Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/voyjGCGlvNcFJQqHiVbHTNsE4WY.roa
File: voyjGCGlvNcFJQqHiVbHTNsE4WY.roa (raw, json)
Hash identifier: /bjcVlvt/9kWgK6QpGawVrgEi10a5ADb2/IJG1IW53Q=
Subject key identifier: BE:8C:A3:18:21:A5:BC:D7:05:25:0A:87:89:56:C7:4C:DB:04:E1:66
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0188DA34F7E2E290A0E0600FF20AADD2BC01
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/voyjGCGlvNcFJQqHiVbHTNsE4WY.roa
Signing time: Tue 20 Jun 2023 19:08:04 +0000
ROA not before: Tue 20 Jun 2023 19:08:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.185.24.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 22 Jun 2023 09:15:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:da:34:f7:e2:e2:90:a0:e0:60:0f:f2:0a:ad:d2:bc:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jun 20 19:08:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be8ca31821a5bcd705250a878956c74cdb04e166
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b9:f8:05:50:ac:35:45:2e:d5:4a:f2:a1:e7:
41:5c:f7:ab:3a:c8:78:a4:da:91:e5:12:5e:25:26:
52:7d:59:02:c3:f3:ab:24:fa:dc:53:6a:b3:0e:b7:
f8:4f:75:56:fe:8b:6e:91:d4:05:4a:6b:5d:c5:c5:
e7:b5:1d:48:9b:f5:41:e2:bd:ec:5b:e8:a1:a8:87:
ea:7d:30:bf:77:8e:d3:72:c7:12:34:41:bc:38:7d:
52:90:a1:92:34:d6:de:71:7f:2a:0f:26:e4:e2:ac:
c3:dd:a0:86:c9:40:9c:18:16:e0:aa:a1:98:03:3e:
1d:1a:bf:95:23:b4:1b:ed:01:5f:59:2f:c2:af:67:
c1:7c:bc:31:fd:6a:f4:ae:a8:ce:b2:84:0e:ce:42:
18:2a:d9:c1:b6:bb:b1:6a:8a:56:ce:05:4e:58:3e:
05:39:a2:68:00:e7:9a:60:b1:13:47:e0:7c:5a:ee:
ca:21:14:f6:55:3e:4a:8c:38:a5:fb:27:e7:d0:e6:
96:3b:99:bd:cc:fd:76:06:c2:f9:05:a5:1d:15:5b:
6f:d5:a2:41:fa:e2:a8:9a:37:a2:05:e7:61:a3:12:
2c:26:38:e5:89:6c:3c:ac:fd:9d:79:86:46:6d:fd:
cf:02:4c:57:86:cb:b1:51:ed:55:c4:1d:1b:b3:0a:
58:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:8C:A3:18:21:A5:BC:D7:05:25:0A:87:89:56:C7:4C:DB:04:E1:66
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/voyjGCGlvNcFJQqHiVbHTNsE4WY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
89.185.24.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
88:bc:f4:2e:4b:78:20:71:2f:bf:6d:ad:ca:f7:34:ef:e8:7b:
80:f2:c9:0f:0a:77:59:16:56:03:0a:47:44:50:e3:4e:e2:b9:
d7:38:fd:e4:7e:e4:43:b3:3c:d2:27:de:97:15:49:6d:4c:bc:
9b:37:19:41:b0:a6:c6:fe:f2:1f:cb:9f:d2:46:1b:ce:02:35:
27:9d:d7:05:79:37:49:f4:e3:eb:bc:24:40:98:ff:2b:29:59:
d8:b7:de:b2:bf:c7:6b:7b:12:e1:4d:5c:15:93:14:10:0d:a6:
19:92:33:90:7f:cd:33:38:24:c4:ed:51:7c:12:45:fd:25:b6:
4b:3d:38:03:6c:fc:99:d0:29:26:9e:f9:4d:fd:cf:95:9b:bb:
68:16:71:8f:45:f8:34:3b:0f:d2:97:e5:66:17:8e:34:9d:20:
ea:9c:b1:4c:d5:16:50:b7:0e:2a:1a:a8:ad:5e:ba:83:b7:a8:
6d:a3:77:0d:20:76:d9:03:e2:94:9f:ca:02:38:25:bb:06:4d:
8a:79:76:67:99:57:15:f4:62:94:c4:b1:af:33:98:a3:fc:11:
37:fd:f3:f5:5c:fb:d9:a9:21:e0:ae:34:ff:73:b3:8a:58:a4:
06:41:96:a5:d4:95:52:0f:b8:c2:3e:0c:97:aa:a7:f2:f6:67:
e0:0b:dc:76
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYjaNPfi4pCg4GAP8gqt0rwBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNjIwMTkwODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZThjYTMxODIxYTViY2Q3MDUyNTBhODc4OTU2Yzc0Y2RiMDRlMTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLn4BVCsNUUu1UryoedBXPerOsh4
pNqR5RJeJSZSfVkCw/OrJPrcU2qzDrf4T3VW/otukdQFSmtdxcXntR1Im/VB4r3s
W+ihqIfqfTC/d47TcscSNEG8OH1SkKGSNNbecX8qDybk4qzD3aCGyUCcGBbgqqGY
Az4dGr+VI7Qb7QFfWS/Cr2fBfLwx/Wr0rqjOsoQOzkIYKtnBtruxaopWzgVOWD4F
OaJoAOeaYLETR+B8Wu7KIRT2VT5KjDil+yfn0OaWO5m9zP12BsL5BaUdFVtv1aJB
+uKomjeiBedhoxIsJjjliWw8rP2deYZGbf3PAkxXhsuxUe1VxB0bswpY4wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL6MoxghpbzXBSUKh4lWx0zbBOFmMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvdm95akdDR2x2TmNGSlFxSGlWYkhUTnNFNFdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWbkAAwQC
WbkYAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQCIvPQuS3ggcS+/ba3K9zTv6HuA
8skPCndZFlYDCkdEUONO4rnXOP3kfuRDszzSJ96XFUltTLybNxlBsKbG/vIfy5/S
RhvOAjUnndcFeTdJ9OPrvCRAmP8rKVnYt96yv8drexLhTVwVkxQQDaYZkjOQf80z
OCTE7VF8EkX9JbZLPTgDbPyZ0CkmnvlN/c+Vm7toFnGPRfg0Ow/Sl+VmF440nSDq
nLFM1RZQtw4qGqitXrqDt6hto3cNIHbZA+KUn8oCOCW7Bk2KeXZnmVcV9GKUxLGv
M5ij/BE3/fP1XPvZqSHgrjT/c7OKWKQGQZal1JVSD7jCPgyXqqfy9mfgC9x2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org