Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/kQkwyWUt0aQ7nPKiSsc0nyOx_Zw.roa
File: kQkwyWUt0aQ7nPKiSsc0nyOx_Zw.roa (raw, json)
Hash identifier: F+Nnx9TMaI00M74LCfwhbEIvAfW4lzBX5EXkJSIoAv4=
Subject key identifier: 91:09:30:C9:65:2D:D1:A4:3B:9C:F2:A2:4A:C7:34:9F:23:B1:FD:9C
Certificate issuer: /CN=ebf42e80602aedf58a3c7a81883c1a34f69d2fb4
Certificate serial: 018571B0F7FB7B56AA20DF5FF78213F3B9BB
Authority key identifier: EB:F4:2E:80:60:2A:ED:F5:8A:3C:7A:81:88:3C:1A:34:F6:9D:2F:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6_QugGAq7fWKPHqBiDwaNPadL7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/kQkwyWUt0aQ7nPKiSsc0nyOx_Zw.roa
Signing time: Mon 02 Jan 2023 08:55:01 +0000
ROA not before: Mon 02 Jan 2023 08:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31244
IP address blocks: 89.38.233.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:f7:fb:7b:56:aa:20:df:5f:f7:82:13:f3:b9:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebf42e80602aedf58a3c7a81883c1a34f69d2fb4
Validity
Not Before: Jan 2 08:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=910930c9652dd1a43b9cf2a24ac7349f23b1fd9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d9:ec:7a:f9:b2:66:3d:55:7b:6b:5a:3f:d8:
36:c0:e8:8e:ec:c7:a0:02:3b:ed:55:f9:e2:ec:c4:
80:44:a5:9b:03:04:20:36:fe:91:a1:87:f7:bf:37:
63:52:b1:cc:a5:97:de:53:65:dc:fc:93:4c:77:be:
74:94:e3:9a:2d:64:a9:3f:70:51:d5:b6:62:63:d2:
73:54:83:0e:ea:a7:45:cd:3d:d3:ef:fd:05:6f:96:
6a:ef:f2:0b:66:0a:92:ac:c5:d6:ef:f9:f0:90:3d:
c7:16:9c:d1:83:6f:ce:30:7b:3c:b6:35:9b:6d:3c:
bd:c6:68:bb:9b:3d:b9:b6:a9:70:5e:0e:7f:6f:5a:
ac:62:e1:5d:c8:3f:4f:28:b3:bc:cd:9d:0b:3d:d8:
cb:85:fa:38:1f:d2:3f:72:b2:dd:4d:57:3e:20:12:
d4:a2:73:95:8e:53:4e:88:f0:2c:21:1d:c3:a3:ee:
67:eb:02:01:35:ff:d3:da:78:64:ab:4a:e1:d7:92:
5a:58:51:cd:87:a8:22:5a:4c:34:41:fc:23:27:27:
a4:68:11:4a:70:1c:b9:62:1c:a2:6a:59:ee:6b:ee:
c8:f3:a8:91:a9:b1:ab:59:16:dd:aa:07:c0:b7:c0:
f6:62:47:13:94:38:59:88:a3:fb:25:7a:c0:5b:92:
9c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:09:30:C9:65:2D:D1:A4:3B:9C:F2:A2:4A:C7:34:9F:23:B1:FD:9C
X509v3 Authority Key Identifier:
keyid:EB:F4:2E:80:60:2A:ED:F5:8A:3C:7A:81:88:3C:1A:34:F6:9D:2F:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6_QugGAq7fWKPHqBiDwaNPadL7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/kQkwyWUt0aQ7nPKiSsc0nyOx_Zw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/6_QugGAq7fWKPHqBiDwaNPadL7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.233.0/24
Signature Algorithm: sha256WithRSAEncryption
