7jDwTcs8wv9
7jmCfnyC7xWCWHbPW4cQt+NvSoEmJHs2m3dvh9+sVUsgLtP2MsCfQO1qG7lZoCr3
jSy/E+NnDy73y3JC2CAH1k7NOaB1uU01zkpMMpYenz+9cz8AW3eI/4Wv3bZXnp3K
cCj05ikOIIdIEQrIuAtAt3ESuU6quZNLei0tl+74DTFQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:10 2024 by rpki-client on console-fra.rpki-client.org