Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/giNVj4aPj0HqLfVbExwX-ZzxISw.roa
File: giNVj4aPj0HqLfVbExwX-ZzxISw.roa (raw, json)
Hash identifier: 4oL/K9LNVmjnZmpOEPT7ZfxXqB+uQoJeqNIeqYiyVB4=
Subject key identifier: 82:23:55:8F:86:8F:8F:41:EA:2D:F5:5B:13:1C:17:F9:9C:F1:21:2C
Certificate issuer: /CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Certificate serial: 0185726B721966C3F4D802D1B95FBA5CCADC
Authority key identifier: 0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/giNVj4aPj0HqLfVbExwX-ZzxISw.roa
Signing time: Mon 02 Jan 2023 12:18:42 +0000
ROA not before: Mon 02 Jan 2023 12:18:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49367
IP address blocks: 152.89.168.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:6b:72:19:66:c3:f4:d8:02:d1:b9:5f:ba:5c:ca:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Validity
Not Before: Jan 2 12:18:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8223558f868f8f41ea2df55b131c17f99cf1212c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3c:e1:8d:90:26:49:fc:97:73:e1:45:a1:2e:
00:92:b5:43:e5:d5:a3:42:44:36:4c:f0:97:5c:90:
43:aa:ee:92:b4:2e:b1:87:0d:6b:c1:cb:f4:44:f9:
e1:13:42:17:56:b7:e7:7b:55:7b:74:80:07:11:b6:
95:f9:6a:3a:aa:f6:6d:04:ef:19:45:af:96:d7:e8:
90:65:3f:02:09:f5:df:91:74:d9:03:c8:d2:35:37:
47:cb:eb:59:b7:68:bd:b2:6a:52:7e:84:b2:6f:77:
05:68:21:8a:09:3d:5f:86:c5:2a:97:bb:11:4f:f1:
07:e5:72:49:ea:17:63:34:b6:12:ae:18:44:bb:83:
12:01:00:c3:76:1d:ab:86:a2:89:c3:97:4f:3c:e5:
e3:8f:39:aa:41:30:68:6f:41:20:ca:3d:c5:a6:c3:
f0:16:f2:a3:80:14:2d:87:1a:4d:4e:e5:53:99:aa:
55:ed:84:e0:5d:ee:36:e3:24:ef:40:26:91:3a:d6:
b0:ad:3f:3d:ce:36:88:6b:53:84:eb:ad:c5:e5:1e:
7b:9e:b0:8a:54:2a:b1:dc:18:c2:e9:7f:ff:1e:67:
82:86:27:af:7f:10:5b:d1:3d:b6:ec:7b:59:5d:ea:
13:50:66:b6:17:5e:4e:15:c5:d9:2a:26:3a:f4:1e:
64:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:23:55:8F:86:8F:8F:41:EA:2D:F5:5B:13:1C:17:F9:9C:F1:21:2C
X509v3 Authority Key Identifier:
keyid:0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/giNVj4aPj0HqLfVbExwX-ZzxISw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.168.0/24
Signature Algorithm: sha256WithRSAEncryption
62:4c:13:b6:5a:25:ec:75:af:21:ff:36:18:59:b5:a4:92:b3:
b2:7c:e8:e4:21:e7:d0:83:88:41:8e:68:4b:8c:d9:e1:6f:9c:
d2:90:02:c3:52:68:36:9f:b4:e1:b9:cf:a8:a8:e9:6f:24:80:
a6:8f:06:9d:26:85:23:dc:0d:8e:94:f4:62:b2:2c:fc:27:1c:
4b:fa:75:7e:99:32:94:70:ed:f2:73:81:89:a0:a3:a1:11:71:
2d:0b:ce:64:46:31:9a:39:af:bf:c6:d9:96:f5:f3:6a:d5:94:
d1:fd:35:bc:7e:e9:e5:8b:64:c5:04:dc:de:2d:b6:7e:6b:9b:
dd:84:74:34:cc:a4:f7:c7:15:58:c3:62:30:46:c4:82:a1:fd:
64:a1:cf:58:2d:e9:48:90:89:48:2b:d5:8c:ab:d4:d7:5f:3a:
5f:07:39:93:21:ff:24:52:04:5d:02:ad:bc:0a:e4:29:af:d8:
68:89:66:19:aa:53:5c:e9:27:ee:4c:de:86:12:45:b0:a3:98:
2f:c6:22:76:29:81:aa:73:44:76:cb:bd:b9:63:09:0a:fe:f7:
a3:c1:b8:8a:cb:57:2a:cb:cc:93:f5:61:b6:50:22:ef:ff:c8:
c4:3e:e0:a3:4b:17:2f:33:0a:5e:dc:18:3c:cc:6e:65:df:9c:
10:1d:61:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVya3IZZsP02ALRuV+6XMrcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZjU0M2UyM2UyOWZiMDM3NDhkMDkzOTcyNmYzMGZlOWFm
ZmExOWUwHhcNMjMwMTAyMTIxODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjIzNTU4Zjg2OGY4ZjQxZWEyZGY1NWIxMzFjMTdmOTljZjEyMTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTzhjZAmSfyXc+FFoS4AkrVD5dWj
QkQ2TPCXXJBDqu6StC6xhw1rwcv0RPnhE0IXVrfne1V7dIAHEbaV+Wo6qvZtBO8Z
Ra+W1+iQZT8CCfXfkXTZA8jSNTdHy+tZt2i9smpSfoSyb3cFaCGKCT1fhsUql7sR
T/EH5XJJ6hdjNLYSrhhEu4MSAQDDdh2rhqKJw5dPPOXjjzmqQTBob0Egyj3FpsPw
FvKjgBQthxpNTuVTmapV7YTgXe424yTvQCaROtawrT89zjaIa1OE663F5R57nrCK
VCqx3BjC6X//HmeChievfxBb0T227HtZXeoTUGa2F15OFcXZKiY69B5kUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIIjVY+Gj49B6i31WxMcF/mc8SEsMB8GA1UdIwQY
MBaAFAv1Q+I+KfsDdI0JOXJvMP6a/6GeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMt
YTM1ZmM0MzhkNGNhLzEvZ2lOVmo0YVBqMEhxTGZWYkV4d1gtWnp4SVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMtYTM1ZmM0MzhkNGNh
LzEvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFmoMA0G
CSqGSIb3DQEBCwUAA4IBAQBiTBO2WiXsda8h/zYYWbWkkrOyfOjkIefQg4hBjmhL
jNnhb5zSkALDUmg2n7Thuc+oqOlvJICmjwadJoUj3A2OlPRisiz8JxxL+nV+mTKU
cO3yc4GJoKOhEXEtC85kRjGaOa+/xtmW9fNq1ZTR/TW8funli2TFBNzeLbZ+a5vd
hHQ0zKT3xxVYw2IwRsSCof1koc9YLelIkIlIK9WMq9TXXzpfBzmTIf8kUgRdAq28
CuQpr9hoiWYZqlNc6SfuTN6GEkWwo5gvxiJ2KYGqc0R2y725YwkK/vejwbiKy1cq
y8yT9WG2UCLv/8jEPuCjSxcvMwpe3Bg8zG5l35wQHWH/
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:53 2023 by rpki-client on console-ams.rpki-client.org