Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/KmcrxjCOUey0OGWmYMMyJauac4U.roa
File: KmcrxjCOUey0OGWmYMMyJauac4U.roa (raw, json)
Hash identifier: Q2lbRTDJbk0yxkUtbyBE58B0lfHLve9DleO2SsI4mBw=
Subject key identifier: 2A:67:2B:C6:30:8E:51:EC:B4:38:65:A6:60:C3:32:25:AB:9A:73:85
Certificate issuer: /CN=dc90e0aee1ecc31066cb744f8a7feedefb3f7930
Certificate serial: 01856E2FA0D7BE1F9BF5DB8F7964DF7B3E37
Authority key identifier: DC:90:E0:AE:E1:EC:C3:10:66:CB:74:4F:8A:7F:EE:DE:FB:3F:79:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JDgruHswxBmy3RPin_u3vs_eTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/KmcrxjCOUey0OGWmYMMyJauac4U.roa
Signing time: Sun 01 Jan 2023 16:34:53 +0000
ROA not before: Sun 01 Jan 2023 16:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203507
IP address blocks: 89.105.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:a0:d7:be:1f:9b:f5:db:8f:79:64:df:7b:3e:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc90e0aee1ecc31066cb744f8a7feedefb3f7930
Validity
Not Before: Jan 1 16:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a672bc6308e51ecb43865a660c33225ab9a7385
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:39:5a:e9:44:ac:18:e6:eb:7b:cd:83:fb:4c:
98:75:b6:93:63:24:7e:5e:9f:02:8e:1e:97:d5:0d:
06:04:ea:67:69:0d:00:6e:4a:d6:f6:c8:75:28:8b:
e7:4c:68:11:91:82:80:e3:26:b3:3b:44:f8:77:04:
ee:0f:d2:f6:ad:8b:a8:d3:20:81:db:4e:6c:ed:87:
d0:27:a7:2b:1e:b7:3c:56:d1:3e:4b:51:5c:5c:96:
39:e4:38:b8:9d:fe:b9:0f:2b:4d:a6:8b:4e:00:da:
1b:e3:fc:ef:b1:13:16:e0:ab:65:f4:31:da:84:25:
f0:0b:cf:cb:b6:73:72:cf:16:a7:de:3d:07:34:2b:
3b:05:8e:93:b4:96:c7:7e:d1:1c:63:14:af:68:c1:
10:a1:a7:77:86:6f:1b:72:32:b3:81:30:dd:4f:b7:
3d:bc:78:c7:fb:8f:9a:5f:d7:7e:31:24:68:b4:d1:
cc:4c:47:1b:fd:09:21:dd:03:2c:0c:1d:7a:9f:32:
61:da:a0:e8:a9:2e:49:c7:d0:6a:c4:f5:b8:4c:89:
66:59:8b:ec:f8:b7:d4:fa:c0:30:77:e8:90:ea:1a:
79:ab:81:e0:9e:07:f7:b5:13:03:98:4b:6b:b9:23:
77:18:b1:f4:90:03:05:66:a6:f1:eb:13:c6:0e:a9:
ae:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:67:2B:C6:30:8E:51:EC:B4:38:65:A6:60:C3:32:25:AB:9A:73:85
X509v3 Authority Key Identifier:
keyid:DC:90:E0:AE:E1:EC:C3:10:66:CB:74:4F:8A:7F:EE:DE:FB:3F:79:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JDgruHswxBmy3RPin_u3vs_eTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/KmcrxjCOUey0OGWmYMMyJauac4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/3JDgruHswxBmy3RPin_u3vs_eTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.105.213.0/24
Signature Algorithm: sha256WithRSAEncryption
