Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/XJPFGa5Sb1qJcAE6hhewjB7OHE4.roa
File: XJPFGa5Sb1qJcAE6hhewjB7OHE4.roa (raw, json)
Hash identifier: GpL56AkX1ir5hJCnSPPjF+wHpXV7Omc+5gY4uRrwRpo=
Subject key identifier: 5C:93:C5:19:AE:52:6F:5A:89:70:01:3A:86:17:B0:8C:1E:CE:1C:4E
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 018FB7A396D87B8839F76D2327B00DEE61F5
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/XJPFGa5Sb1qJcAE6hhewjB7OHE4.roa
Signing time: Mon 27 May 2024 01:21:42 +0000
ROA not before: Mon 27 May 2024 01:21:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.46.10.0/24 maxlen: 24
89.46.11.0/24 maxlen: 24
93.114.61.0/24 maxlen: 24
185.81.180.0/23 maxlen: 23
185.81.180.0/24 maxlen: 24
185.81.181.0/24 maxlen: 24
185.81.183.0/24 maxlen: 24
195.242.242.0/24 maxlen: 24
195.242.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Jun 2024 20:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b7:a3:96:d8:7b:88:39:f7:6d:23:27:b0:0d:ee:61:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: May 27 01:21:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c93c519ae526f5a8970013a8617b08c1ece1c4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:35:83:56:40:b8:1f:3a:23:9d:41:90:82:2c:
83:2c:d3:ea:74:1c:e4:d3:26:97:92:5b:8a:af:a7:
af:4f:8a:e8:4d:2f:27:04:d6:05:7e:f7:1d:c7:96:
93:83:a7:74:00:bf:45:37:02:13:0f:17:62:00:06:
69:17:bf:9a:65:69:ad:40:72:64:f8:af:2d:3e:ab:
e9:28:73:11:4b:42:f7:f0:7c:71:db:06:79:50:cd:
3d:c5:48:ce:72:0b:1c:2a:1a:24:1b:b7:cc:2e:21:
bb:9e:81:2d:6e:70:40:fb:13:e1:0c:d1:e0:b4:6d:
bd:93:3c:83:6c:93:6c:83:c5:24:78:39:5d:5a:09:
80:f9:4b:90:48:4b:10:c9:66:ea:de:b1:cd:2d:18:
bf:5a:92:5f:a2:7e:f5:92:83:60:ff:2e:6c:68:38:
f2:0f:34:e0:12:64:5a:4d:eb:3a:f8:fc:e1:b1:bf:
21:d3:ea:2d:26:8a:3b:38:76:2b:e7:fe:30:82:65:
d3:e7:28:99:62:b0:cf:b2:75:ef:e5:b8:54:5c:3b:
4f:3e:33:e5:71:82:45:ce:d1:1c:4a:58:37:41:95:
f7:0a:cc:38:66:fe:31:2e:55:50:a0:d5:34:ea:25:
1a:f6:e5:4f:13:1e:17:90:b1:34:d1:fd:ab:d3:b7:
ad:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:93:C5:19:AE:52:6F:5A:89:70:01:3A:86:17:B0:8C:1E:CE:1C:4E
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/XJPFGa5Sb1qJcAE6hhewjB7OHE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.10.0/23
93.114.61.0/24
185.81.180.0/23
185.81.183.0/24
195.242.242.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:3d:e1:d4:63:b6:6e:6f:75:d7:e1:a2:33:ab:09:1c:01:9c:
08:e0:19:30:fc:fb:4e:0e:10:18:5e:d6:2d:a1:dc:26:d9:f3:
ab:90:ca:3f:13:50:bd:b2:9f:f8:50:b2:09:ba:02:bf:23:ac:
5b:c8:ff:99:bc:6f:9c:75:ef:22:e2:53:2b:c2:6f:ef:05:4e:
74:bb:95:df:c9:ca:0b:06:9b:db:de:5c:0d:ce:50:e0:57:d1:
65:d5:02:05:b6:9e:f1:96:d4:8a:45:1e:93:7c:e8:9b:70:75:
da:9a:46:e8:b5:49:c9:f3:e8:75:e4:67:38:29:fd:08:6a:7a:
3a:69:a6:72:01:ba:b8:35:ef:36:2c:e7:08:6a:9a:d2:bb:76:
aa:d6:30:47:cb:c2:b0:64:2d:89:87:1c:1f:c6:7d:d0:b3:2a:
f4:ab:b4:d0:e8:f6:71:fd:5e:b7:b2:a1:c5:a4:fd:0a:ae:4b:
32:80:4c:21:70:67:5d:eb:e5:96:07:1b:cc:99:b4:42:a6:1b:
13:6d:2e:68:7c:8b:a2:e3:ae:29:8b:17:25:8c:72:1c:a7:6f:
18:26:7f:b3:a4:0f:7c:bb:00:e1:90:0d:bb:79:96:a8:b6:3b:
01:a8:56:3d:3e:1d:6a:97:39:79:da:cb:d7:eb:f9:c2:c6:0b:
73:d4:e1:4f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY+3o5bYe4g5920jJ7AN7mH1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjQwNTI3MDEyMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzkzYzUxOWFlNTI2ZjVhODk3MDAxM2E4NjE3YjA4YzFlY2UxYzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDWDVkC4HzojnUGQgiyDLNPqdBzk
0yaXkluKr6evT4roTS8nBNYFfvcdx5aTg6d0AL9FNwITDxdiAAZpF7+aZWmtQHJk
+K8tPqvpKHMRS0L38Hxx2wZ5UM09xUjOcgscKhokG7fMLiG7noEtbnBA+xPhDNHg
tG29kzyDbJNsg8UkeDldWgmA+UuQSEsQyWbq3rHNLRi/WpJfon71koNg/y5saDjy
DzTgEmRaTes6+Pzhsb8h0+otJoo7OHYr5/4wgmXT5yiZYrDPsnXv5bhUXDtPPjPl
cYJFztEcSlg3QZX3Csw4Zv4xLlVQoNU06iUa9uVPEx4XkLE00f2r07et7QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFyTxRmuUm9aiXABOoYXsIwezhxOMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvWEpQRkdhNVNiMXFKY0FFNmhoZXdqQjdPSEU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBWS4KAwQA
XXI9AwQBuVG0AwQAuVG3AwQBw/LyMA0GCSqGSIb3DQEBCwUAA4IBAQCOPeHUY7Zu
b3XX4aIzqwkcAZwI4Bkw/PtODhAYXtYtodwm2fOrkMo/E1C9sp/4ULIJugK/I6xb
yP+ZvG+cde8i4lMrwm/vBU50u5XfycoLBpvb3lwNzlDgV9Fl1QIFtp7xltSKRR6T
fOibcHXamkbotUnJ8+h15Gc4Kf0Iano6aaZyAbq4Ne82LOcIaprSu3aq1jBHy8Kw
ZC2Jhxwfxn3Qsyr0q7TQ6PZx/V63sqHFpP0KrksygEwhcGdd6+WWBxvMmbRCphsT
bS5ofIui464pixcljHIcp28YJn+zpA98uwDhkA27eZaotjsBqFY9Ph1qlzl52svX
6/nCxgtz1OFP
-----END CERTIFICATE-----
Generated at Wed Jun 19 07:20:08 2024 by rpki-client on console.sobornost.net