Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/F0aXnpsVHdFbwtw7UVyZgVieZsk.roa
File: F0aXnpsVHdFbwtw7UVyZgVieZsk.roa (raw, json)
Hash identifier: sZdLwvuwC2iQSUZmlagDKqkVQYxeI6K8rs+NdGzuCN8=
Subject key identifier: 17:46:97:9E:9B:15:1D:D1:5B:C2:DC:3B:51:5C:99:81:58:9E:66:C9
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018BBE513E3806E5C6070FC41A0B0E6E6FE7
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/F0aXnpsVHdFbwtw7UVyZgVieZsk.roa
Signing time: Sat 11 Nov 2023 12:17:57 +0000
ROA not before: Sat 11 Nov 2023 12:17:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 19 Nov 2023 10:16:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:be:51:3e:38:06:e5:c6:07:0f:c4:1a:0b:0e:6e:6f:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Nov 11 12:17:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1746979e9b151dd15bc2dc3b515c9981589e66c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:3c:13:68:d5:a9:de:6f:ac:5e:ec:36:63:dd:
70:09:a9:41:c3:4d:92:95:1e:16:9d:6e:97:b6:5e:
96:8e:55:99:e3:90:0c:5e:2c:f7:b3:90:a0:87:45:
93:23:e8:5d:64:27:96:3f:d3:37:9e:c2:f6:82:2b:
a0:c6:00:80:fc:7d:45:12:4a:b0:29:3a:97:e8:0e:
30:82:6d:f4:8b:7a:f7:81:ba:dc:2c:b0:6f:4f:ba:
04:d3:af:70:5c:70:88:66:80:91:21:82:d2:d6:b7:
55:29:f2:91:94:cc:e3:8b:90:17:67:1c:da:63:92:
10:7c:8e:4e:81:05:58:25:86:73:cf:ba:7d:e4:76:
65:ac:49:50:13:f7:70:b6:7f:f4:44:68:6b:5c:d6:
34:e9:f4:d3:88:fc:5c:86:46:a6:c5:50:5a:2c:2c:
9b:44:67:8c:c9:08:be:cd:dc:71:44:dc:46:18:24:
5b:a9:06:ef:60:06:7e:40:ae:b2:ad:50:f6:6b:d4:
36:b5:e5:a8:83:07:f5:f5:c9:ab:e5:c2:46:eb:b8:
72:db:c2:59:be:01:a2:8f:49:58:d4:bd:dd:ac:d0:
4f:e8:b2:0c:8f:87:6c:ba:e4:c8:2d:3c:de:8f:59:
27:ed:cb:24:37:7e:a3:07:0e:3b:e0:8f:c0:00:c8:
08:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:46:97:9E:9B:15:1D:D1:5B:C2:DC:3B:51:5C:99:81:58:9E:66:C9
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/F0aXnpsVHdFbwtw7UVyZgVieZsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:70:f6:83:ec:db:27:2b:f9:f0:7a:e0:da:32:83:46:e5:71:
51:c9:09:c3:69:b3:c0:5a:9a:a2:10:e3:84:48:ac:3c:98:42:
85:d3:dc:4d:0b:71:3f:04:dc:a1:2d:ca:0b:63:67:bd:d7:d0:
9e:3a:25:07:9a:fe:52:48:69:13:45:51:68:d8:bb:81:ca:24:
4f:46:ac:11:0b:6b:c5:e3:cd:1f:bc:67:b6:24:56:f9:35:51:
02:e5:1f:e4:22:f6:43:1c:32:7d:b6:67:c8:a7:f0:d8:66:4a:
37:57:5a:2b:8c:4e:cd:71:63:c7:1e:dd:7d:1e:f3:f1:33:41:
21:69:32:b2:38:eb:c1:e5:6f:36:77:00:4c:01:d6:7e:b2:da:
6d:56:6d:61:39:5f:b7:fd:2b:39:9d:b5:c7:9a:91:b4:ae:ec:
b8:49:66:2a:4c:f7:01:30:91:ae:c8:95:f0:ff:26:7e:8b:a3:
21:1a:52:53:3c:a4:8f:46:82:22:f5:67:ba:69:6b:2c:5c:a0:
97:73:2c:02:cb:a2:17:92:8d:a9:ba:e1:2f:56:88:8f:4f:33:
83:aa:b4:46:ee:cd:9e:6c:93:a5:55:6a:c7:c2:5b:34:42:ee:
94:56:77:73:94:01:34:c2:ff:78:15:d0:28:2f:b4:28:cb:44:
b8:0d:4b:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYu+UT44BuXGBw/EGgsObm/nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMTExMTIxNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzQ2OTc5ZTliMTUxZGQxNWJjMmRjM2I1MTVjOTk4MTU4OWU2NmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTwTaNWp3m+sXuw2Y91wCalBw02S
lR4WnW6Xtl6WjlWZ45AMXiz3s5Cgh0WTI+hdZCeWP9M3nsL2giugxgCA/H1FEkqw
KTqX6A4wgm30i3r3gbrcLLBvT7oE069wXHCIZoCRIYLS1rdVKfKRlMzji5AXZxza
Y5IQfI5OgQVYJYZzz7p95HZlrElQE/dwtn/0RGhrXNY06fTTiPxchkamxVBaLCyb
RGeMyQi+zdxxRNxGGCRbqQbvYAZ+QK6yrVD2a9Q2teWogwf19cmr5cJG67hy28JZ
vgGij0lY1L3drNBP6LIMj4dsuuTILTzej1kn7cskN36jBw474I/AAMgINwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBdGl56bFR3RW8LcO1FcmYFYnmbJMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvRjBhWG5wc1ZIZEZid3R3N1VWeVpnVmllWnNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWbkAAwQC
bUh0MA0GCSqGSIb3DQEBCwUAA4IBAQCKcPaD7NsnK/nweuDaMoNG5XFRyQnDabPA
WpqiEOOESKw8mEKF09xNC3E/BNyhLcoLY2e919CeOiUHmv5SSGkTRVFo2LuByiRP
RqwRC2vF480fvGe2JFb5NVEC5R/kIvZDHDJ9tmfIp/DYZko3V1orjE7NcWPHHt19
HvPxM0EhaTKyOOvB5W82dwBMAdZ+stptVm1hOV+3/Ss5nbXHmpG0ruy4SWYqTPcB
MJGuyJXw/yZ+i6MhGlJTPKSPRoIi9We6aWssXKCXcywCy6IXko2puuEvVoiPTzOD
qrRG7s2ebJOlVWrHwls0Qu6UVndzlAE0wv94FdAoL7Qoy0S4DUuY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org