Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/Fb3KYJ2MWUBeAV0HfmsSH1GMHXQ.roa
File: Fb3KYJ2MWUBeAV0HfmsSH1GMHXQ.roa (raw, json)
Hash identifier: 1FSRdZ+olhPtFZNtJ3krLl8LahEAyFlNEVaRycErmEA=
Subject key identifier: 15:BD:CA:60:9D:8C:59:40:5E:01:5D:07:7E:6B:12:1F:51:8C:1D:74
Certificate issuer: /CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e
Certificate serial: 018CC86FB46307D7CAF0FE6D2AEAF7D98EEF
Authority key identifier: 2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/Fb3KYJ2MWUBeAV0HfmsSH1GMHXQ.roa
Signing time: Tue 02 Jan 2024 04:30:13 +0000
ROA not before: Tue 02 Jan 2024 04:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204958
IP address blocks: 152.89.171.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jul 2024 11:43:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:b4:63:07:d7:ca:f0:fe:6d:2a:ea:f7:d9:8e:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e
Validity
Not Before: Jan 2 04:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15bdca609d8c59405e015d077e6b121f518c1d74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:03:d1:ad:b6:79:37:1e:cf:4b:69:94:17:74:
86:23:ec:7d:a3:1d:1a:6a:f1:65:d7:4f:8a:5b:0b:
0c:3e:2d:51:9a:1b:f1:31:d8:b1:aa:2b:bf:1c:a9:
35:77:5e:b5:dc:f0:97:d4:c8:52:3d:a7:a1:be:0c:
5f:07:68:9a:4a:c8:a3:3b:da:e3:5e:f2:f0:c5:e4:
1a:b7:7a:93:37:85:d6:30:00:65:e5:93:3d:1f:73:
6d:e3:02:67:ed:10:9c:94:40:68:16:54:89:50:24:
50:be:7b:c3:d2:a9:00:25:63:56:95:9f:7d:26:59:
e6:23:a0:4a:d3:b5:a5:e8:df:bc:b9:e4:f8:8e:c5:
bd:32:2b:84:a1:ab:5c:27:44:ce:87:c5:ac:01:04:
64:e3:8c:26:7b:23:b9:72:e2:1f:b4:e0:c4:f9:4a:
70:6c:22:b0:c8:2a:ad:c6:10:09:b9:e8:48:fb:b0:
55:8f:72:2a:d9:57:33:5a:91:a9:a6:9d:be:84:7c:
8e:e8:2a:6a:3c:ed:a6:6c:5e:45:30:88:76:04:35:
a4:47:75:be:94:3f:5c:13:23:88:19:50:79:93:e7:
6c:b0:8b:2b:bb:23:4c:2f:0f:58:e3:60:c3:43:67:
0c:df:89:0e:d3:12:50:04:f3:68:2d:34:2c:a3:2c:
6c:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:BD:CA:60:9D:8C:59:40:5E:01:5D:07:7E:6B:12:1F:51:8C:1D:74
X509v3 Authority Key Identifier:
keyid:2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/Fb3KYJ2MWUBeAV0HfmsSH1GMHXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.171.0/24
Signature Algorithm: sha256WithRSAEncryption
51:b9:93:b6:cc:1f:0e:62:bf:90:50:39:1d:73:f0:68:5b:d1:
21:11:42:ed:02:ed:49:55:97:b5:c6:be:cc:bf:d6:4f:59:bc:
93:37:35:0d:e6:88:25:e9:9e:1f:5b:ee:82:ca:57:01:ad:c2:
