Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/kfrtlzzrgLpSwbfPDS6M-6zYlD0.roa
File: kfrtlzzrgLpSwbfPDS6M-6zYlD0.roa (raw, json)
Hash identifier: yl/NsQ6bdWzFZFU/8UdeXPwu3d7oeUvEeE0vD4mjWQs=
Subject key identifier: 91:FA:ED:97:3C:EB:80:BA:52:C1:B7:CF:0D:2E:8C:FB:AC:D8:94:3D
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018830981887BF2658DE33AD9218F569C04F
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/kfrtlzzrgLpSwbfPDS6M-6zYlD0.roa
Signing time: Thu 18 May 2023 20:40:54 +0000
ROA not before: Thu 18 May 2023 20:40:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 24 May 2023 11:21:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:30:98:18:87:bf:26:58:de:33:ad:92:18:f5:69:c0:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: May 18 20:40:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91faed973ceb80ba52c1b7cf0d2e8cfbacd8943d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:71:68:cb:26:5a:ff:f2:c2:75:5d:d7:07:b1:
b9:9f:c9:91:7c:b9:2f:79:df:5c:a0:80:0f:ee:e3:
b1:09:67:f0:86:6c:98:96:41:7f:39:8b:01:76:3a:
61:a7:2f:8a:bf:34:25:56:4a:d8:f8:ca:ea:9a:96:
9c:e5:1a:07:68:cc:b2:96:74:d2:39:5c:7c:43:c7:
91:d8:13:23:75:2c:bf:64:62:fc:29:35:5e:74:ef:
9c:67:f5:46:3c:7a:79:bf:a5:24:cf:38:08:f7:17:
c3:bb:c1:86:9c:85:2e:9f:2b:b3:b4:86:ed:cf:00:
62:dc:41:f5:89:f0:ca:8e:f2:37:5d:0c:79:4a:ff:
3f:d8:1b:dc:e5:de:87:6b:de:43:d5:a6:95:1c:49:
eb:d4:6c:90:dc:cd:06:69:78:9a:d8:af:86:c9:02:
64:ff:3d:1b:22:6e:60:3e:6b:3f:6d:a9:f2:0d:c3:
f4:55:3f:1c:34:47:9a:cd:30:bc:aa:20:28:c8:7f:
8d:a6:22:02:f7:2c:65:05:78:ad:e0:1a:f7:e1:4b:
26:4a:09:fd:53:c7:9e:0f:b2:5c:7f:51:e4:29:08:
0d:50:49:9d:84:7e:46:76:ad:47:ff:44:ad:3a:01:
f3:e7:8c:13:da:30:3e:e0:93:80:59:d6:c6:38:88:
dc:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:FA:ED:97:3C:EB:80:BA:52:C1:B7:CF:0D:2E:8C:FB:AC:D8:94:3D
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/kfrtlzzrgLpSwbfPDS6M-6zYlD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:25:aa:33:22:c6:af:52:26:00:c1:cc:72:d6:f1:71:6a:16:
25:07:9b:1b:64:f1:66:41:c4:6c:79:87:e0:11:f7:92:64:92:
13:f7:d3:e7:c4:14:42:b4:04:2f:7d:05:0d:81:3f:28:30:16:
51:be:61:ae:d1:f9:31:2c:43:10:c6:b6:c5:99:85:7e:5f:df:
0f:af:e2:a8:a0:e7:a4:3f:70:59:4c:2d:96:8b:7c:06:61:66:
6c:3c:3a:2d:0a:21:2e:0d:3d:7d:bd:f5:9c:02:35:3f:ec:8d:
25:69:ce:4b:8e:52:82:aa:23:bf:53:5b:c6:73:e6:37:5a:d5:
9d:1d:f5:aa:d5:dd:0e:d8:8f:f6:73:fa:02:ef:be:85:3b:70:
fa:ad:23:ad:36:f3:21:0b:f6:66:74:7e:67:e6:99:67:4c:4b:
83:bd:22:7a:a4:bb:90:be:48:df:8b:22:7e:0f:2d:04:48:c2:
cb:2d:cc:24:03:28:bf:b5:47:bf:f8:4e:f7:fd:f6:b7:ac:97:
3b:d7:54:b9:1f:e5:bf:9e:c0:9e:9d:8c:20:82:3d:5b:9a:e3:
5e:51:7f:d0:f3:46:d0:1d:8d:2e:18:c2:9d:9f:01:a7:4e:9a:
5e:2a:82:2e:92:8c:11:60:11:a3:3d:50:44:cd:a5:9b:ef:75:
56:e2:68:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgwmBiHvyZY3jOtkhj1acBPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNTE4MjA0MDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWZhZWQ5NzNjZWI4MGJhNTJjMWI3Y2YwZDJlOGNmYmFjZDg5NDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnFoyyZa//LCdV3XB7G5n8mRfLkv
ed9coIAP7uOxCWfwhmyYlkF/OYsBdjphpy+KvzQlVkrY+Mrqmpac5RoHaMyylnTS
OVx8Q8eR2BMjdSy/ZGL8KTVedO+cZ/VGPHp5v6UkzzgI9xfDu8GGnIUunyuztIbt
zwBi3EH1ifDKjvI3XQx5Sv8/2Bvc5d6Ha95D1aaVHEnr1GyQ3M0GaXia2K+GyQJk
/z0bIm5gPms/banyDcP0VT8cNEeazTC8qiAoyH+NpiIC9yxlBXit4Br34UsmSgn9
U8eeD7Jcf1HkKQgNUEmdhH5Gdq1H/0StOgHz54wT2jA+4JOAWdbGOIjctwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJH67Zc864C6UsG3zw0ujPus2JQ9MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEva2ZydGx6enJnTHBTd2JmUERTNk0tNnpZbEQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWbkAMA0G
CSqGSIb3DQEBCwUAA4IBAQCgJaozIsavUiYAwcxy1vFxahYlB5sbZPFmQcRseYfg
EfeSZJIT99PnxBRCtAQvfQUNgT8oMBZRvmGu0fkxLEMQxrbFmYV+X98Pr+KooOek
P3BZTC2Wi3wGYWZsPDotCiEuDT19vfWcAjU/7I0lac5LjlKCqiO/U1vGc+Y3WtWd
HfWq1d0O2I/2c/oC776FO3D6rSOtNvMhC/ZmdH5n5plnTEuDvSJ6pLuQvkjfiyJ+
Dy0ESMLLLcwkAyi/tUe/+E73/fa3rJc711S5H+W/nsCenYwggj1bmuNeUX/Q80bQ
HY0uGMKdnwGnTppeKoIukowRYBGjPVBEzaWb73VW4mi1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org