Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/XTHw5Jf5TJXSIw9vNKp5YZG_pgI.roa
File: XTHw5Jf5TJXSIw9vNKp5YZG_pgI.roa (raw, json)
Hash identifier: /sMaKf812vOHGjHvIi9DI9j4abLWlcsJaabcBVuH/EQ=
Subject key identifier: 5D:31:F0:E4:97:F9:4C:95:D2:23:0F:6F:34:AA:79:61:91:BF:A6:02
Certificate issuer: /CN=ad243dcff0cb38211f7fe7db3f913169b44cf456
Certificate serial: 018F4B42C09F24750395742B6A82F0D0E177
Authority key identifier: AD:24:3D:CF:F0:CB:38:21:1F:7F:E7:DB:3F:91:31:69:B4:4C:F4:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rSQ9z_DLOCEff-fbP5ExabRM9FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/XTHw5Jf5TJXSIw9vNKp5YZG_pgI.roa
Signing time: Mon 06 May 2024 00:16:56 +0000
ROA not before: Mon 06 May 2024 00:16:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12929
IP address blocks: 89.8.0.0/15 maxlen: 15
89.9.72.0/23 maxlen: 24
89.9.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 May 2024 22:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4b:42:c0:9f:24:75:03:95:74:2b:6a:82:f0:d0:e1:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad243dcff0cb38211f7fe7db3f913169b44cf456
Validity
Not Before: May 6 00:16:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d31f0e497f94c95d2230f6f34aa796191bfa602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:af:c8:11:4d:01:2d:28:2e:0b:99:50:fd:06:
b3:64:a8:a6:78:3b:f7:f5:f5:6c:3e:f3:35:cf:c8:
a5:7e:58:28:20:a1:6a:24:25:fa:99:37:4b:bc:8d:
ca:56:78:44:e5:37:30:5b:e6:f7:e9:87:64:c4:0e:
e6:dd:70:83:1e:f2:c3:31:37:b5:52:e1:32:ce:64:
48:7f:78:b7:fa:28:c8:aa:66:f4:35:46:ae:49:50:
43:e6:ed:db:5f:82:ae:d3:48:0d:5e:11:35:ab:93:
38:18:68:ef:4b:1b:76:22:f4:a8:81:c3:05:20:2a:
ef:52:f6:49:b7:4c:5b:4d:a5:6e:7f:2b:22:da:b4:
34:91:e1:e0:b9:6c:d5:61:03:85:f6:0d:fa:9a:73:
45:9a:eb:0c:7c:b5:73:15:fa:93:56:d4:b1:42:75:
d5:3c:fe:d1:f5:6d:54:65:e9:3c:a3:7a:15:f5:d3:
f1:36:0b:4c:8a:3f:c8:3a:70:7d:7d:c2:d6:cf:93:
30:2e:aa:82:b0:5f:0e:9c:21:d7:1f:94:04:e8:7a:
b7:73:ea:cc:ed:46:2f:59:aa:f5:1f:d4:09:b9:b9:
16:38:b8:eb:3f:18:77:33:22:3f:ee:6d:4e:13:52:
e6:44:a6:f2:98:80:59:28:55:41:07:10:0d:99:f2:
9e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:31:F0:E4:97:F9:4C:95:D2:23:0F:6F:34:AA:79:61:91:BF:A6:02
X509v3 Authority Key Identifier:
keyid:AD:24:3D:CF:F0:CB:38:21:1F:7F:E7:DB:3F:91:31:69:B4:4C:F4:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rSQ9z_DLOCEff-fbP5ExabRM9FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/XTHw5Jf5TJXSIw9vNKp5YZG_pgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/rSQ9z_DLOCEff-fbP5ExabRM9FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.8.0.0/15