31:50:ae:b3:73:d4:7e:72:a4:ce:69:65:4b:b2:34:e2:ee:da:
dd:39:f3:2d:63:70:dc:ca:d0:b3:98:6f:f9:d3:51:c2:e6:7c:
21:50:5a:02:a7:fc:65:a6:0d:aa:ad:e6:9e:ef:c3:e5:6b:d6:
69:5d:b9:cf:fb:5f:b8:85:a1:4f:0d:cb:47:ef:09:bd:cc:77:
b0:6a:28:1f:cd:ed:ae:76:0c:73:27:31:93:15:b1:3e:da:ef:
4b:02:f4:66:d8:45:f9:46:2d:44:11:bb:43:63:ba:bf:8b:2b:
22:93:13:1a:f7:39:4b:97:0e:c4:27:0e:69:ee:6c:31:a9:7d:
bc:6d:4d:9c:f8:57:fb:e9:5d:8d:84:fb:56:c4:23:0e:23:29:
d6:a7:71:4a:6d:86:01:07:e0:f4:a6:f1:27:a7:3a:bd:5d:b1:
02:80:a2:b1:90:9c:93:4d:73:5f:2d:7c:85:ce:35:42:fd:f9:
ab:59:e5:7d:b2:10:4f:29:6e:61:b0:c5:4e:fb:28:3f:17:6a:
e1:70:ea:4a:f2:a5:5e:f3:f1:03:a5:c4:b4:99:cf:b8:ba:83:
c8:b8:16:e3:59:33:42:9d:f5:7f:86:eb:a5:a0:6b:9c:dc:b3:
a0:1e:f2:2a:ed:7c:9b:a8:a1:03:69:7a:39:c2:5b:97:49:8a:
03:e6:6e:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxsPf7e1aqIN9f94IT87m7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZjQyZTgwNjAyYWVkZjU4YTNjN2E4MTg4M2MxYTM0ZjY5
ZDJmYjQwHhcNMjMwMTAyMDg1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTA5MzBjOTY1MmRkMWE0M2I5Y2YyYTI0YWM3MzQ5ZjIzYjFmZDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9nsevmyZj1Ve2taP9g2wOiO7Meg
AjvtVfni7MSARKWbAwQgNv6RoYf3vzdjUrHMpZfeU2Xc/JNMd750lOOaLWSpP3BR
1bZiY9JzVIMO6qdFzT3T7/0Fb5Zq7/ILZgqSrMXW7/nwkD3HFpzRg2/OMHs8tjWb
bTy9xmi7mz25tqlwXg5/b1qsYuFdyD9PKLO8zZ0LPdjLhfo4H9I/crLdTVc+IBLU
onOVjlNOiPAsIR3Do+5n6wIBNf/T2nhkq0rh15JaWFHNh6giWkw0QfwjJyekaBFK
cBy5Yhyialnua+7I86iRqbGrWRbdqgfAt8D2YkcTlDhZiKP7JXrAW5KcaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJEJMMllLdGkO5zyokrHNJ8jsf2cMB8GA1UdIwQY
MBaAFOv0LoBgKu31ijx6gYg8GjT2nS+0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNl9RdWdHQXE3ZldLUEhxQmlEd2FOUGFkTDdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wOTUyZDQtNGE0OS00NDdkLWFkM2Mt
MTkwM2VkYWZhOGJmLzEva1Frd3lXVXQwYVE3blBLaVNzYzBueU94X1p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wOTUyZDQtNGE0OS00NDdkLWFkM2MtMTkwM2VkYWZhOGJm
LzEvNl9RdWdHQXE3ZldLUEhxQmlEd2FOUGFkTDdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSbpMA0G
CSqGSIb3DQEBCwUAA4IBAQAxUK6zc9R+cqTOaWVLsjTi7trdOfMtY3DcytCzmG/5
01HC5nwhUFoCp/xlpg2qreae78Pla9ZpXbnP+1+4haFPDctH7wm9zHewaigfze2u
dgxzJzGTFbE+2u9LAvRm2EX5Ri1EEbtDY7q/iysikxMa9zlLlw7EJw5p7mwxqX28
bU2c+Ff76V2NhPtWxCMOIynWp3FKbYYBB+D0pvEnpzq9XbECgKKxkJyTTXNfLXyF
zjVC/fmrWeV9shBPKW5hsMVO+yg/F2rhcOpK8qVe8/EDpcS0mc+4uoPIuBbjWTNC
nfV/huuloGuc3LOgHvIq7XybqKEDaXo5wluXSYoD5m6r
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:19 2024 by rpki-client on console-fra.rpki-client.org