Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/XYnMvx8MQNSq3mZADDZBvuzUv2w.roa
File: XYnMvx8MQNSq3mZADDZBvuzUv2w.roa (raw, json)
Hash identifier: IhKX9SvYj9a02T9MIzUHRGvVET5lD0euyvj58M2Bd2Q=
Subject key identifier: 5D:89:CC:BF:1F:0C:40:D4:AA:DE:66:40:0C:36:41:BE:EC:D4:BF:6C
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018810FBFC5BD4C44A97C1659B570300AC65
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/XYnMvx8MQNSq3mZADDZBvuzUv2w.roa
Signing time: Fri 12 May 2023 17:22:09 +0000
ROA not before: Fri 12 May 2023 17:22:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 17 May 2023 08:56:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:10:fb:fc:5b:d4:c4:4a:97:c1:65:9b:57:03:00:ac:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: May 12 17:22:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d89ccbf1f0c40d4aade66400c3641beecd4bf6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:42:71:fc:e1:9f:7a:86:fe:9f:15:4f:b6:d3:
8b:86:74:ea:2e:94:5c:80:5f:db:7a:d0:fd:2c:b6:
e4:e7:8b:16:f5:b4:3a:87:b0:6f:c5:04:01:10:7b:
cb:c9:84:66:61:ed:50:3b:42:b3:90:19:83:ed:4d:
45:0a:fd:16:03:a2:b3:ae:1f:ec:1a:91:73:5c:14:
e3:09:c8:3a:7f:18:e9:8e:8c:d5:37:cc:bc:1f:6e:
64:62:2e:bf:28:63:84:5d:8f:47:24:65:6b:54:85:
af:50:e7:51:50:a2:9a:61:ec:58:54:50:83:0e:38:
c0:ee:cc:e1:86:bc:d0:65:19:f9:3a:58:0a:38:cf:
73:e4:f1:ce:1a:34:a2:fd:41:1b:0f:a4:4d:06:e5:
ff:21:8c:74:7e:ab:e8:f2:5f:ac:d8:78:19:a3:83:
ec:3a:5a:90:89:08:7a:fc:d2:3c:f8:3c:bf:e8:33:
fb:9a:53:e5:57:19:eb:c4:58:bf:b8:7d:cd:5d:c8:
19:24:e6:4e:51:71:52:e6:de:63:fc:8b:3e:05:2d:
fe:d6:a6:88:a4:54:2b:ab:86:59:20:5e:8c:9a:96:
fd:49:5a:70:46:dc:a3:50:03:25:b2:ec:0b:a8:0e:
c5:60:f1:a7:cc:49:5c:c8:2e:bb:a8:6e:41:d6:62:
09:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:89:CC:BF:1F:0C:40:D4:AA:DE:66:40:0C:36:41:BE:EC:D4:BF:6C
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/XYnMvx8MQNSq3mZADDZBvuzUv2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:c0:eb:5e:4e:05:ac:fd:8c:0d:7f:ab:95:f1:e1:5a:b5:60:
79:81:39:10:57:39:05:62:e6:0b:0e:f1:b2:bd:59:68:3c:77:
45:29:76:d1:97:3a:7e:1f:d8:39:b7:12:54:95:7b:1d:7e:e4:
6e:33:3f:c5:fe:3e:46:c0:72:96:f9:30:4b:4a:bc:e5:12:0c:
d0:b8:0e:2b:24:04:ab:83:bb:6d:8b:b9:73:3b:9a:9f:99:31:
92:e0:88:da:a0:6c:f9:2e:da:a9:94:b2:4d:33:d9:d4:3b:99:
d7:df:1b:a2:ce:f0:47:37:bd:9c:ee:13:fe:73:37:32:bc:d0:
c1:30:59:b5:11:3b:b6:88:e8:d2:21:79:59:9d:03:a4:eb:0d:
fa:16:b6:27:26:44:95:79:45:7b:e5:7b:49:c2:64:3e:3d:92:
c2:5e:95:fe:1c:53:50:c0:5a:f1:b3:c9:78:14:57:f1:42:9b:
f9:90:9d:45:00:eb:84:3b:f4:52:ab:86:39:49:42:63:e4:a5:
17:a6:32:b1:74:44:81:34:3c:b7:b3:97:24:7b:65:c1:ca:ae:
6c:6b:4a:42:f4:5f:b1:c4:a9:8e:3f:a1:40:34:19:10:a8:a8:
da:ef:f2:9e:35:40:a2:3f:f7:0f:84:4e:13:1b:50:43:eb:a1:
52:20:f0:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgQ+/xb1MRKl8Flm1cDAKxlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNTEyMTcyMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDg5Y2NiZjFmMGM0MGQ0YWFkZTY2NDAwYzM2NDFiZWVjZDRiZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUJx/OGfeob+nxVPttOLhnTqLpRc
gF/betD9LLbk54sW9bQ6h7BvxQQBEHvLyYRmYe1QO0KzkBmD7U1FCv0WA6Kzrh/s
GpFzXBTjCcg6fxjpjozVN8y8H25kYi6/KGOEXY9HJGVrVIWvUOdRUKKaYexYVFCD
DjjA7szhhrzQZRn5OlgKOM9z5PHOGjSi/UEbD6RNBuX/IYx0fqvo8l+s2HgZo4Ps
OlqQiQh6/NI8+Dy/6DP7mlPlVxnrxFi/uH3NXcgZJOZOUXFS5t5j/Is+BS3+1qaI
pFQrq4ZZIF6Mmpb9SVpwRtyjUAMlsuwLqA7FYPGnzElcyC67qG5B1mIJjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF2JzL8fDEDUqt5mQAw2Qb7s1L9sMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvWFluTXZ4OE1RTlNxM21aQUREWkJ2dXpVdjJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWbkAMA0G
CSqGSIb3DQEBCwUAA4IBAQB/wOteTgWs/YwNf6uV8eFatWB5gTkQVzkFYuYLDvGy
vVloPHdFKXbRlzp+H9g5txJUlXsdfuRuMz/F/j5GwHKW+TBLSrzlEgzQuA4rJASr
g7tti7lzO5qfmTGS4IjaoGz5LtqplLJNM9nUO5nX3xuizvBHN72c7hP+czcyvNDB
MFm1ETu2iOjSIXlZnQOk6w36FrYnJkSVeUV75XtJwmQ+PZLCXpX+HFNQwFrxs8l4
FFfxQpv5kJ1FAOuEO/RSq4Y5SUJj5KUXpjKxdESBNDy3s5cke2XByq5sa0pC9F+x
xKmOP6FANBkQqKja7/KeNUCiP/cPhE4TG1BD66FSIPD5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org