Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/995fbd-91fb-43bb-8f26-cd4bd44275c5/1/omaMy0w7s1XbVaRrDPIueqV-a9E.roa
File: omaMy0w7s1XbVaRrDPIueqV-a9E.roa (raw, json)
Hash identifier: MYO93t+ieTzBVJNB9bjkUVmn1xsknm2xmicHE+Idkao=
Subject key identifier: A2:66:8C:CB:4C:3B:B3:55:DB:55:A4:6B:0C:F2:2E:7A:A5:7E:6B:D1
Certificate issuer: /CN=b53005619688efbaffd06e108a43bdf20643e0d6
Certificate serial: 018CCA2B3A709044CCFEC7EDBE4F7427249F
Authority key identifier: B5:30:05:61:96:88:EF:BA:FF:D0:6E:10:8A:43:BD:F2:06:43:E0:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tTAFYZaI77r_0G4QikO98gZD4NY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/995fbd-91fb-43bb-8f26-cd4bd44275c5/1/omaMy0w7s1XbVaRrDPIueqV-a9E.roa
Signing time: Tue 02 Jan 2024 12:34:39 +0000
ROA not before: Tue 02 Jan 2024 12:34:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39759
IP address blocks: 89.186.32.0/20 maxlen: 20
89.186.32.0/19 maxlen: 19
89.186.43.0/24 maxlen: 24
89.186.42.0/24 maxlen: 24
89.186.48.0/20 maxlen: 20
Validation: Failed, certificate revoked on Tue 09 Jan 2024 15:56:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:3a:70:90:44:cc:fe:c7:ed:be:4f:74:27:24:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b53005619688efbaffd06e108a43bdf20643e0d6
Validity
Not Before: Jan 2 12:34:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2668ccb4c3bb355db55a46b0cf22e7aa57e6bd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e4:fe:a2:64:c8:21:af:9f:c6:ab:08:99:87:
3a:e0:00:8c:6d:c8:fa:22:58:22:59:0a:61:03:c9:
17:8c:c9:f9:d8:6e:93:ad:d7:f6:1e:4d:2e:8c:9c:
86:ee:2d:9d:20:df:42:4c:db:5d:91:94:4c:b0:57:
61:7a:d0:81:bb:43:fe:55:a1:5f:2b:f0:88:11:88:
cd:6f:75:36:09:2c:30:69:1d:e4:9d:1a:52:52:1c:
42:67:01:22:32:c9:5f:14:8d:c1:95:e6:b5:4d:26:
32:78:0f:18:cb:cc:2e:22:03:30:0d:a8:d4:73:35:
42:4a:34:98:1c:db:ae:33:cb:91:61:a3:da:e8:4a:
73:a8:b2:4a:1b:2d:b9:e2:8b:cf:0d:5d:2b:87:d2:
8f:2f:ad:aa:43:45:96:33:6c:83:47:ee:8b:30:1e:
5e:7a:39:79:c1:2c:4f:b4:21:64:d1:af:1e:58:45:
ba:3a:58:fd:5c:cd:86:b8:38:5d:fa:fc:21:ff:09:
fc:f0:e9:6a:14:bf:d1:b0:68:08:ac:c3:28:e4:cd:
cf:2d:09:b3:45:67:a9:da:e8:98:61:32:f2:e9:6e:
b6:f6:c2:63:af:98:a2:2a:3c:b0:eb:6d:8a:3a:d8:
22:0f:a4:8c:93:dc:eb:48:d9:90:64:0e:77:3f:f8:
43:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:66:8C:CB:4C:3B:B3:55:DB:55:A4:6B:0C:F2:2E:7A:A5:7E:6B:D1
X509v3 Authority Key Identifier:
keyid:B5:30:05:61:96:88:EF:BA:FF:D0:6E:10:8A:43:BD:F2:06:43:E0:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTAFYZaI77r_0G4QikO98gZD4NY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/995fbd-91fb-43bb-8f26-cd4bd44275c5/1/omaMy0w7s1XbVaRrDPIueqV-a9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/995fbd-91fb-43bb-8f26-cd4bd44275c5/1/tTAFYZaI77r_0G4QikO98gZD4NY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.186.32.0/19
