Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/h7JPS-1sjCa2rbL8DNYCdRP5c0g.roa
File: h7JPS-1sjCa2rbL8DNYCdRP5c0g.roa (raw, json)
Hash identifier: 7Pdl1AdFiIRknIdP17jQppQEbUX3Pb06Hz/MNKqxXFA=
Subject key identifier: 87:B2:4F:4B:ED:6C:8C:26:B6:AD:B2:FC:0C:D6:02:75:13:F9:73:48
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018B8BC661C22AAD7F975F8A0A3887A75679
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/h7JPS-1sjCa2rbL8DNYCdRP5c0g.roa
Signing time: Wed 01 Nov 2023 16:45:16 +0000
ROA not before: Wed 01 Nov 2023 16:45:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 10 Nov 2023 09:13:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8b:c6:61:c2:2a:ad:7f:97:5f:8a:0a:38:87:a7:56:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Nov 1 16:45:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87b24f4bed6c8c26b6adb2fc0cd6027513f97348
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e6:23:9b:d9:e5:c6:89:97:21:c5:95:b7:c1:
17:8f:b9:f1:f6:0c:e4:1c:df:ea:cf:50:d1:2c:42:
d8:d7:15:f0:f5:52:b8:32:9c:37:4f:5d:fb:79:1f:
8b:1f:73:9b:5a:3c:86:cd:5f:dd:91:76:d5:5c:08:
e6:62:40:a6:55:8d:24:3a:21:9f:0c:87:3f:4b:10:
fa:15:ab:e2:17:ab:37:0c:53:69:cd:05:f6:5c:b8:
d1:72:3d:39:76:4b:74:98:cb:fd:41:04:85:74:9e:
42:45:42:55:16:5a:c1:02:bf:9e:09:cf:3d:e3:d7:
16:c1:15:c4:ea:68:d5:24:5f:42:96:16:10:c5:f9:
1b:e2:c3:89:75:e2:73:5d:27:0e:fc:86:86:fc:65:
cf:59:61:ba:d9:fb:fd:02:45:c2:01:f7:10:3d:5c:
1a:f8:7f:05:ca:68:ee:71:52:c2:85:6b:21:d2:44:
27:4c:33:16:3f:15:7b:49:6d:b5:34:2b:b3:d5:97:
3d:b3:ce:94:12:b8:b5:85:6f:1c:46:31:ff:a7:01:
13:5a:4d:e3:7e:74:cf:64:3a:a5:15:da:0a:fc:25:
a1:88:b1:da:15:72:14:d6:da:a5:f6:90:a9:d6:ca:
38:ec:fd:3e:36:bc:3a:c5:49:95:ab:9d:42:e8:4c:
f8:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:B2:4F:4B:ED:6C:8C:26:B6:AD:B2:FC:0C:D6:02:75:13:F9:73:48
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/h7JPS-1sjCa2rbL8DNYCdRP5c0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
21:2f:49:c2:7c:ca:36:02:f5:d4:be:03:2a:cc:e9:57:91:bf:
e7:9c:64:d6:2e:08:ec:0d:dd:a3:ad:be:89:dd:dd:8f:fc:81:
6d:b6:6c:28:98:84:0c:97:cd:6c:ff:c3:e0:12:13:30:15:75:
a1:7e:b4:cb:54:53:50:82:2f:27:20:3d:89:dc:88:85:d2:bc:
99:33:eb:9c:3f:b2:a4:de:3e:07:2f:5e:84:3b:15:ce:44:1b:
b2:c1:c2:e8:6b:9a:69:40:fe:ed:be:46:a6:90:d6:bc:43:3d:
e5:d0:da:03:3a:7b:79:bb:88:63:fc:16:37:de:0d:ee:d5:7a:
46:fc:0d:75:f8:d5:5d:ba:67:6b:53:b6:f9:fe:c2:50:a5:2c:
3e:b4:ac:b6:55:d3:c4:9e:51:e4:c0:66:50:f2:9e:55:60:cc:
82:18:b7:83:37:fb:46:de:c6:f5:16:3e:ff:5d:6b:e2:f7:64:
31:bf:bb:bf:b8:d1:63:d6:d4:1a:74:5e:92:94:e3:a3:16:e4:
66:2c:89:07:2d:57:ce:a8:56:d7:67:b7:b0:80:dc:d8:12:1f:
26:35:b7:1f:e7:d8:ea:45:4b:b6:0a:e7:4f:f0:24:f5:41:83:
3d:48:25:d8:c3:b3:b0:f4:ab:e6:be:c0:68:3a:ee:17:f3:48:
18:6c:19:90
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuLxmHCKq1/l1+KCjiHp1Z5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMTAxMTY0NTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2IyNGY0YmVkNmM4YzI2YjZhZGIyZmMwY2Q2MDI3NTEzZjk3MzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieYjm9nlxomXIcWVt8EXj7nx9gzk
HN/qz1DRLELY1xXw9VK4Mpw3T137eR+LH3ObWjyGzV/dkXbVXAjmYkCmVY0kOiGf
DIc/SxD6FaviF6s3DFNpzQX2XLjRcj05dkt0mMv9QQSFdJ5CRUJVFlrBAr+eCc89
49cWwRXE6mjVJF9ClhYQxfkb4sOJdeJzXScO/IaG/GXPWWG62fv9AkXCAfcQPVwa
+H8FymjucVLChWsh0kQnTDMWPxV7SW21NCuz1Zc9s86UEri1hW8cRjH/pwETWk3j
fnTPZDqlFdoK/CWhiLHaFXIU1tql9pCp1so47P0+Nrw6xUmVq51C6Ez4pQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIeyT0vtbIwmtq2y/AzWAnUT+XNIMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvaDdKUFMtMXNqQ2EycmJMOEROWUNkUlA1YzBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWbkAAwQC
bUh0MA0GCSqGSIb3DQEBCwUAA4IBAQAhL0nCfMo2AvXUvgMqzOlXkb/nnGTWLgjs
Dd2jrb6J3d2P/IFttmwomIQMl81s/8PgEhMwFXWhfrTLVFNQgi8nID2J3IiF0ryZ
M+ucP7Kk3j4HL16EOxXORBuywcLoa5ppQP7tvkamkNa8Qz3l0NoDOnt5u4hj/BY3
3g3u1XpG/A11+NVdumdrU7b5/sJQpSw+tKy2VdPEnlHkwGZQ8p5VYMyCGLeDN/tG
3sb1Fj7/XWvi92Qxv7u/uNFj1tQadF6SlOOjFuRmLIkHLVfOqFbXZ7ewgNzYEh8m
Nbcf59jqRUu2CudP8CT1QYM9SCXYw7Ow9KvmvsBoOu4X80gYbBmQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org