Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/a94992-566b-4b6f-a689-a57604a3f6bb/1/98RbPWNqm4g4Gu-lFO6Y3QNTfog.roa
File: 98RbPWNqm4g4Gu-lFO6Y3QNTfog.roa (raw, json)
Hash identifier: tpoR9ueumcIiiFP+JKeeKnOegKyesf53Y7Rgb2W2iHg=
Subject key identifier: F7:C4:5B:3D:63:6A:9B:88:38:1A:EF:A5:14:EE:98:DD:03:53:7E:88
Certificate issuer: /CN=b8c8aa18730f4a83e2852c5692551abb5b1ee7ea
Certificate serial: 018BDCF31C06C4EF4AAF9B9DB46548BE65CD
Authority key identifier: B8:C8:AA:18:73:0F:4A:83:E2:85:2C:56:92:55:1A:BB:5B:1E:E7:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uMiqGHMPSoPihSxWklUau1se5-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/a94992-566b-4b6f-a689-a57604a3f6bb/1/98RbPWNqm4g4Gu-lFO6Y3QNTfog.roa
Signing time: Fri 17 Nov 2023 11:03:21 +0000
ROA not before: Fri 17 Nov 2023 11:03:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216050
IP address blocks: 89.38.41.0/24 maxlen: 24
89.38.44.0/24 maxlen: 24
89.38.46.0/24 maxlen: 24
89.38.47.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dc:f3:1c:06:c4:ef:4a:af:9b:9d:b4:65:48:be:65:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8c8aa18730f4a83e2852c5692551abb5b1ee7ea
Validity
Not Before: Nov 17 11:03:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7c45b3d636a9b88381aefa514ee98dd03537e88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:33:6a:9f:f8:e5:a8:4f:08:19:29:5f:23:16:
8c:35:e9:dd:8d:f2:59:f7:7e:d1:12:18:21:da:5d:
2d:ed:b8:55:40:ae:a4:56:55:b5:0c:33:d5:97:2f:
5a:a7:5b:ab:ff:0a:5d:83:23:ac:71:34:a1:53:19:
df:de:f9:a2:fd:f2:16:97:b1:46:95:22:f6:6a:d2:
5f:f8:5b:2f:49:6f:11:0a:9f:be:41:2b:e4:84:72:
f4:22:49:09:bd:62:ef:1a:b4:d3:dc:a1:05:7d:56:
a1:d1:ea:b8:64:12:43:a2:65:4e:a5:83:e3:16:07:
bf:7d:26:79:92:17:0a:f8:67:78:09:32:70:15:0d:
b2:ba:32:5f:55:20:e6:e7:71:5d:2a:27:2f:6b:3f:
00:5f:29:7d:25:6a:c9:3f:52:b7:0e:80:6d:f0:8b:
26:c7:73:b7:63:aa:d2:18:6d:7f:ec:36:58:bf:24:
34:93:4d:60:cd:31:7a:c7:3a:62:72:eb:1f:03:43:
9c:ae:42:4d:36:da:b1:bf:3a:c2:65:ac:ca:81:4c:
c4:84:ec:4d:be:94:a7:9c:6d:c1:ce:13:73:21:53:
df:31:31:83:b9:0f:49:cb:11:54:d5:e7:64:f1:1d:
73:dc:c0:08:84:57:97:fe:95:fc:a8:70:4d:e4:5c:
87:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:C4:5B:3D:63:6A:9B:88:38:1A:EF:A5:14:EE:98:DD:03:53:7E:88
X509v3 Authority Key Identifier:
keyid:B8:C8:AA:18:73:0F:4A:83:E2:85:2C:56:92:55:1A:BB:5B:1E:E7:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uMiqGHMPSoPihSxWklUau1se5-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a94992-566b-4b6f-a689-a57604a3f6bb/1/98RbPWNqm4g4Gu-lFO6Y3QNTfog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a94992-566b-4b6f-a689-a57604a3f6bb/1/uMiqGHMPSoPihSxWklUau1se5-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.41.0/24
