Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/yRzwejVSauh5J3SqcIAz9T7xhWA.roa
File: yRzwejVSauh5J3SqcIAz9T7xhWA.roa (raw, json)
Hash identifier: Wrqqoq5cwG+rMNTMWPlnF9/upXXQ0FhuIDv968WoD9s=
Subject key identifier: C9:1C:F0:7A:35:52:6A:E8:79:27:74:AA:70:80:33:F5:3E:F1:85:60
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 018CC6B944762A25F4DAB52A70B2D7FFFBCE
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/yRzwejVSauh5J3SqcIAz9T7xhWA.roa
Signing time: Mon 01 Jan 2024 20:31:19 +0000
ROA not before: Mon 01 Jan 2024 20:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 89.31.122.0/24 maxlen: 24
2a03:f80:420::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 09 Sep 2024 08:35:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:44:76:2a:25:f4:da:b5:2a:70:b2:d7:ff:fb:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 20:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c91cf07a35526ae8792774aa708033f53ef18560
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:22:84:ad:d8:30:54:f3:d5:38:e0:3b:51:3d:
d7:d6:28:82:58:4a:fc:59:fe:0c:ea:10:a5:55:a1:
41:a2:82:83:75:64:2f:da:7e:f4:4a:90:9c:2e:47:
45:f1:10:35:37:aa:22:df:cf:78:37:96:74:f0:4a:
2a:fe:53:53:88:39:9e:ad:96:87:01:81:b2:a9:53:
2f:d6:97:a7:72:51:d1:37:84:f4:f8:24:19:22:3b:
0f:83:ca:39:37:00:b3:cf:f6:a5:dc:e7:0a:6d:36:
2a:c5:cc:32:91:e2:85:29:eb:b5:03:fc:d1:20:dc:
81:1a:36:b6:0b:31:19:7a:77:f9:c8:ac:69:19:32:
cb:b7:0d:d3:58:9a:93:48:07:87:3f:04:d6:d3:e2:
47:29:96:e8:da:9f:a1:26:44:f6:00:0d:a7:ed:67:
a0:2e:4d:0e:b1:a4:34:90:42:b6:d9:19:27:07:d7:
d2:29:f0:63:82:71:6a:d9:de:fc:89:98:8b:26:06:
e9:05:2a:ad:2e:0b:dd:66:df:ff:47:1f:31:37:ad:
f3:e4:fd:23:d8:44:42:83:74:0f:a3:73:cc:9b:83:
0c:0e:90:b7:99:c5:b8:6b:d0:e0:20:23:4d:db:a2:
de:b4:71:80:57:74:81:5c:58:20:87:ab:82:f2:5b:
43:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:1C:F0:7A:35:52:6A:E8:79:27:74:AA:70:80:33:F5:3E:F1:85:60
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/yRzwejVSauh5J3SqcIAz9T7xhWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.31.122.0/24
IPv6:
2a03:f80:420::/48
Signature Algorithm: sha256WithRSAEncryption
8c:2d:ca:85:b4:57:82:80:19:8b:68:94:12:6e:09:57:bb:69:
7a:40:34:f3:cc:ad:82:39:7d:c5:2a:6e:62:42:cc:3d:55:8c:
13:de:a1:d8:c4:7e:39:fb:a7:c0:fe:47:b2:20:5b:77:e6:19:
11:2f:6e:ce:e6:64:f3:6a:a7:05:5c:a8:24:22:b8:dd:2b:38:
1c:b9:51:1e:b5:a8:43:d7:aa:fe:d3:8c:01:ab:ad:e3:18:00:
5d:a4:8c:e1:0b:8d:f0:42:b3:1e:c9:a1:5e:4c:d8:93:57:31:
a2:4a:48:22:ca:a7:d5:ca:74:0b:f2:4d:be:7e:a0:98:ce:b5:
0c:f2:6c:68:23:ba:9e:46:60:0f:c6:26:56:5a:3a:4a:1a:3c:
5b:e1:12:c3:e3:28:d9:e4:74:0d:92:4b:7e:88:13:a1:04:40:
a5:a2:38:5b:a6:f8:99:3e:de:3c:2f:4e:18:85:25:08:c0:ed:
f8:14:a1:bf:01:79:39:06:b8:25:21:55:58:da:73:21:13:da:
8b:07:51:b0:96:53:b3:6a:00:5d:30:52:93:ad:d2:90:7b:9f:
26:3e:9d:76:f9:87:00:e7:ec:5d:90:09:e4:14:aa:58:77:60:
fb:cd:58:12:10:c7:ec:01:71:96:23:99:7c:17:50:72:ad:7d:
5e:9a:ec:14
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzGuUR2KiX02rUqcLLX//vOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQwMTAxMjAzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTFjZjA3YTM1NTI2YWU4NzkyNzc0YWE3MDgwMzNmNTNlZjE4NTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCKErdgwVPPVOOA7UT3X1iiCWEr8
Wf4M6hClVaFBooKDdWQv2n70SpCcLkdF8RA1N6oi3894N5Z08Eoq/lNTiDmerZaH
AYGyqVMv1penclHRN4T0+CQZIjsPg8o5NwCzz/al3OcKbTYqxcwykeKFKeu1A/zR
INyBGja2CzEZenf5yKxpGTLLtw3TWJqTSAeHPwTW0+JHKZbo2p+hJkT2AA2n7Weg
Lk0OsaQ0kEK22RknB9fSKfBjgnFq2d78iZiLJgbpBSqtLgvdZt//Rx8xN63z5P0j
2ERCg3QPo3PMm4MMDpC3mcW4a9DgICNN26LetHGAV3SBXFggh6uC8ltD+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMkc8Ho1UmroeSd0qnCAM/U+8YVgMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEveVJ6d2VqVlNhdWg1SjNTcWNJQXo5VDd4aFdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAWR96MA8E
AgACMAkDBwAqAw+ABCAwDQYJKoZIhvcNAQELBQADggEBAIwtyoW0V4KAGYtolBJu
CVe7aXpANPPMrYI5fcUqbmJCzD1VjBPeodjEfjn7p8D+R7IgW3fmGREvbs7mZPNq
pwVcqCQiuN0rOBy5UR61qEPXqv7TjAGrreMYAF2kjOELjfBCsx7JoV5M2JNXMaJK
SCLKp9XKdAvyTb5+oJjOtQzybGgjup5GYA/GJlZaOkoaPFvhEsPjKNnkdA2SS36I
E6EEQKWiOFum+Jk+3jwvThiFJQjA7fgUob8BeTkGuCUhVVjacyET2osHUbCWU7Nq
AF0wUpOt0pB7nyY+nXb5hwDn7F2QCeQUqlh3YPvNWBIQx+wBcZYjmXwXUHKtfV6a
7BQ=
-----END CERTIFICATE-----
Generated at Mon Sep 9 10:48:59 2024 by rpki-client on console-fra.rpki-client.org