Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/1psxUVBvciG02-yHRzDAwmYtA60.roa
File: 1psxUVBvciG02-yHRzDAwmYtA60.roa (raw, json)
Hash identifier: fQabjU8FVRIuRWLbjzzv4Pvw565N98bhm3xxYGHdpHA=
Subject key identifier: D6:9B:31:51:50:6F:72:21:B4:DB:EC:87:47:30:C0:C2:66:2D:03:AD
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 01856C6EFB7DB1828A6FCA76973CEC8BDCAD
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/1psxUVBvciG02-yHRzDAwmYtA60.roa
Signing time: Sun 01 Jan 2023 08:24:50 +0000
ROA not before: Sun 01 Jan 2023 08:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56458
IP address blocks: 89.40.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:fb:7d:b1:82:8a:6f:ca:76:97:3c:ec:8b:dc:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 1 08:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d69b3151506f7221b4dbec874730c0c2662d03ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:de:53:d6:06:99:00:6b:0c:75:00:1a:62:a7:
06:ad:00:fc:30:2a:49:46:2b:a2:19:37:33:bc:45:
dc:d2:22:06:02:41:71:8d:72:3e:08:89:fd:cb:24:
a8:81:2c:4f:8d:c4:df:0a:1c:b5:68:79:e3:4c:83:
01:59:2a:a1:8c:51:14:0e:6e:a0:22:d6:b4:d4:f3:
22:e1:71:0d:ee:bf:d1:b4:55:71:9a:7b:27:c4:46:
41:73:4e:7b:87:31:d7:18:4b:d8:77:4c:f4:06:31:
e9:7b:90:49:f9:05:3c:3e:98:6f:5e:a3:aa:25:34:
cd:7d:55:49:e5:8b:c4:70:33:fa:51:82:93:af:24:
f6:ea:a9:7e:c2:a0:b2:75:f2:7f:71:24:68:b5:f9:
c0:e4:99:42:18:f1:7f:0d:30:d2:4c:a8:41:15:71:
17:f1:56:e8:ca:57:77:6e:5e:9d:8e:13:22:50:61:
c5:db:a0:ba:dc:8b:53:42:fb:33:98:64:b2:19:92:
de:97:a8:22:a8:44:be:fe:aa:8f:25:90:42:c1:10:
2a:a9:f3:32:45:ce:d3:d4:21:f9:b5:e9:98:bf:83:
5b:c6:6e:b2:c8:9d:e5:87:8e:7a:11:8d:8c:91:ee:
c0:73:ee:c8:a3:25:89:92:20:dc:1e:96:d1:93:fe:
d0:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:9B:31:51:50:6F:72:21:B4:DB:EC:87:47:30:C0:C2:66:2D:03:AD
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/1psxUVBvciG02-yHRzDAwmYtA60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.224.0/24
Signature Algorithm: sha256WithRSAEncryption
72:13:2d:e6:0f:3f:95:ff:15:41:14:bc:41:4b:f1:4c:b9:25:
52:a3:d1:1a:50:f5:43:31:d7:8b:3f:5c:72:b4:8f:d6:d5:c0:
0d:d7:c0:bd:6a:dd:63:ac:6d:ce:e4:53:eb:25:5f:7e:65:22:
3e:30:34:a1:c8:6e:c1:7b:9d:3c:67:26:6f:3c:09:2f:20:34:
4b:47:00:14:73:47:63:10:e6:49:45:18:4c:e5:31:1e:a5:7b:
38:52:bb:33:73:ca:18:c2:31:f4:5e:5d:0c:ff:ec:e4:1f:32:
f4:5d:e6:b9:2d:8a:a6:49:1d:58:56:5c:81:6c:a8:f3:e9:ad:
8a:7c:01:4f:2b:19:1d:12:b4:fd:64:ab:a5:89:53:9a:09:ac:
11:e3:25:19:76:a3:df:74:9f:ec:6a:dd:b1:6a:e0:6d:67:fc:
24:10:bf:d6:e6:bc:f2:c6:e4:10:65:7d:15:6e:ab:38:0d:45:
be:b0:a6:cf:43:5a:39:e9:3a:a9:5a:6d:a0:66:39:2a:db:5f:
3b:a1:cb:75:05:20:4d:0a:83:f1:61:26:c6:83:df:98:84:ac:
5e:26:3a:d1:05:6b:5f:20:60:0b:0b:cb:82:6a:db:df:1d:1d:
fa:11:fe:20:8f:3f:23:b7:55:6d:1b:5d:75:78:a5:84:72:8e:
16:14:ff:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsbvt9sYKKb8p2lzzsi9ytMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjMwMTAxMDgyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjliMzE1MTUwNmY3MjIxYjRkYmVjODc0NzMwYzBjMjY2MmQwM2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqt5T1gaZAGsMdQAaYqcGrQD8MCpJ
RiuiGTczvEXc0iIGAkFxjXI+CIn9yySogSxPjcTfChy1aHnjTIMBWSqhjFEUDm6g
Ita01PMi4XEN7r/RtFVxmnsnxEZBc057hzHXGEvYd0z0BjHpe5BJ+QU8PphvXqOq
JTTNfVVJ5YvEcDP6UYKTryT26ql+wqCydfJ/cSRotfnA5JlCGPF/DTDSTKhBFXEX
8Vboyld3bl6djhMiUGHF26C63ItTQvszmGSyGZLel6giqES+/qqPJZBCwRAqqfMy
Rc7T1CH5temYv4Nbxm6yyJ3lh456EY2Mke7Ac+7IoyWJkiDcHpbRk/7Q+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNabMVFQb3IhtNvsh0cwwMJmLQOtMB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvMXBzeFVWQnZjaUcwMi15SFJ6REF3bVl0QTYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSjgMA0G
CSqGSIb3DQEBCwUAA4IBAQByEy3mDz+V/xVBFLxBS/FMuSVSo9EaUPVDMdeLP1xy
tI/W1cAN18C9at1jrG3O5FPrJV9+ZSI+MDShyG7Be508ZyZvPAkvIDRLRwAUc0dj
EOZJRRhM5TEepXs4Urszc8oYwjH0Xl0M/+zkHzL0Xea5LYqmSR1YVlyBbKjz6a2K
fAFPKxkdErT9ZKuliVOaCawR4yUZdqPfdJ/sat2xauBtZ/wkEL/W5rzyxuQQZX0V
bqs4DUW+sKbPQ1o56TqpWm2gZjkq2187oct1BSBNCoPxYSbGg9+YhKxeJjrRBWtf
IGALC8uCatvfHR36Ef4gjz8jt1VtG111eKWEco4WFP/x
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:14 2024 by rpki-client on console-fra.rpki-client.org