Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/IucyBeA7y4y86L4a4-xZuUtC3XA.roa
File: IucyBeA7y4y86L4a4-xZuUtC3XA.roa (raw, json)
Hash identifier: OANqTVeIWpOYOXNQhTeFCFpq0XsDKLCinDMn6iO5geg=
Subject key identifier: 22:E7:32:05:E0:3B:CB:8C:BC:E8:BE:1A:E3:EC:59:B9:4B:42:DD:70
Certificate issuer: /CN=b9b350a0ae32e73e660c416c3f1406edd3615f82
Certificate serial: 01856D6F8A7F42E2FE788684BD28F55EF0E1
Authority key identifier: B9:B3:50:A0:AE:32:E7:3E:66:0C:41:6C:3F:14:06:ED:D3:61:5F:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ubNQoK4y5z5mDEFsPxQG7dNhX4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/IucyBeA7y4y86L4a4-xZuUtC3XA.roa
Signing time: Sun 01 Jan 2023 13:05:04 +0000
ROA not before: Sun 01 Jan 2023 13:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29657
IP address blocks: 89.107.254.0/24 maxlen: 24
109.232.206.0/24 maxlen: 24
109.232.207.0/24 maxlen: 24
89.107.252.0/24 maxlen: 24
89.107.250.0/24 maxlen: 24
89.107.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:8a:7f:42:e2:fe:78:86:84:bd:28:f5:5e:f0:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9b350a0ae32e73e660c416c3f1406edd3615f82
Validity
Not Before: Jan 1 13:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22e73205e03bcb8cbce8be1ae3ec59b94b42dd70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:21:6d:3e:f1:ad:12:f6:84:07:50:ed:7d:a6:
87:cc:84:c9:da:bf:a9:42:5f:c8:ca:a4:92:d5:3d:
7e:7c:18:2b:b0:31:c3:b6:ff:60:43:6a:bc:cf:67:
e2:a1:dc:9d:ac:9b:cf:d1:b2:fa:fb:f2:a9:f8:8d:
a9:f4:f9:f9:5b:c3:4a:0d:a9:b0:b6:bf:d2:3d:cf:
e5:7f:59:66:5b:76:3a:1c:78:9b:fc:82:01:84:ef:
78:a0:56:db:9a:a6:e5:9e:8e:89:94:99:53:67:1a:
48:80:1a:a6:bf:fa:20:46:fa:09:11:38:73:89:5e:
67:69:dd:17:e7:53:60:91:c8:52:eb:6c:ac:5b:de:
8c:8b:8b:b0:c6:d7:10:87:4b:82:46:a9:d5:e0:29:
d6:eb:a9:3d:43:7c:f3:77:c4:57:a9:0b:e6:55:74:
ea:73:0a:f0:2c:ec:c7:c4:3c:23:80:af:e8:40:1b:
b3:de:19:0c:c7:07:15:cd:f2:91:c0:f6:2a:35:c7:
e8:8b:1c:d5:52:85:11:21:18:e4:43:4c:f2:fd:50:
41:45:ac:b4:7b:3a:32:0f:5b:09:ce:d0:8a:ac:96:
27:f1:24:f6:92:94:4b:a6:bf:30:be:d5:1c:c0:f1:
5f:76:66:1b:cc:62:47:dc:c0:14:c3:4c:34:ff:ed:
98:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:E7:32:05:E0:3B:CB:8C:BC:E8:BE:1A:E3:EC:59:B9:4B:42:DD:70
X509v3 Authority Key Identifier:
keyid:B9:B3:50:A0:AE:32:E7:3E:66:0C:41:6C:3F:14:06:ED:D3:61:5F:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubNQoK4y5z5mDEFsPxQG7dNhX4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/IucyBeA7y4y86L4a4-xZuUtC3XA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/ubNQoK4y5z5mDEFsPxQG7dNhX4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.250.0-89.107.252.255