12:90:31:7e:7b:bc:b5:34:f6:e1:3f:bb:20:1b:8c:cc:31:99:
fb:4e:b9:ed:18:05:df:1e:cf:e5:28:74:fc:c5:67:9a:6a:e5:
7b:27:ec:a8:1f:42:a4:8f:97:fb:20:2b:f1:b0:fa:fc:a3:07:
24:3b:d2:25:73:0e:90:77:33:99:50:1b:e8:e4:78:e5:c3:c6:
24:3a:57:5c:ea:32:fe:cd:58:78:91:4f:5a:41:79:86:2c:a6:
1c:7f:b3:a8:e4:f4:92:e4:55:b3:9b:70:ef:d8:77:a6:3a:be:
b0:a2:63:85:45:37:8f:4a:c3:97:e3:68:37:d2:d2:c5:26:d4:
a3:6c:d9:28:4c:46:bb:d4:00:23:f4:f7:1d:64:67:23:34:1a:
40:c8:4d:7f:6a:15:65:e4:37:79:24:ae:10:28:28:74:b5:76:
a6:62:5e:2e:c2:0a:1f:75:ac:6f:e9:2d:af:7c:3f:04:18:bb:
bc:2e:d1:f6:2e:b9:1f:d3:59:73:50:2a:91:5c:37:70:f6:b5:
25:c6:35:97:80:99:0d:d1:fe:8d:56:61:1b:f9:68:61:34:f5:
b4:4d:a1:bb:db:39:1d:62:ee:9d:75:ef:b4:79:31:ed:21:21:
aa:dd:52:2f:e5:33:54:0b:11:a3:3a:0c:2d:57:5e:75:47:7e:
5e:2b:74:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuL6DXvh+b9duPeWTfez43MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjOTBlMGFlZTFlY2MzMTA2NmNiNzQ0ZjhhN2ZlZWRlZmIz
Zjc5MzAwHhcNMjMwMTAxMTYzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTY3MmJjNjMwOGU1MWVjYjQzODY1YTY2MGMzMzIyNWFiOWE3Mzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjla6USsGObre82D+0yYdbaTYyR+
Xp8Cjh6X1Q0GBOpnaQ0AbkrW9sh1KIvnTGgRkYKA4yazO0T4dwTuD9L2rYuo0yCB
205s7YfQJ6crHrc8VtE+S1FcXJY55Di4nf65DytNpotOANob4/zvsRMW4Ktl9DHa
hCXwC8/LtnNyzxan3j0HNCs7BY6TtJbHftEcYxSvaMEQoad3hm8bcjKzgTDdT7c9
vHjH+4+aX9d+MSRotNHMTEcb/Qkh3QMsDB16nzJh2qDoqS5Jx9BqxPW4TIlmWYvs
+LfU+sAwd+iQ6hp5q4Hgngf3tRMDmEtruSN3GLH0kAMFZqbx6xPGDqmugQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCpnK8YwjlHstDhlpmDDMiWrmnOFMB8GA1UdIwQY
MBaAFNyQ4K7h7MMQZst0T4p/7t77P3kwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0pEZ3J1SHN3eEJteTNSUGluX3UzdnNfZVRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84N2IyNjctNDljMi00MjY5LTlmNjYt
MDBiY2Q5YjkxYzFiLzEvS21jcnhqQ09VZXkwT0dXbVlNTXlKYXVhYzRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84N2IyNjctNDljMi00MjY5LTlmNjYtMDBiY2Q5YjkxYzFi
LzEvM0pEZ3J1SHN3eEJteTNSUGluX3UzdnNfZVRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWWnVMA0G
CSqGSIb3DQEBCwUAA4IBAQASkDF+e7y1NPbhP7sgG4zMMZn7TrntGAXfHs/lKHT8
xWeaauV7J+yoH0Kkj5f7ICvxsPr8owckO9Ilcw6QdzOZUBvo5Hjlw8YkOldc6jL+
zVh4kU9aQXmGLKYcf7Oo5PSS5FWzm3Dv2HemOr6womOFRTePSsOX42g30tLFJtSj
bNkoTEa71AAj9PcdZGcjNBpAyE1/ahVl5Dd5JK4QKCh0tXamYl4uwgofdaxv6S2v
fD8EGLu8LtH2Lrkf01lzUCqRXDdw9rUlxjWXgJkN0f6NVmEb+WhhNPW0TaG72zkd
Yu6dde+0eTHtISGq3VIv5TNUCxGjOgwtV151R35eK3SI
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:21 2024 by rpki-client on console-ams.rpki-client.org