Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/2a55f5-3cdc-43ea-9803-74ee83736e97/1/E2ZqQZELbK2U6lci8kdZtnlVW4w.roa
File: E2ZqQZELbK2U6lci8kdZtnlVW4w.roa (raw, json)
Hash identifier: sewPgZF/FGGm9zpCQgLHmhdTnoo/xMPrq0oLk57zEuc=
Subject key identifier: 13:66:6A:41:91:0B:6C:AD:94:EA:57:22:F2:47:59:B6:79:55:5B:8C
Certificate issuer: /CN=6c895335ba98f7c626f0c819e9e2894c61d44754
Certificate serial: 01856E8B2B50A0F40CB2010C1780C6EBB13A
Authority key identifier: 6C:89:53:35:BA:98:F7:C6:26:F0:C8:19:E9:E2:89:4C:61:D4:47:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bIlTNbqY98Ym8MgZ6eKJTGHUR1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/2a55f5-3cdc-43ea-9803-74ee83736e97/1/E2ZqQZELbK2U6lci8kdZtnlVW4w.roa
Signing time: Sun 01 Jan 2023 18:14:52 +0000
ROA not before: Sun 01 Jan 2023 18:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41088
IP address blocks: 89.190.64.0/19 maxlen: 19
89.190.85.0/24 maxlen: 24
2a00:bfe0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:2b:50:a0:f4:0c:b2:01:0c:17:80:c6:eb:b1:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c895335ba98f7c626f0c819e9e2894c61d44754
Validity
Not Before: Jan 1 18:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=13666a41910b6cad94ea5722f24759b679555b8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:eb:6c:da:06:11:3a:fb:5a:e4:ae:df:8d:b7:
6c:69:33:ba:1b:3e:9f:94:58:e8:27:82:f4:73:dd:
f4:b5:95:1f:81:5d:40:ae:db:e8:c6:ba:5a:5f:37:
2d:61:b5:41:fa:58:b7:11:12:85:e7:70:3a:d8:6f:
03:6e:3d:1b:3c:31:3b:65:00:25:6d:0c:0e:78:83:
a9:f6:6b:3c:3f:5c:a0:c5:3c:0c:c4:90:da:4e:0b:
08:f1:9a:06:86:cc:4b:88:69:1e:33:63:86:82:aa:
f4:0c:bc:2d:79:38:11:05:8d:f5:6d:e2:ed:7f:4c:
e3:f2:da:d2:19:bc:43:ac:74:5f:3f:11:86:af:5c:
dd:5c:13:c5:11:ee:de:9b:cc:c0:96:5a:a3:cb:83:
27:2d:b3:ae:5f:99:3a:9e:98:f3:45:7e:15:84:cd:
93:45:37:6a:9b:d7:48:3b:fb:e8:ac:1f:81:05:59:
b5:51:c6:5d:07:f9:6e:0a:2b:4b:2a:f2:07:8b:bf:
3b:da:26:aa:c5:b1:61:2f:4c:e3:64:c8:ca:0c:89:
f4:7c:32:0e:b9:a8:37:81:79:4a:82:89:48:3c:cb:
cc:ea:fa:e3:50:31:e6:ed:44:e6:57:15:5b:de:f3:
46:19:15:3b:7f:31:7a:c4:48:b4:24:3a:ce:12:2c:
fc:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:66:6A:41:91:0B:6C:AD:94:EA:57:22:F2:47:59:B6:79:55:5B:8C
X509v3 Authority Key Identifier:
keyid:6C:89:53:35:BA:98:F7:C6:26:F0:C8:19:E9:E2:89:4C:61:D4:47:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bIlTNbqY98Ym8MgZ6eKJTGHUR1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/2a55f5-3cdc-43ea-9803-74ee83736e97/1/E2ZqQZELbK2U6lci8kdZtnlVW4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/2a55f5-3cdc-43ea-9803-74ee83736e97/1/bIlTNbqY98Ym8MgZ6eKJTGHUR1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.190.64.0/19