Signature Algorithm: sha256WithRSAEncryption
68:4c:52:e1:ef:18:29:d5:2e:e7:3b:af:e5:34:57:1e:53:6e:
1e:83:0c:9a:c7:ad:67:51:55:ba:1c:82:3f:d1:3c:fe:d1:be:
14:b4:53:d5:03:12:da:98:9d:f9:c8:78:52:8f:bb:c9:b3:0b:
b5:15:a0:07:5e:4c:58:94:dd:a6:e8:ac:e0:b2:36:ba:d6:02:
6c:e2:e7:ad:9c:a9:9c:f7:6f:ee:00:ca:c1:64:70:38:cc:6e:
95:9d:96:f3:e2:04:38:e7:63:57:4e:e1:12:48:8d:98:c3:4b:
b6:f9:08:af:a0:29:96:dc:66:50:9c:db:5c:7a:f4:dd:e2:87:
cd:fb:97:98:84:e4:20:b8:1b:a3:d7:f4:02:f5:e9:31:72:44:
49:82:06:8a:3e:7b:9a:56:86:1a:62:ba:53:00:2e:0c:67:b7:
19:34:4e:0c:67:71:dc:a7:13:73:5b:2a:f3:12:61:ef:f8:17:
45:42:9c:f5:22:81:6b:a6:2a:75:51:c7:3b:86:e8:66:f2:e8:
b0:07:c7:e4:0e:15:85:9d:2b:d9:17:b9:03:62:d7:c4:78:2c:
1d:95:46:7c:07:05:01:50:8b:e0:44:16:74:a4:f9:89:49:7a:
09:96:8a:6b:39:e5:32:ca:7e:30:39:68:99:36:20:65:52:87:
76:f0:76:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKzpwkETM/sftvk90JySfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MzAwNTYxOTY4OGVmYmFmZmQwNmUxMDhhNDNiZGYyMDY0
M2UwZDYwHhcNMjQwMTAyMTIzNDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjY2OGNjYjRjM2JiMzU1ZGI1NWE0NmIwY2YyMmU3YWE1N2U2YmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+T+omTIIa+fxqsImYc64ACMbcj6
IlgiWQphA8kXjMn52G6Trdf2Hk0ujJyG7i2dIN9CTNtdkZRMsFdhetCBu0P+VaFf
K/CIEYjNb3U2CSwwaR3knRpSUhxCZwEiMslfFI3Blea1TSYyeA8Yy8wuIgMwDajU
czVCSjSYHNuuM8uRYaPa6EpzqLJKGy254ovPDV0rh9KPL62qQ0WWM2yDR+6LMB5e
ejl5wSxPtCFk0a8eWEW6Olj9XM2GuDhd+vwh/wn88OlqFL/RsGgIrMMo5M3PLQmz
RWep2uiYYTLy6W629sJjr5iiKjyw622KOtgiD6SMk9zrSNmQZA53P/hDSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKJmjMtMO7NV21WkawzyLnqlfmvRMB8GA1UdIwQY
MBaAFLUwBWGWiO+6/9BuEIpDvfIGQ+DWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFRBRllaYUk3N3JfMEc0UWlrTzk4Z1pENE5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy85OTVmYmQtOTFmYi00M2JiLThmMjYt
Y2Q0YmQ0NDI3NWM1LzEvb21hTXkwdzdzMVhiVmFSckRQSXVlcVYtYTlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy85OTVmYmQtOTFmYi00M2JiLThmMjYtY2Q0YmQ0NDI3NWM1
LzEvdFRBRllaYUk3N3JfMEc0UWlrTzk4Z1pENE5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFWbogMA0G
CSqGSIb3DQEBCwUAA4IBAQBoTFLh7xgp1S7nO6/lNFceU24egwyax61nUVW6HII/
0Tz+0b4UtFPVAxLamJ35yHhSj7vJswu1FaAHXkxYlN2m6Kzgsja61gJs4uetnKmc
92/uAMrBZHA4zG6VnZbz4gQ452NXTuESSI2Yw0u2+QivoCmW3GZQnNtcevTd4ofN
+5eYhOQguBuj1/QC9ekxckRJggaKPnuaVoYaYrpTAC4MZ7cZNE4MZ3HcpxNzWyrz
EmHv+BdFQpz1IoFrpip1Ucc7huhm8uiwB8fkDhWFnSvZF7kDYtfEeCwdlUZ8BwUB
UIvgRBZ0pPmJSXoJloprOeUyyn4wOWiZNiBlUod28HZi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:14 2024 by rpki-client on console-ams.rpki-client.org