Signature Algorithm: sha256WithRSAEncryption
52:fa:06:d6:dc:17:f7:d4:f9:04:0a:84:23:f3:d9:bf:f9:c1:
21:91:23:33:09:78:ff:d3:59:57:be:74:d7:d2:02:04:25:d6:
5c:9f:d4:b6:46:f3:4e:00:be:46:6c:38:a4:2f:da:0f:e7:24:
7f:a4:69:06:cd:9a:24:55:e6:84:2b:d5:0c:27:d0:1a:8c:1c:
e4:20:9c:d8:1b:2a:1d:bc:ed:ec:8d:64:f0:94:2d:5b:0f:7e:
1e:a0:db:1e:6e:80:b3:2f:79:4d:03:d8:80:ba:dc:a4:c1:94:
29:28:ba:fa:59:49:f7:5a:39:d7:ab:e5:2b:84:8a:2a:50:5c:
24:ad:d3:3f:a8:32:f6:d4:14:bc:35:09:de:af:41:84:98:2e:
b8:fd:94:e7:b9:d8:14:5c:d6:e9:b6:68:15:66:08:50:a0:ed:
98:db:bf:4a:c7:3b:40:79:74:8f:1c:69:8c:17:bd:16:e7:6c:
19:7c:2e:07:63:f3:3a:a3:2d:a3:15:4e:d0:96:42:72:08:0a:
48:7e:ea:f9:69:62:07:00:d7:4e:10:96:24:f7:09:cd:ec:43:
78:83:1b:fe:e6:72:5b:c2:34:31:4d:6d:1e:b6:71:e9:26:fb:
88:e6:89:c0:2b:34:23:c2:6e:b1:09:89:cc:03:3f:c8:b4:c1:
73:5c:60:c0
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAY9LQsCfJHUDlXQraoLw0OF3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMjQzZGNmZjBjYjM4MjExZjdmZTdkYjNmOTEzMTY5YjQ0
Y2Y0NTYwHhcNMjQwNTA2MDAxNjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDMxZjBlNDk3Zjk0Yzk1ZDIyMzBmNmYzNGFhNzk2MTkxYmZhNjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6/IEU0BLSguC5lQ/QazZKimeDv3
9fVsPvM1z8ilflgoIKFqJCX6mTdLvI3KVnhE5TcwW+b36YdkxA7m3XCDHvLDMTe1
UuEyzmRIf3i3+ijIqmb0NUauSVBD5u3bX4Ku00gNXhE1q5M4GGjvSxt2IvSogcMF
ICrvUvZJt0xbTaVufysi2rQ0keHguWzVYQOF9g36mnNFmusMfLVzFfqTVtSxQnXV
PP7R9W1UZek8o3oV9dPxNgtMij/IOnB9fcLWz5MwLqqCsF8OnCHXH5QE6Hq3c+rM
7UYvWar1H9QJubkWOLjrPxh3MyI/7m1OE1LmRKbymIBZKFVBBxANmfKeeQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFF0x8OSX+UyV0iMPbzSqeWGRv6YCMB8GA1UdIwQY
MBaAFK0kPc/wyzghH3/n2z+RMWm0TPRWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclNROXpfRExPQ0VmZi1mYlA1RXhhYlJNOUZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9hNWQyN2ItMjZjMC00ZWIzLTg5YmMt
YjlmMjk4YTc5OGU0LzEvWFRIdzVKZjVUSlhTSXc5dk5LcDVZWkdfcGdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9hNWQyN2ItMjZjMC00ZWIzLTg5YmMtYjlmMjk4YTc5OGU0
LzEvclNROXpfRExPQ0VmZi1mYlA1RXhhYlJNOUZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBWQgwDQYJ
KoZIhvcNAQELBQADggEBAFL6BtbcF/fU+QQKhCPz2b/5wSGRIzMJeP/TWVe+dNfS
AgQl1lyf1LZG804AvkZsOKQv2g/nJH+kaQbNmiRV5oQr1Qwn0BqMHOQgnNgbKh28
7eyNZPCULVsPfh6g2x5ugLMveU0D2IC63KTBlCkouvpZSfdaOder5SuEiipQXCSt
0z+oMvbUFLw1Cd6vQYSYLrj9lOe52BRc1um2aBVmCFCg7Zjbv0rHO0B5dI8caYwX
vRbnbBl8Lgdj8zqjLaMVTtCWQnIICkh+6vlpYgcA104QliT3Cc3sQ3iDG/7mclvC
NDFNbR62cekm+4jmicArNCPCbrEJicwDP8i0wXNcYMA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:36 2024 by rpki-client on console-ams.rpki-client.org