Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/opXllQxR6z5BJHQ6QfAaliA0O20.roa
File: opXllQxR6z5BJHQ6QfAaliA0O20.roa (raw, json)
Hash identifier: 1iEUhtqydA8ax9y8VeSutz7x9fISQFn37Mr+tHECvMc=
Subject key identifier: A2:95:E5:95:0C:51:EB:3E:41:24:74:3A:41:F0:1A:96:20:34:3B:6D
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0186B155E031D9D4BEE6939FB4817A0AF4D5
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/opXllQxR6z5BJHQ6QfAaliA0O20.roa
Signing time: Sun 05 Mar 2023 10:34:00 +0000
ROA not before: Sun 05 Mar 2023 10:34:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 89.185.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Apr 2023 08:42:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b1:55:e0:31:d9:d4:be:e6:93:9f:b4:81:7a:0a:f4:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Mar 5 10:34:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a295e5950c51eb3e4124743a41f01a9620343b6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a9:05:92:03:f0:6d:58:84:d2:0f:79:01:22:
ee:b4:8f:26:29:5b:7a:c7:1e:15:f7:65:1c:20:25:
4c:e2:69:16:c3:fc:00:eb:1d:55:c7:2a:63:65:60:
a5:4c:a9:38:50:38:47:61:08:92:13:c9:29:7b:d8:
e9:28:73:68:f4:2d:5e:13:14:99:d9:84:0a:75:99:
54:e8:14:5d:f1:38:43:ff:df:4e:91:0e:45:2f:8b:
ee:c5:18:5e:06:2b:58:7a:34:87:fa:9c:80:66:e3:
e8:e3:b0:f5:ec:77:68:fb:fc:b5:0a:06:fc:d8:be:
e3:16:07:a8:bd:dc:9b:00:40:fc:f6:52:8e:89:4c:
15:30:03:b4:76:41:a7:a2:47:89:0b:38:4a:1f:cb:
a2:d4:19:de:8b:89:9c:f7:10:98:a2:a7:fc:04:bf:
c0:d9:7c:f5:73:45:61:0b:3a:25:c6:3b:a7:50:9a:
2b:b8:88:69:4f:d9:c5:31:af:a6:15:fb:49:a7:d5:
6a:e0:a1:5a:90:f1:df:e4:3f:eb:cb:ed:0b:60:9a:
d7:bd:ec:e2:61:23:e4:61:31:48:16:d8:3b:63:27:
8c:48:28:9e:89:a7:e3:7c:c3:af:29:2d:a5:26:55:
4a:08:da:01:4a:68:58:91:44:ae:ec:75:e6:e4:38:
7a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:95:E5:95:0C:51:EB:3E:41:24:74:3A:41:F0:1A:96:20:34:3B:6D
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/opXllQxR6z5BJHQ6QfAaliA0O20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.22.0/24
Signature Algorithm: sha256WithRSAEncryption
29:57:a5:c6:34:56:ef:6e:08:f6:51:25:73:10:37:a9:61:ea:
5d:4b:84:6c:fd:04:57:3c:b2:1f:05:43:9d:7c:52:3b:16:0a:
d3:28:90:46:89:9a:55:d4:3e:4b:a2:f9:e7:36:79:9b:65:34:
6c:2a:ff:16:79:66:72:03:64:9e:70:2e:6a:73:fa:84:7c:db:
0c:51:d8:e7:5f:90:48:37:10:5a:0c:38:61:96:c7:28:dc:35:
ec:f2:a7:13:79:74:ac:e1:f9:39:21:99:39:cc:b4:1e:9d:de:
c2:09:1a:a7:93:b8:87:0a:51:fa:78:d7:8d:04:56:e5:80:e1:
72:43:7e:77:dc:10:51:47:b7:1f:4d:a5:a7:82:f1:0e:c4:35:
a0:de:26:c5:a7:c1:13:95:11:c5:b0:9d:1d:89:6e:36:3d:7a:
8f:8f:43:10:d8:3b:30:e2:28:5f:bb:ea:4d:1b:60:c8:2c:ec:
2b:65:30:d2:e9:e2:77:88:ee:59:6e:5d:eb:d3:46:e7:9a:dc:
10:d5:2a:31:73:d1:45:2d:d7:ef:6f:c9:8a:d9:ae:15:eb:7a:
c9:91:0a:e0:f7:c0:a4:45:f5:36:d1:c9:42:b7:05:d4:8b:61:
f6:d5:1e:c5:ad:50:c4:54:16:3f:23:45:9a:cb:44:4d:7e:70:
36:19:24:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaxVeAx2dS+5pOftIF6CvTVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwMzA1MTAzNDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjk1ZTU5NTBjNTFlYjNlNDEyNDc0M2E0MWYwMWE5NjIwMzQzYjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApakFkgPwbViE0g95ASLutI8mKVt6
xx4V92UcICVM4mkWw/wA6x1VxypjZWClTKk4UDhHYQiSE8kpe9jpKHNo9C1eExSZ
2YQKdZlU6BRd8ThD/99OkQ5FL4vuxRheBitYejSH+pyAZuPo47D17Hdo+/y1Cgb8
2L7jFgeovdybAED89lKOiUwVMAO0dkGnokeJCzhKH8ui1Bnei4mc9xCYoqf8BL/A
2Xz1c0VhCzolxjunUJoruIhpT9nFMa+mFftJp9Vq4KFakPHf5D/ry+0LYJrXvezi
YSPkYTFIFtg7YyeMSCieiafjfMOvKS2lJlVKCNoBSmhYkUSu7HXm5Dh61wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKKV5ZUMUes+QSR0OkHwGpYgNDttMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvb3BYbGxReFI2ejVCSkhRNlFmQWFsaUEwTzIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWbkWMA0G
CSqGSIb3DQEBCwUAA4IBAQApV6XGNFbvbgj2USVzEDepYepdS4Rs/QRXPLIfBUOd
fFI7FgrTKJBGiZpV1D5LovnnNnmbZTRsKv8WeWZyA2SecC5qc/qEfNsMUdjnX5BI
NxBaDDhhlsco3DXs8qcTeXSs4fk5IZk5zLQend7CCRqnk7iHClH6eNeNBFblgOFy
Q3533BBRR7cfTaWngvEOxDWg3ibFp8ETlRHFsJ0diW42PXqPj0MQ2Dsw4ihfu+pN
G2DILOwrZTDS6eJ3iO5Zbl3r00bnmtwQ1Soxc9FFLdfvb8mK2a4V63rJkQrg98Ck
RfU20clCtwXUi2H21R7FrVDEVBY/I0Way0RNfnA2GSSb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org