Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Y0Ze0yI-Vu4ygfbph6vj7s4p2YQ.roa
File: Y0Ze0yI-Vu4ygfbph6vj7s4p2YQ.roa (raw, json)
Hash identifier: BSlbBZudvS4Z9ntDUwrkt57/ttbI7Q69a6iNFp73lwg=
Subject key identifier: 63:46:5E:D3:22:3E:56:EE:32:81:F6:E9:87:AB:E3:EE:CE:29:D9:84
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0187518444B3E13E947AED2272DBECB272B9
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Y0Ze0yI-Vu4ygfbph6vj7s4p2YQ.roa
Signing time: Wed 05 Apr 2023 13:03:55 +0000
ROA not before: Wed 05 Apr 2023 13:03:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213305
IP address blocks: 89.185.22.0/24 maxlen: 24
109.72.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 May 2023 04:42:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:51:84:44:b3:e1:3e:94:7a:ed:22:72:db:ec:b2:72:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Apr 5 13:03:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63465ed3223e56ee3281f6e987abe3eece29d984
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f0:02:bc:50:73:23:e6:8d:c0:35:90:7a:44:
c1:ae:d9:1c:52:66:45:fc:63:8b:2a:13:44:33:be:
62:93:14:fe:bf:cb:9b:89:80:1d:bb:00:a1:f0:9f:
35:3c:4d:12:ed:a3:bb:9a:8a:4b:a2:90:ec:d5:27:
08:a1:b8:51:16:ce:6d:01:0a:83:6c:bd:26:4d:86:
72:80:3d:f4:b2:70:7e:6b:78:6d:75:84:f6:c2:99:
b7:e6:8e:07:c2:a5:de:a4:b1:c2:24:c8:a5:e3:22:
f7:d7:ef:fa:1b:18:28:38:4f:b4:d2:36:22:d1:75:
0d:49:77:7b:09:c9:b9:ca:02:64:7a:1f:fb:2b:88:
75:f3:09:78:1d:db:89:f5:eb:29:42:51:b4:70:f6:
93:1c:9a:86:6c:3b:f9:98:4c:2b:f5:7b:10:16:02:
11:0c:5b:b6:b1:24:71:cb:88:79:8d:f7:22:11:9a:
bb:4e:2f:3e:65:d7:cf:3a:7e:e6:d7:dd:2e:71:f4:
3e:3f:65:f4:c5:41:94:2e:da:0d:cf:6b:ef:7b:3b:
b4:c2:54:eb:40:b4:b8:ea:4a:ae:fa:f6:9c:ef:51:
2f:bd:9f:3e:ca:7a:b9:3e:de:e1:a7:5c:34:52:bb:
49:03:80:7e:27:ef:65:c1:f7:68:b1:ea:69:89:69:
5b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:46:5E:D3:22:3E:56:EE:32:81:F6:E9:87:AB:E3:EE:CE:29:D9:84
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Y0Ze0yI-Vu4ygfbph6vj7s4p2YQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.22.0/24
109.72.115.0/24
Signature Algorithm: sha256WithRSAEncryption
69:3f:a1:bf:b5:73:c8:ef:12:36:62:f5:7c:06:c6:cd:11:69:
04:6e:ba:61:d1:a9:77:7d:a1:58:12:a4:93:37:0b:e6:4b:a7:
2f:b1:2a:f0:cd:83:c7:ca:85:65:53:3d:e6:44:3f:c8:a3:61:
f6:a9:9f:68:4e:6f:cc:55:9f:7f:7b:92:48:80:ff:65:9b:67:
ec:83:39:67:ca:54:fd:5c:e2:3e:b8:19:97:4e:a7:9a:3d:2c:
cd:36:9c:ae:7c:55:d2:b7:1a:7b:b5:3e:a2:60:b6:13:ff:ff:
1a:60:a3:d0:a7:2c:0c:65:f2:7d:71:66:81:c8:97:63:e6:58:
f2:e9:1e:7d:00:a0:11:c6:d0:89:2d:9f:03:9a:c7:c8:49:25:
4e:6b:9a:eb:2e:e8:39:d8:ee:3e:54:a3:85:eb:3e:dd:7b:93:
a5:cb:c3:84:9c:0c:91:3a:99:bb:28:f7:9d:f6:9c:f2:36:54:
f1:9e:f5:f6:31:6c:2e:35:39:0c:30:e1:41:42:f1:11:eb:ae:
80:4f:f7:67:6e:a5:b7:54:b0:8c:a5:88:e0:1c:3e:67:17:ee:
65:84:71:3e:bf:eb:1f:a4:c4:51:85:27:07:88:6a:b3:64:0a:
13:a9:11:13:e7:67:47:39:82:dd:06:df:ea:0f:db:38:c2:86:
12:88:0f:97
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdRhESz4T6Ueu0ictvssnK5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNDA1MTMwMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzQ2NWVkMzIyM2U1NmVlMzI4MWY2ZTk4N2FiZTNlZWNlMjlkOTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/ACvFBzI+aNwDWQekTBrtkcUmZF
/GOLKhNEM75ikxT+v8ubiYAduwCh8J81PE0S7aO7mopLopDs1ScIobhRFs5tAQqD
bL0mTYZygD30snB+a3htdYT2wpm35o4HwqXepLHCJMil4yL31+/6GxgoOE+00jYi
0XUNSXd7Ccm5ygJkeh/7K4h18wl4HduJ9espQlG0cPaTHJqGbDv5mEwr9XsQFgIR
DFu2sSRxy4h5jfciEZq7Ti8+ZdfPOn7m190ucfQ+P2X0xUGULtoNz2vvezu0wlTr
QLS46kqu+vac71EvvZ8+ynq5Pt7hp1w0UrtJA4B+J+9lwfdoseppiWlbRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGNGXtMiPlbuMoH26Yer4+7OKdmEMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvWTBaZTB5SS1WdTR5Z2ZicGg2dmo3czRwMllRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWbkWAwQA
bUhzMA0GCSqGSIb3DQEBCwUAA4IBAQBpP6G/tXPI7xI2YvV8BsbNEWkEbrph0al3
faFYEqSTNwvmS6cvsSrwzYPHyoVlUz3mRD/Io2H2qZ9oTm/MVZ9/e5JIgP9lm2fs
gzlnylT9XOI+uBmXTqeaPSzNNpyufFXStxp7tT6iYLYT//8aYKPQpywMZfJ9cWaB
yJdj5ljy6R59AKARxtCJLZ8DmsfISSVOa5rrLug52O4+VKOF6z7de5Oly8OEnAyR
Opm7KPed9pzyNlTxnvX2MWwuNTkMMOFBQvER666AT/dnbqW3VLCMpYjgHD5nF+5l
hHE+v+sfpMRRhScHiGqzZAoTqRET52dHOYLdBt/qD9s4woYSiA+X
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org