89.107.254.0/24
109.232.206.0/23
Signature Algorithm: sha256WithRSAEncryption
99:7e:be:85:5f:cd:87:56:6d:2e:d5:64:e1:6b:b2:78:e0:f7:
38:4e:92:81:3f:86:31:41:b2:fb:6f:49:24:38:86:94:20:c2:
05:9c:1e:df:8f:a8:45:fa:f0:10:ab:a6:91:24:e6:4b:2e:b0:
c8:94:fc:26:93:94:dd:d2:3d:a0:6b:08:f9:b9:ef:32:6e:61:
eb:e6:0d:0a:95:0f:8c:13:47:31:ae:99:53:ad:b2:01:34:b9:
59:ac:1c:46:49:c8:a5:10:df:a3:a1:d1:5d:04:1f:42:62:ea:
80:08:e8:ae:6a:a5:7a:fa:3d:da:8f:d1:63:4a:9c:28:5d:6c:
76:1b:a4:f3:a8:a9:14:47:0c:6c:e4:43:b6:58:df:2b:50:f3:
08:75:f0:a4:e2:3c:a4:2b:d8:01:0f:0d:ad:97:25:05:f0:c2:
c7:da:b0:a1:78:35:ee:3c:4e:78:79:35:a0:3b:91:d0:8c:49:
4d:71:60:ff:f9:f2:34:15:b1:94:1a:04:da:67:ca:83:0b:7c:
aa:c4:7d:31:ff:c9:1a:b0:7a:60:10:80:15:53:9f:37:bd:e5:
54:a5:a3:f7:cc:29:19:b7:ba:a1:f7:7d:64:b4:f6:db:0a:a5:
ff:15:ed:73:53:6f:8b:89:af:48:61:76:f2:e6:f6:17:64:f3:
73:2a:ba:52
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVtb4p/QuL+eIaEvSj1XvDhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YjM1MGEwYWUzMmU3M2U2NjBjNDE2YzNmMTQwNmVkZDM2
MTVmODIwHhcNMjMwMTAxMTMwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmU3MzIwNWUwM2JjYjhjYmNlOGJlMWFlM2VjNTliOTRiNDJkZDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAniFtPvGtEvaEB1DtfaaHzITJ2r+p
Ql/IyqSS1T1+fBgrsDHDtv9gQ2q8z2fiodydrJvP0bL6+/Kp+I2p9Pn5W8NKDamw
tr/SPc/lf1lmW3Y6HHib/IIBhO94oFbbmqblno6JlJlTZxpIgBqmv/ogRvoJEThz
iV5nad0X51NgkchS62ysW96Mi4uwxtcQh0uCRqnV4CnW66k9Q3zzd8RXqQvmVXTq
cwrwLOzHxDwjgK/oQBuz3hkMxwcVzfKRwPYqNcfoixzVUoURIRjkQ0zy/VBBRay0
ezoyD1sJztCKrJYn8ST2kpRLpr8wvtUcwPFfdmYbzGJH3MAUw0w0/+2YmQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCLnMgXgO8uMvOi+GuPsWblLQt1wMB8GA1UdIwQY
MBaAFLmzUKCuMuc+ZgxBbD8UBu3TYV+CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWJOUW9LNHk1ejVtREVGc1B4UUc3ZE5oWDRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS82MjdlNjAtMDBhNi00ZDI2LWI5M2Et
ZWY3M2I3YjRjYTNjLzEvSXVjeUJlQTd5NHk4Nkw0YTQteFp1VXRDM1hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS82MjdlNjAtMDBhNi00ZDI2LWI5M2EtZWY3M2I3YjRjYTNj
LzEvdWJOUW9LNHk1ejVtREVGc1B4UUc3ZE5oWDRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAFZa/oD
BABZa/wDBABZa/4DBAFt6M4wDQYJKoZIhvcNAQELBQADggEBAJl+voVfzYdWbS7V
ZOFrsnjg9zhOkoE/hjFBsvtvSSQ4hpQgwgWcHt+PqEX68BCrppEk5ksusMiU/CaT
lN3SPaBrCPm57zJuYevmDQqVD4wTRzGumVOtsgE0uVmsHEZJyKUQ36Oh0V0EH0Ji
6oAI6K5qpXr6PdqP0WNKnChdbHYbpPOoqRRHDGzkQ7ZY3ytQ8wh18KTiPKQr2AEP
Da2XJQXwwsfasKF4Ne48Tnh5NaA7kdCMSU1xYP/58jQVsZQaBNpnyoMLfKrEfTH/
yRqwemAQgBVTnze95VSlo/fMKRm3uqH3fWS09tsKpf8V7XNTb4uJr0hhdvLm9hdk
83MqulI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:57 2024 by rpki-client on console-ams.rpki-client.org