Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/9JMS1G5FrfS_ixleJUbyidYxWB4.roa
File: 9JMS1G5FrfS_ixleJUbyidYxWB4.roa (raw, json)
Hash identifier: U8pc2CbZu31OPy8bb9W2pZvuBzTmo49CUNfeyyKoYng=
Subject key identifier: F4:93:12:D4:6E:45:AD:F4:BF:8B:19:5E:25:46:F2:89:D6:31:58:1E
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 018E587EBE73231668DAC6ACD7F288873A59
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/9JMS1G5FrfS_ixleJUbyidYxWB4.roa
Signing time: Tue 19 Mar 2024 20:54:45 +0000
ROA not before: Tue 19 Mar 2024 20:54:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.46.10.0/24 maxlen: 24
93.114.61.0/24 maxlen: 24
185.81.180.0/23 maxlen: 23
185.81.181.0/24 maxlen: 24
185.81.183.0/24 maxlen: 24
195.242.242.0/24 maxlen: 24
195.242.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Apr 2024 17:47:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:58:7e:be:73:23:16:68:da:c6:ac:d7:f2:88:87:3a:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Mar 19 20:54:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f49312d46e45adf4bf8b195e2546f289d631581e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:67:5a:7b:fd:ce:f2:7b:6f:6f:78:ff:d2:f8:
dd:0f:16:76:f1:75:46:13:65:53:8e:ca:17:57:6f:
cf:b5:86:46:53:6d:02:81:66:d7:23:18:d8:0e:a5:
99:cd:bc:ea:0a:61:8d:63:d8:04:c9:77:7c:15:da:
48:de:d9:f8:a6:ac:1d:76:61:46:61:ce:2e:c9:f2:
86:13:73:c4:82:b8:61:0d:6b:58:13:20:ad:91:fc:
52:89:4c:39:57:ed:6d:6b:55:1d:e7:94:79:52:4c:
85:0d:e1:71:83:17:fa:aa:02:5c:62:eb:20:50:3a:
d1:5f:89:e5:d4:06:f6:f1:e5:66:8c:59:dc:c0:94:
15:65:e0:38:31:3b:2f:28:28:6c:81:e9:7f:c8:f1:
d4:64:32:98:2c:26:7e:76:8e:7f:6c:31:33:ec:3c:
5f:a5:12:40:a8:95:75:8d:cf:f6:71:80:51:55:9d:
53:f4:49:30:bf:44:ab:ea:9b:00:b1:07:8f:70:ac:
6f:d9:17:b9:c7:05:12:3f:d1:28:f8:ed:77:c8:04:
03:ed:6f:ba:e8:86:84:8f:4a:2f:bb:e4:ac:20:2a:
d2:99:23:27:c1:9f:71:08:9f:2e:57:7f:c8:89:ac:
92:c8:31:b2:63:23:14:f9:2a:23:92:56:c0:4d:28:
88:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:93:12:D4:6E:45:AD:F4:BF:8B:19:5E:25:46:F2:89:D6:31:58:1E
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/9JMS1G5FrfS_ixleJUbyidYxWB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.10.0/24
93.114.61.0/24
185.81.180.0/23
185.81.183.0/24
195.242.242.0/23
Signature Algorithm: sha256WithRSAEncryption
6c:34:fa:04:aa:ed:33:af:82:0f:63:3a:29:5d:3e:85:06:52:
f9:b9:bd:13:21:35:2c:41:e1:c1:de:95:c8:73:f1:af:db:8e:
bc:8d:5c:50:00:2b:8f:24:37:53:fc:4b:1f:58:e7:8b:da:c4:
19:35:dd:1a:95:0b:7f:9a:f4:53:80:2d:34:1e:6b:ad:bb:05:
ff:e3:c8:1b:bf:fd:28:c9:5f:e2:c3:7c:db:a1:82:f3:45:e1:
91:8c:e0:70:cf:46:9a:1d:46:e5:0b:89:e8:f8:f0:df:82:59:
99:1d:51:38:23:21:5b:7c:0a:3a:1e:73:6f:ec:22:8a:62:e1:
d9:0e:63:67:03:c6:32:81:55:82:d7:5b:28:9b:a7:93:8b:17:
67:7a:8f:c4:c8:80:89:37:20:6d:9f:ae:f7:af:23:2a:2f:8c:
6b:68:ba:8a:8f:b3:97:eb:21:a1:94:5a:a7:16:a8:18:17:0c:
43:be:57:4b:1f:b2:71:d5:c8:62:d9:33:97:ee:26:4b:5c:b7:
ab:d0:68:09:01:ce:af:72:23:19:a0:b9:d2:fd:91:ab:b8:ed:
89:80:29:98:25:2c:90:6b:b9:e7:78:e0:87:8f:c9:71:c8:b9:
b9:a0:71:12:c0:80:81:48:c1:9d:39:4f:72:9c:ea:20:89:08:
94:3b:66:2d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY5Yfr5zIxZo2sas1/KIhzpZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjQwMzE5MjA1NDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDkzMTJkNDZlNDVhZGY0YmY4YjE5NWUyNTQ2ZjI4OWQ2MzE1ODFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimdae/3O8ntvb3j/0vjdDxZ28XVG
E2VTjsoXV2/PtYZGU20CgWbXIxjYDqWZzbzqCmGNY9gEyXd8FdpI3tn4pqwddmFG
Yc4uyfKGE3PEgrhhDWtYEyCtkfxSiUw5V+1ta1Ud55R5UkyFDeFxgxf6qgJcYusg
UDrRX4nl1Ab28eVmjFncwJQVZeA4MTsvKChsgel/yPHUZDKYLCZ+do5/bDEz7Dxf
pRJAqJV1jc/2cYBRVZ1T9Ekwv0Sr6psAsQePcKxv2Re5xwUSP9Eo+O13yAQD7W+6
6IaEj0ovu+SsICrSmSMnwZ9xCJ8uV3/IiaySyDGyYyMU+SojklbATSiI0QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPSTEtRuRa30v4sZXiVG8onWMVgeMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvOUpNUzFHNUZyZlNfaXhsZUpVYnlpZFl4V0I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWS4KAwQA
XXI9AwQBuVG0AwQAuVG3AwQBw/LyMA0GCSqGSIb3DQEBCwUAA4IBAQBsNPoEqu0z
r4IPYzopXT6FBlL5ub0TITUsQeHB3pXIc/Gv2468jVxQACuPJDdT/EsfWOeL2sQZ
Nd0alQt/mvRTgC00HmutuwX/48gbv/0oyV/iw3zboYLzReGRjOBwz0aaHUblC4no
+PDfglmZHVE4IyFbfAo6HnNv7CKKYuHZDmNnA8YygVWC11som6eTixdneo/EyICJ
NyBtn673ryMqL4xraLqKj7OX6yGhlFqnFqgYFwxDvldLH7Jx1chi2TOX7iZLXLer
0GgJAc6vciMZoLnS/ZGruO2JgCmYJSyQa7nneOCHj8lxyLm5oHESwICBSMGdOU9y
nOogiQiUO2Yt
-----END CERTIFICATE-----
Generated at Wed Apr 10 21:58:05 2024 by rpki-client on console.sobornost.net