Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/EFmjLg8aZKP6-iAbqKGQeGhwkCw.roa
File: EFmjLg8aZKP6-iAbqKGQeGhwkCw.roa (raw, json)
Hash identifier: 45Z2NyRkkLxc75Y5MBxIumBFymR2qBLFPIBcpz8qUsU=
Subject key identifier: 10:59:A3:2E:0F:1A:64:A3:FA:FA:20:1B:A8:A1:90:78:68:70:90:2C
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 01856F022A34F5FC5E333E1BB22C8F875839
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/EFmjLg8aZKP6-iAbqKGQeGhwkCw.roa
Signing time: Sun 01 Jan 2023 20:24:50 +0000
ROA not before: Sun 01 Jan 2023 20:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 89.40.166.0/24 maxlen: 24
89.47.249.0/24 maxlen: 24
94.177.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Jan 2023 19:19:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:2a:34:f5:fc:5e:33:3e:1b:b2:2c:8f:87:58:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jan 1 20:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1059a32e0f1a64a3fafa201ba8a190786870902c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:96:f0:54:9a:81:ed:aa:ad:33:59:7b:4e:ce:
64:52:fa:ee:d3:f4:83:e6:20:fe:79:9b:ed:00:2e:
44:42:24:84:52:27:cb:4f:df:dc:04:76:71:99:df:
a1:20:29:15:66:c6:aa:0e:e3:8c:4d:e8:69:9b:ba:
74:0a:40:29:49:fb:58:b3:61:48:e4:59:67:43:44:
7c:fa:ea:01:c0:63:1c:6d:fa:65:a2:06:9f:f5:f3:
18:d8:fe:57:d4:db:b4:fe:d4:f9:38:21:01:b1:bf:
09:3a:93:cc:9c:6a:f5:12:b3:78:95:01:9d:92:9f:
e9:cd:53:c8:a9:ed:5a:48:f3:12:3d:85:bc:52:f4:
7a:40:14:2c:6f:bc:37:f7:82:7c:5a:2a:b2:0b:9b:
78:d4:29:02:e0:e7:d3:5b:79:01:5c:e3:81:8f:64:
e3:e4:32:2b:80:0d:f7:fa:42:d8:3f:f2:95:a5:94:
cf:eb:6a:b3:9e:e4:a4:47:ff:93:13:ae:06:11:01:
52:93:b2:b7:72:92:ce:55:39:7f:8b:f5:9a:b9:c9:
8c:4c:ae:dc:6f:21:12:8d:08:1e:09:96:b1:12:19:
1b:51:d5:2f:9d:b3:f7:32:4b:cc:a9:37:f0:d9:50:
da:f4:d2:10:30:f4:d6:d8:26:5d:e9:b1:dd:a7:53:
c2:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:59:A3:2E:0F:1A:64:A3:FA:FA:20:1B:A8:A1:90:78:68:70:90:2C
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/EFmjLg8aZKP6-iAbqKGQeGhwkCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.166.0/24
89.47.249.0/24
94.177.113.0/24
Signature Algorithm: sha256WithRSAEncryption
92:74:73:91:0b:0c:fc:33:f8:09:52:68:7b:16:9a:ca:d3:e6:
6e:35:5c:fd:fe:66:d0:75:68:79:10:32:0b:d4:b6:4e:91:41:
a0:c3:0e:45:51:55:c5:3b:52:7a:93:ad:d7:2e:39:c2:b0:81:
d8:0e:0f:82:aa:91:08:a1:78:bf:b5:7d:7a:77:0f:4b:2b:8b:
e9:b9:5c:e6:b9:72:61:a8:c0:5a:ea:b1:4d:26:13:cf:34:fc:
f3:a9:bc:a3:de:b2:b0:24:cf:d6:7b:98:a8:c7:23:07:3c:42:
0d:9f:d5:79:62:ab:a1:21:b0:2c:af:c4:8f:d4:e0:34:3e:b1:
9c:29:d2:3b:7f:9b:8c:ed:96:9c:ad:4e:b2:6c:e2:e1:5c:78:
a6:8a:e3:78:4e:f9:f0:f7:c9:50:e6:f2:81:c4:1c:82:53:27:
19:13:4c:a3:67:53:a1:1a:3c:1c:69:51:cd:ad:88:42:b1:c1:
4a:59:20:ce:70:95:04:38:ed:35:ac:28:6c:9f:9e:de:7a:4d:
f3:6c:79:07:c9:50:cf:7c:80:89:11:17:a4:1c:e1:95:d0:63:
b0:a9:70:06:c3:1e:dc:cd:7c:b3:b0:b7:d6:de:fb:f3:52:71:
07:de:18:2c:c7:25:0a:a1:87:9b:78:54:e0:42:41:0b:90:30:
c9:66:9c:41
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvAio09fxeMz4bsiyPh1g5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwMTAxMjAyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDU5YTMyZTBmMWE2NGEzZmFmYTIwMWJhOGExOTA3ODY4NzA5MDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpbwVJqB7aqtM1l7Ts5kUvru0/SD
5iD+eZvtAC5EQiSEUifLT9/cBHZxmd+hICkVZsaqDuOMTehpm7p0CkApSftYs2FI
5FlnQ0R8+uoBwGMcbfplogaf9fMY2P5X1Nu0/tT5OCEBsb8JOpPMnGr1ErN4lQGd
kp/pzVPIqe1aSPMSPYW8UvR6QBQsb7w394J8WiqyC5t41CkC4OfTW3kBXOOBj2Tj
5DIrgA33+kLYP/KVpZTP62qznuSkR/+TE64GEQFSk7K3cpLOVTl/i/WaucmMTK7c
byESjQgeCZaxEhkbUdUvnbP3MkvMqTfw2VDa9NIQMPTW2CZd6bHdp1PCsQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBBZoy4PGmSj+vogG6ihkHhocJAsMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvRUZtakxnOGFaS1A2LWlBYnFLR1FlR2h3a0N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSimAwQA
WS/5AwQAXrFxMA0GCSqGSIb3DQEBCwUAA4IBAQCSdHORCwz8M/gJUmh7FprK0+Zu
NVz9/mbQdWh5EDIL1LZOkUGgww5FUVXFO1J6k63XLjnCsIHYDg+CqpEIoXi/tX16
dw9LK4vpuVzmuXJhqMBa6rFNJhPPNPzzqbyj3rKwJM/We5ioxyMHPEINn9V5Yquh
IbAsr8SP1OA0PrGcKdI7f5uM7ZacrU6ybOLhXHimiuN4Tvnw98lQ5vKBxByCUycZ
E0yjZ1OhGjwcaVHNrYhCscFKWSDOcJUEOO01rChsn57eek3zbHkHyVDPfICJERek
HOGV0GOwqXAGwx7czXyzsLfW3vvzUnEH3hgsxyUKoYebeFTgQkELkDDJZpxB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:48 2024 by rpki-client on console-ams.rpki-client.org