89.38.44.0/24
89.38.46.0/23
Signature Algorithm: sha256WithRSAEncryption
48:22:a0:6b:47:95:e2:f9:bb:98:b1:04:1d:e9:14:3d:a7:30:
13:51:67:eb:f0:c8:0c:93:03:75:35:59:0b:b7:3c:78:8e:c5:
38:5f:b1:57:02:1f:54:95:28:3a:30:c2:30:48:40:d9:ad:1d:
06:14:70:34:bf:10:31:4f:33:07:52:6d:30:9e:71:d1:3b:f9:
65:ce:1f:f9:80:ef:04:63:23:7e:3c:13:e5:45:3d:75:d3:3c:
f1:48:c0:74:17:4e:ef:9b:2b:07:94:5c:e5:a4:5d:e0:20:1e:
65:fc:e0:56:a2:ac:d9:72:a2:b5:49:f2:9d:4c:21:42:8d:26:
69:e9:ce:37:61:e3:dc:55:68:cd:d6:ab:f1:9c:5a:6b:a7:44:
cf:1f:fa:46:2c:11:07:34:8e:80:5a:81:61:d3:d8:d0:d6:b3:
85:c4:f7:bc:a3:b8:a2:4a:f3:0c:ed:12:77:b6:ec:3d:19:93:
f3:33:10:fa:ad:f5:80:36:5b:9e:27:20:ca:f1:4a:19:37:7f:
53:31:95:49:5b:89:e2:d4:d5:6b:2a:74:a0:c5:90:0a:36:e9:
4a:20:86:eb:08:63:ba:1e:27:3f:51:52:0a:84:0c:c4:3e:6f:
64:75:78:b3:e0:68:4b:06:fa:fd:74:8e:43:6e:24:fa:55:5a:
9c:47:03:d5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvc8xwGxO9Kr5udtGVIvmXNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4YzhhYTE4NzMwZjRhODNlMjg1MmM1NjkyNTUxYWJiNWIx
ZWU3ZWEwHhcNMjMxMTE3MTEwMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2M0NWIzZDYzNmE5Yjg4MzgxYWVmYTUxNGVlOThkZDAzNTM3ZTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTNqn/jlqE8IGSlfIxaMNendjfJZ
937REhgh2l0t7bhVQK6kVlW1DDPVly9ap1ur/wpdgyOscTShUxnf3vmi/fIWl7FG
lSL2atJf+FsvSW8RCp++QSvkhHL0IkkJvWLvGrTT3KEFfVah0eq4ZBJDomVOpYPj
Fge/fSZ5khcK+Gd4CTJwFQ2yujJfVSDm53FdKicvaz8AXyl9JWrJP1K3DoBt8Ism
x3O3Y6rSGG1/7DZYvyQ0k01gzTF6xzpicusfA0OcrkJNNtqxvzrCZazKgUzEhOxN
vpSnnG3BzhNzIVPfMTGDuQ9JyxFU1edk8R1z3MAIhFeX/pX8qHBN5FyHXwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPfEWz1japuIOBrvpRTumN0DU36IMB8GA1UdIwQY
MBaAFLjIqhhzD0qD4oUsVpJVGrtbHufqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU1pcUdITVBTb1BpaFN4V2tsVWF1MXNlNS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9hOTQ5OTItNTY2Yi00YjZmLWE2ODkt
YTU3NjA0YTNmNmJiLzEvOThSYlBXTnFtNGc0R3UtbEZPNlkzUU5UZm9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9hOTQ5OTItNTY2Yi00YjZmLWE2ODktYTU3NjA0YTNmNmJi
LzEvdU1pcUdITVBTb1BpaFN4V2tsVWF1MXNlNS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSYpAwQA
WSYsAwQBWSYuMA0GCSqGSIb3DQEBCwUAA4IBAQBIIqBrR5Xi+buYsQQd6RQ9pzAT
UWfr8MgMkwN1NVkLtzx4jsU4X7FXAh9UlSg6MMIwSEDZrR0GFHA0vxAxTzMHUm0w
nnHRO/llzh/5gO8EYyN+PBPlRT110zzxSMB0F07vmysHlFzlpF3gIB5l/OBWoqzZ
cqK1SfKdTCFCjSZp6c43YePcVWjN1qvxnFprp0TPH/pGLBEHNI6AWoFh09jQ1rOF
xPe8o7iiSvMM7RJ3tuw9GZPzMxD6rfWANlueJyDK8UoZN39TMZVJW4ni1NVrKnSg
xZAKNulKIIbrCGO6Hic/UVIKhAzEPm9kdXiz4GhLBvr9dI5DbiT6VVqcRwPV
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:01 2023 by rpki-client on console.sobornost.net