33:98:6f:dc:ba:c4:ea:1d:62:5f:41:5d:f4:ae:27:f4:16:5d:
43:80:22:77:bc:53:51:97:f7:1d:c0:f7:b2:cd:5d:6d:45:74:
f3:1f:b0:96:73:92:d2:81:1b:cb:e6:2e:db:6b:4f:2e:02:43:
73:3a:63:0f:c8:1d:3b:bc:4a:85:d4:e2:2d:22:db:e0:c9:b7:
37:ab:fa:1e:a8:1a:53:d6:60:2a:0e:50:8a:a9:16:ad:77:45:
fe:25:22:47:65:07:c9:48:ac:c0:2b:b7:03:fd:8d:9b:cf:a7:
0e:79:ae:5e:5c:b2:34:2e:70:ac:ab:8e:6c:01:47:c4:f7:9a:
c1:ea:77:e5:fe:71:be:22:9a:b2:2f:0c:5b:e9:7e:d4:4d:ae:
2a:35:33:04:bd:5b:10:94:63:81:89:2a:48:d8:a2:36:39:1e:
fd:d7:79:4c:1f:37:82:50:32:76:23:23:45:a1:f1:72:7b:bc:
81:4d:67:95:b3:cf:0d:c0:4d:f3:0e:ce:fb:c6:fc:c2:08:46:
3c:9c:8a:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb7RjB9fK8P5tKur32Y7vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmOTNkM2JhMTk3ZjVjZTMwOThiZmE3NzAwYjQzODU0ZWFh
ODBlOWUwHhcNMjQwMTAyMDQzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWJkY2E2MDlkOGM1OTQwNWUwMTVkMDc3ZTZiMTIxZjUxOGMxZDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQPRrbZ5Nx7PS2mUF3SGI+x9ox0a
avFl10+KWwsMPi1RmhvxMdixqiu/HKk1d1613PCX1MhSPaehvgxfB2iaSsijO9rj
XvLwxeQat3qTN4XWMABl5ZM9H3Nt4wJn7RCclEBoFlSJUCRQvnvD0qkAJWNWlZ99
JlnmI6BK07Wl6N+8ueT4jsW9MiuEoatcJ0TOh8WsAQRk44wmeyO5cuIftODE+Upw
bCKwyCqtxhAJuehI+7BVj3Iq2VczWpGppp2+hHyO6CpqPO2mbF5FMIh2BDWkR3W+
lD9cEyOIGVB5k+dssIsruyNMLw9Y42DDQ2cM34kO0xJQBPNoLTQsoyxsKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBW9ymCdjFlAXgFdB35rEh9RjB10MB8GA1UdIwQY
MBaAFC+T07oZf1zjCYv6dwC0OFTqqA6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDVQVHVobF9YT01KaV9wM0FMUTRWT3FvRHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC83YTg3YTAtODAxNC00NjA1LTlmYjUt
OWU3MWRjMjRhNjgzLzEvRmIzS1lKMk1XVUJlQVYwSGZtc1NIMUdNSFhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC83YTg3YTAtODAxNC00NjA1LTlmYjUtOWU3MWRjMjRhNjgz
LzEvTDVQVHVobF9YT01KaV9wM0FMUTRWT3FvRHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFmrMA0G
CSqGSIb3DQEBCwUAA4IBAQBRuZO2zB8OYr+QUDkdc/BoW9EhEULtAu1JVZe1xr7M
v9ZPWbyTNzUN5ogl6Z4fW+6CylcBrcIzmG/cusTqHWJfQV30rif0Fl1DgCJ3vFNR
l/cdwPeyzV1tRXTzH7CWc5LSgRvL5i7ba08uAkNzOmMPyB07vEqF1OItItvgybc3
q/oeqBpT1mAqDlCKqRatd0X+JSJHZQfJSKzAK7cD/Y2bz6cOea5eXLI0LnCsq45s
AUfE95rB6nfl/nG+IpqyLwxb6X7UTa4qNTMEvVsQlGOBiSpI2KI2OR7913lMHzeC
UDJ2IyNFofFye7yBTWeVs88NwE3zDs77xvzCCEY8nIqV
-----END CERTIFICATE-----
Generated at Mon Jul 1 14:21:11 2024 by rpki-client on console-ams.rpki-client.org