Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/eBZORWZuF8c03AkSKG43GBGTwfQ.roa
File: eBZORWZuF8c03AkSKG43GBGTwfQ.roa (raw, json)
Hash identifier: 69Ggtovc46ZwWlHOJwn8p4uccXugLv3vtq6sJFip5QQ=
Subject key identifier: 78:16:4E:45:66:6E:17:C7:34:DC:09:12:28:6E:37:18:11:93:C1:F4
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0189F856DBC83B824D5CD2F48D8BD57A32A9
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/eBZORWZuF8c03AkSKG43GBGTwfQ.roa
Signing time: Tue 15 Aug 2023 08:36:29 +0000
ROA not before: Tue 15 Aug 2023 08:36:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.72.116.0/22 maxlen: 24
109.72.117.0/24 maxlen: 24
109.72.118.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 15 Aug 2023 11:10:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f8:56:db:c8:3b:82:4d:5c:d2:f4:8d:8b:d5:7a:32:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Aug 15 08:36:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=78164e45666e17c734dc0912286e37181193c1f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a0:4b:22:09:fe:3d:82:ca:72:98:2f:8c:bf:
bd:29:e7:b6:13:bb:98:a2:04:d6:90:1f:09:77:f3:
6b:78:04:53:73:e8:b6:8d:a5:7e:7e:47:0e:15:2c:
47:6f:36:32:bc:b3:fa:2d:a9:5d:48:2b:3b:0b:1a:
cb:71:54:be:a5:87:ad:ee:f8:e7:50:99:53:a9:bc:
3b:93:24:f7:f5:9f:86:07:c4:30:12:44:ae:18:78:
3b:4c:a0:01:8c:2c:af:17:d4:c5:25:8d:af:c7:7e:
52:c0:7f:29:0d:21:a7:9f:b3:e5:4c:7d:83:2a:66:
1a:df:c4:8c:6d:90:f1:9c:f3:dd:79:8e:d6:77:89:
99:1e:06:cb:dc:5d:ab:33:29:60:92:de:2f:48:28:
a9:3e:24:b3:77:82:23:e2:0a:3c:3f:25:15:14:ba:
2d:c8:a1:23:f8:1f:36:ff:5c:ec:ac:89:ef:56:80:
10:eb:08:9b:eb:1a:3f:f1:9b:f6:f2:b1:7b:33:13:
05:66:4f:bf:d2:bb:0e:94:fa:17:58:1e:ca:0a:aa:
60:22:df:0f:5d:da:ef:7f:40:08:b7:c8:e2:62:76:
d1:4e:11:09:53:ec:ba:b0:14:a9:c8:e4:ef:e3:36:
a9:13:1d:cb:60:c7:a0:f8:54:24:93:f5:c5:7d:a3:
21:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:16:4E:45:66:6E:17:C7:34:DC:09:12:28:6E:37:18:11:93:C1:F4
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/eBZORWZuF8c03AkSKG43GBGTwfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
96:d3:e7:f6:69:91:33:9c:84:92:5b:42:65:1a:6c:df:68:51:
d0:0d:0e:51:37:07:e6:56:13:b2:fd:15:3b:fc:03:ad:0d:53:
df:e5:55:1e:f2:f4:96:13:ec:4c:3d:6f:d0:89:bd:b3:76:2c:
5d:b8:d9:a2:6f:9e:d5:21:92:ec:ea:5d:71:16:50:3f:e0:48:
1b:34:74:f4:1b:8a:05:3c:a6:b9:a5:1d:4f:9a:f3:56:a6:9d:
9a:5d:f7:1b:2a:09:cf:26:c6:22:f3:d4:c8:79:72:af:4e:d5:
14:05:9b:93:52:de:5c:5d:26:93:1b:52:57:a0:e5:a6:e4:45:
58:ca:e8:f0:48:4c:60:c3:71:9d:0f:88:dc:07:ed:55:56:ca:
d0:68:90:13:0a:bd:e8:b8:c1:7e:c0:9c:e6:6b:47:8f:c2:71:
9d:1e:0e:4a:d3:e4:63:80:4a:8e:10:08:0b:14:16:74:b5:df:
29:b1:c2:32:e1:f1:07:dd:a4:24:b8:fc:f9:3f:af:b0:ab:e3:
93:bf:a3:d2:66:dd:ea:ae:ac:f8:d8:a0:f1:cf:89:a4:89:05:
c6:50:1e:de:f3:5a:53:d1:86:f1:e6:43:17:25:b0:c4:d4:fa:
d3:96:c3:fe:2c:b6:00:16:2e:aa:81:3b:75:b6:4f:61:f6:d2:
75:27:7f:a5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYn4VtvIO4JNXNL0jYvVejKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwODE1MDgzNjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODE2NGU0NTY2NmUxN2M3MzRkYzA5MTIyODZlMzcxODExOTNjMWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKBLIgn+PYLKcpgvjL+9Kee2E7uY
ogTWkB8Jd/NreARTc+i2jaV+fkcOFSxHbzYyvLP6LaldSCs7CxrLcVS+pYet7vjn
UJlTqbw7kyT39Z+GB8QwEkSuGHg7TKABjCyvF9TFJY2vx35SwH8pDSGnn7PlTH2D
KmYa38SMbZDxnPPdeY7Wd4mZHgbL3F2rMylgkt4vSCipPiSzd4Ij4go8PyUVFLot
yKEj+B82/1zsrInvVoAQ6wib6xo/8Zv28rF7MxMFZk+/0rsOlPoXWB7KCqpgIt8P
Xdrvf0AIt8jiYnbRThEJU+y6sBSpyOTv4zapEx3LYMeg+FQkk/XFfaMhswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHgWTkVmbhfHNNwJEihuNxgRk8H0MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvZUJaT1JXWnVGOGMwM0FrU0tHNDNHQkdUd2ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWbkAAwQC
bUh0MA0GCSqGSIb3DQEBCwUAA4IBAQCW0+f2aZEznISSW0JlGmzfaFHQDQ5RNwfm
VhOy/RU7/AOtDVPf5VUe8vSWE+xMPW/Qib2zdixduNmib57VIZLs6l1xFlA/4Egb
NHT0G4oFPKa5pR1PmvNWpp2aXfcbKgnPJsYi89TIeXKvTtUUBZuTUt5cXSaTG1JX
oOWm5EVYyujwSExgw3GdD4jcB+1VVsrQaJATCr3ouMF+wJzma0ePwnGdHg5K0+Rj
gEqOEAgLFBZ0td8pscIy4fEH3aQkuPz5P6+wq+OTv6PSZt3qrqz42KDxz4mkiQXG
UB7e81pT0Ybx5kMXJbDE1PrTlsP+LLYAFi6qgTt1tk9h9tJ1J3+l
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org