IPv6:
2a00:bfe0::/32
Signature Algorithm: sha256WithRSAEncryption
28:c9:ba:69:9c:56:83:4f:c3:74:f2:18:ae:73:25:d6:a7:76:
20:1e:22:1b:74:1a:88:e2:58:1a:c2:6e:97:8b:69:91:95:24:
9d:23:fe:57:82:a8:48:39:a3:4b:fa:58:57:eb:54:3b:32:f1:
ba:f8:21:d2:1d:68:df:88:7d:34:7b:5a:2c:e5:97:53:a7:2b:
a0:72:a7:89:1c:7c:da:e8:77:7c:03:87:92:68:23:14:63:59:
26:de:74:85:56:a4:3e:9f:ab:80:e2:fd:25:2f:38:67:7f:55:
8e:2b:6c:3c:45:b4:4b:dc:80:b4:bf:78:67:58:f2:50:7c:fd:
65:6d:13:be:9f:6e:d8:21:62:5d:89:32:80:d0:86:93:58:32:
c6:9d:91:04:64:64:f4:bb:7a:2b:e0:ca:37:72:c9:02:07:9b:
d4:39:cb:db:76:ae:84:b3:c2:0a:89:d7:a3:e4:90:1c:0b:33:
b8:4a:4b:d5:d4:d8:65:e7:be:af:fd:ef:d0:58:29:f8:64:3c:
8a:11:67:62:85:0a:d5:69:33:32:a2:bf:e6:03:c1:e7:0e:67:
0a:a9:fe:64:e7:ac:dd:72:e1:eb:98:66:f6:fe:bd:87:ac:10:
b7:e4:cc:c2:87:82:f1:dc:f1:0e:94:bf:56:20:a6:3a:e8:51:
4e:9d:16:d1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuiytQoPQMsgEMF4DG67E6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjODk1MzM1YmE5OGY3YzYyNmYwYzgxOWU5ZTI4OTRjNjFk
NDQ3NTQwHhcNMjMwMTAxMTgxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzY2NmE0MTkxMGI2Y2FkOTRlYTU3MjJmMjQ3NTliNjc5NTU1YjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+ts2gYROvta5K7fjbdsaTO6Gz6f
lFjoJ4L0c930tZUfgV1ArtvoxrpaXzctYbVB+li3ERKF53A62G8Dbj0bPDE7ZQAl
bQwOeIOp9ms8P1ygxTwMxJDaTgsI8ZoGhsxLiGkeM2OGgqr0DLwteTgRBY31beLt
f0zj8trSGbxDrHRfPxGGr1zdXBPFEe7em8zAllqjy4MnLbOuX5k6npjzRX4VhM2T
RTdqm9dIO/vorB+BBVm1UcZdB/luCitLKvIHi7872iaqxbFhL0zjZMjKDIn0fDIO
uag3gXlKgolIPMvM6vrjUDHm7UTmVxVb3vNGGRU7fzF6xEi0JDrOEiz8JQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBNmakGRC2ytlOpXIvJHWbZ5VVuMMB8GA1UdIwQY
MBaAFGyJUzW6mPfGJvDIGeniiUxh1EdUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklsVE5icVk5OFltOE1nWjZlS0pUR0hVUjFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8yYTU1ZjUtM2NkYy00M2VhLTk4MDMt
NzRlZTgzNzM2ZTk3LzEvRTJacVFaRUxiSzJVNmxjaThrZFp0bmxWVzR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8yYTU1ZjUtM2NkYy00M2VhLTk4MDMtNzRlZTgzNzM2ZTk3
LzEvYklsVE5icVk5OFltOE1nWjZlS0pUR0hVUjFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFWb5AMA0E
AgACMAcDBQAqAL/gMA0GCSqGSIb3DQEBCwUAA4IBAQAoybppnFaDT8N08hiucyXW
p3YgHiIbdBqI4lgawm6Xi2mRlSSdI/5XgqhIOaNL+lhX61Q7MvG6+CHSHWjfiH00
e1os5ZdTpyugcqeJHHza6Hd8A4eSaCMUY1km3nSFVqQ+n6uA4v0lLzhnf1WOK2w8
RbRL3IC0v3hnWPJQfP1lbRO+n27YIWJdiTKA0IaTWDLGnZEEZGT0u3or4Mo3cskC
B5vUOcvbdq6Es8IKidej5JAcCzO4SkvV1Nhl576v/e/QWCn4ZDyKEWdihQrVaTMy
or/mA8HnDmcKqf5k56zdcuHrmGb2/r2HrBC35MzCh4Lx3PEOlL9WIKY66FFOnRbR
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:40:11 2024 by rpki-client on console-ams.rpki-client.org