Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/HsIXjQvFifq6wTo1TXza-U6R-eA.roa
File: HsIXjQvFifq6wTo1TXza-U6R-eA.roa (raw, json)
Hash identifier: cIdx8g3MCypBhA0cTmmY6vEfpfxWRQWVu7DIKGYU3ko=
Subject key identifier: 1E:C2:17:8D:0B:C5:89:FA:BA:C1:3A:35:4D:7C:DA:F9:4E:91:F9:E0
Certificate issuer: /CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Certificate serial: 018AD520BDC52913667C743CF97FE1CC2860
Authority key identifier: 23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/HsIXjQvFifq6wTo1TXza-U6R-eA.roa
Signing time: Wed 27 Sep 2023 05:33:27 +0000
ROA not before: Wed 27 Sep 2023 05:33:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216248
IP address blocks: 89.188.164.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d5:20:bd:c5:29:13:66:7c:74:3c:f9:7f:e1:cc:28:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Validity
Not Before: Sep 27 05:33:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ec2178d0bc589fabac13a354d7cdaf94e91f9e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:36:7a:49:54:6a:f1:67:ca:fe:40:60:2d:39:
c8:81:83:b4:76:a2:8c:81:45:b0:7a:82:24:ea:c6:
d1:d0:41:fc:2e:22:01:64:c0:61:68:07:4b:e3:f7:
5b:0f:35:72:fc:e9:e3:c8:b9:bc:40:07:37:ba:04:
07:fb:69:8b:12:84:c2:d5:ae:e3:ce:e2:ff:d9:af:
24:ce:62:06:da:f7:8b:86:40:66:90:de:31:96:2b:
cf:36:f5:76:a8:61:36:95:2d:21:33:3c:14:3b:21:
50:b7:3c:b2:b6:ba:08:6a:14:e0:22:15:b5:7f:6f:
b2:3f:11:86:14:b0:c6:95:1d:4a:b5:0e:87:80:2d:
1b:44:2f:d4:89:24:c5:11:32:c3:ef:94:9b:b6:65:
ce:53:ab:72:75:1c:d0:25:2f:fd:a0:e0:8e:67:ad:
a9:3d:ab:fd:5a:01:e4:2f:bc:1f:91:9c:a0:9c:0d:
53:e1:55:ab:bb:83:c7:49:9d:ee:75:83:a0:d1:df:
31:b2:62:89:92:4b:9a:9a:46:88:35:1e:e4:6f:f7:
6d:45:b9:b0:d6:bf:d3:73:59:c3:08:13:60:f0:b1:
8f:df:80:5e:ad:da:6f:89:8a:e9:f9:7d:68:cf:b7:
bb:03:85:ea:ff:10:b8:12:28:c6:fa:1d:67:ed:d7:
b8:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:C2:17:8D:0B:C5:89:FA:BA:C1:3A:35:4D:7C:DA:F9:4E:91:F9:E0
X509v3 Authority Key Identifier:
keyid:23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/HsIXjQvFifq6wTo1TXza-U6R-eA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.188.164.0/23
Signature Algorithm: sha256WithRSAEncryption
a6:f4:ed:77:b4:29:94:b8:cd:92:bd:ce:55:2b:4d:e5:46:c9:
fb:56:7a:5a:5d:2c:5d:06:33:ad:02:18:ce:d0:57:9e:35:c2:
39:02:92:90:ea:5e:b5:f3:4f:c1:f5:39:51:f6:ee:f7:ef:90:
f5:e0:c3:fa:de:62:39:0a:02:45:66:f1:58:23:e5:a9:bc:e1:
cd:bc:2d:6d:0e:f5:de:81:52:2b:51:8b:d7:38:74:e5:cb:c6:
c7:3a:dc:48:d4:3d:a8:3b:85:58:2e:4b:ab:87:a1:bb:ae:e1:
a6:87:46:32:01:d4:57:6f:10:c0:ce:cb:95:55:84:67:a7:50:
c9:da:8f:d9:87:53:c8:1c:81:a1:4d:b9:5c:6b:8d:e1:ed:26:
e3:a9:c4:82:e1:74:62:cd:25:51:1b:db:9f:63:65:b9:09:d6:
ac:68:63:ed:6f:ce:dc:c0:89:33:fe:a8:85:3a:e1:d6:cc:3e:
7b:60:f1:84:7a:89:8e:56:85:8f:f9:25:56:08:ea:d4:8d:ee:
82:05:3b:be:3e:3a:2f:8d:b9:1c:cc:76:3b:46:f0:7a:8a:97:
53:58:f1:76:bd:96:88:ae:e0:5e:c0:7a:5f:a8:d2:3a:e9:34:
8f:73:01:f6:72:28:f3:e9:e0:a1:c4:29:dd:01:46:70:84:01:
2d:45:6b:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrVIL3FKRNmfHQ8+X/hzChgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZTNkOTJiZmUxNjYxOWNhNTAwYzAzMjY3ZWZmYTlhYTdj
YTBjNDcwHhcNMjMwOTI3MDUzMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWMyMTc4ZDBiYzU4OWZhYmFjMTNhMzU0ZDdjZGFmOTRlOTFmOWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDZ6SVRq8WfK/kBgLTnIgYO0dqKM
gUWweoIk6sbR0EH8LiIBZMBhaAdL4/dbDzVy/OnjyLm8QAc3ugQH+2mLEoTC1a7j
zuL/2a8kzmIG2veLhkBmkN4xlivPNvV2qGE2lS0hMzwUOyFQtzyytroIahTgIhW1
f2+yPxGGFLDGlR1KtQ6HgC0bRC/UiSTFETLD75SbtmXOU6tydRzQJS/9oOCOZ62p
Pav9WgHkL7wfkZygnA1T4VWru4PHSZ3udYOg0d8xsmKJkkuamkaINR7kb/dtRbmw
1r/Tc1nDCBNg8LGP34BerdpviYrp+X1oz7e7A4Xq/xC4EijG+h1n7de4fQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB7CF40LxYn6usE6NU182vlOkfngMB8GA1UdIwQY
MBaAFCPj2Sv+FmGcpQDAMmfv+pqnygxHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYt
ZjFiZjBjMzNhOTA4LzEvSHNJWGpRdkZpZnE2d1RvMVRYemEtVTZSLWVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYtZjFiZjBjMzNhOTA4
LzEvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWbykMA0G
CSqGSIb3DQEBCwUAA4IBAQCm9O13tCmUuM2Svc5VK03lRsn7VnpaXSxdBjOtAhjO
0FeeNcI5ApKQ6l6180/B9TlR9u7375D14MP63mI5CgJFZvFYI+WpvOHNvC1tDvXe
gVIrUYvXOHTly8bHOtxI1D2oO4VYLkurh6G7ruGmh0YyAdRXbxDAzsuVVYRnp1DJ
2o/Zh1PIHIGhTblca43h7SbjqcSC4XRizSVRG9ufY2W5CdasaGPtb87cwIkz/qiF
OuHWzD57YPGEeomOVoWP+SVWCOrUje6CBTu+PjovjbkczHY7RvB6ipdTWPF2vZaI
ruBewHpfqNI66TSPcwH2cijz6eChxCndAUZwhAEtRWu6
-----END CERTIFICATE-----
Generated at Thu Sep 28 10:19:55 2023 by rpki-client on console-fra.rpki-client.org