Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/qsE-sv5hpbSHn5mFlP7EVzvqzWE.roa
File: qsE-sv5hpbSHn5mFlP7EVzvqzWE.roa (raw, json)
Hash identifier: O+4APpT7ZxmOgNjny+ehTOticF8UMcXTybv75KoEre0=
Subject key identifier: AA:C1:3E:B2:FE:61:A5:B4:87:9F:99:85:94:FE:C4:57:3B:EA:CD:61
Certificate issuer: /CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Certificate serial: 018572280EA8393192CB6892B98419495EC2
Authority key identifier: 23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/qsE-sv5hpbSHn5mFlP7EVzvqzWE.roa
Signing time: Mon 02 Jan 2023 11:05:05 +0000
ROA not before: Mon 02 Jan 2023 11:05:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59574
IP address blocks: 89.188.168.0/22 maxlen: 24
89.188.174.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:28:0e:a8:39:31:92:cb:68:92:b9:84:19:49:5e:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Validity
Not Before: Jan 2 11:05:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aac13eb2fe61a5b4879f998594fec4573beacd61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:38:52:eb:2e:8b:65:e0:97:92:cc:b3:1a:da:
93:77:6e:00:9f:20:4d:1d:5c:ee:f8:2a:89:be:ac:
f7:6c:83:3f:38:3c:65:e5:9a:9e:27:01:12:b2:99:
05:5b:7e:13:7c:81:10:1d:99:82:d9:9a:b7:d0:03:
7c:5d:1e:4f:42:0c:4e:30:24:f5:cf:68:e7:6b:10:
25:d6:fc:1d:fd:d8:c3:43:67:cc:9f:51:54:70:68:
87:17:a3:f9:03:d7:90:0c:89:3c:df:bb:6e:82:6c:
93:8e:f2:84:4c:e0:39:cc:45:08:5b:06:56:d3:c9:
e4:64:e6:4e:3b:6e:3f:d7:e2:1f:fe:70:d3:55:0a:
d3:14:9f:4d:53:62:9d:87:2b:7b:42:a4:0d:04:16:
b3:e0:79:ce:4d:01:e1:aa:c8:c3:c5:42:31:d9:7b:
99:c9:86:0f:12:26:11:94:68:fd:13:1b:33:b7:18:
31:77:f7:79:f5:4f:7a:dd:bb:a1:2f:2c:57:b9:98:
88:5a:87:5b:95:c1:c4:51:b9:dd:fb:25:71:bd:79:
8e:fa:a0:22:b2:c5:32:49:76:ac:dd:fe:c9:69:67:
ea:38:01:75:63:8a:9c:23:74:34:c6:3a:35:22:1a:
c3:8a:db:4e:cf:a3:64:a5:93:a4:fe:24:c7:f4:d2:
d2:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:C1:3E:B2:FE:61:A5:B4:87:9F:99:85:94:FE:C4:57:3B:EA:CD:61
X509v3 Authority Key Identifier:
keyid:23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/qsE-sv5hpbSHn5mFlP7EVzvqzWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.188.168.0/22
89.188.174.0/23
Signature Algorithm: sha256WithRSAEncryption
47:08:cf:71:22:34:83:7e:0d:a9:61:c6:b8:dc:0c:85:e1:80:
bd:ee:9e:25:2e:22:72:3d:13:91:ce:90:8c:e1:08:72:fc:8a:
92:80:c4:e2:bf:28:5f:29:4b:6d:0d:98:d3:b3:2b:21:04:3f:
ae:5c:b6:1d:aa:26:5e:04:3f:06:84:13:0c:4b:82:13:c1:19:
df:44:23:f5:93:86:be:8a:d7:21:79:79:02:1a:4a:f0:e2:2a:
0a:05:d9:35:e3:02:c8:ce:c9:02:06:3f:fa:6f:70:97:bf:a2:
5f:fc:15:5d:87:d4:63:69:46:17:f3:ac:49:0b:ba:4d:7b:7d:
c6:62:4e:68:ef:22:9e:c9:94:5b:e1:3b:ce:97:2a:14:19:38:
6b:98:85:46:1d:b5:4f:8c:e9:53:fb:54:88:74:b5:a3:15:4f:
58:56:73:d6:a6:96:8f:cd:c1:ce:24:d6:05:17:40:39:9b:3d:
36:4d:ac:06:7e:a5:cb:06:22:48:65:cb:08:9b:5b:58:da:b0:
c8:e6:76:c6:6b:0b:aa:3b:57:72:23:4c:15:d0:0e:70:06:a3:
9b:f0:68:74:89:f4:79:c6:9e:43:15:79:91:9b:86:7b:56:f1:
bc:09:2d:ee:20:58:e2:bb:24:22:51:75:92:c5:e1:6a:6c:4b:
5c:95:07:18
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyKA6oOTGSy2iSuYQZSV7CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZTNkOTJiZmUxNjYxOWNhNTAwYzAzMjY3ZWZmYTlhYTdj
YTBjNDcwHhcNMjMwMTAyMTEwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWMxM2ViMmZlNjFhNWI0ODc5Zjk5ODU5NGZlYzQ1NzNiZWFjZDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3DhS6y6LZeCXksyzGtqTd24AnyBN
HVzu+CqJvqz3bIM/ODxl5ZqeJwESspkFW34TfIEQHZmC2Zq30AN8XR5PQgxOMCT1
z2jnaxAl1vwd/djDQ2fMn1FUcGiHF6P5A9eQDIk837tugmyTjvKETOA5zEUIWwZW
08nkZOZOO24/1+If/nDTVQrTFJ9NU2Kdhyt7QqQNBBaz4HnOTQHhqsjDxUIx2XuZ
yYYPEiYRlGj9Exsztxgxd/d59U963buhLyxXuZiIWodblcHEUbnd+yVxvXmO+qAi
ssUySXas3f7JaWfqOAF1Y4qcI3Q0xjo1IhrDittOz6NkpZOk/iTH9NLSqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKrBPrL+YaW0h5+ZhZT+xFc76s1hMB8GA1UdIwQY
MBaAFCPj2Sv+FmGcpQDAMmfv+pqnygxHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYt
ZjFiZjBjMzNhOTA4LzEvcXNFLXN2NWhwYlNIbjVtRmxQN0VWenZxeldFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYtZjFiZjBjMzNhOTA4
LzEvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWbyoAwQB
WbyuMA0GCSqGSIb3DQEBCwUAA4IBAQBHCM9xIjSDfg2pYca43AyF4YC97p4lLiJy
PRORzpCM4Qhy/IqSgMTivyhfKUttDZjTsyshBD+uXLYdqiZeBD8GhBMMS4ITwRnf
RCP1k4a+itcheXkCGkrw4ioKBdk14wLIzskCBj/6b3CXv6Jf/BVdh9RjaUYX86xJ
C7pNe33GYk5o7yKeyZRb4TvOlyoUGThrmIVGHbVPjOlT+1SIdLWjFU9YVnPWppaP
zcHOJNYFF0A5mz02TawGfqXLBiJIZcsIm1tY2rDI5nbGawuqO1dyI0wV0A5wBqOb
8Gh0ifR5xp5DFXmRm4Z7VvG8CS3uIFjiuyQiUXWSxeFqbEtclQcY
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:13:48 2024 by rpki-client on console-ams.rpki-client.org