Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6c142a-2b5e-416b-94de-ba9d51fe9e2b/1/DatAn2709yDWFaDXDIpQHdgkbxU.roa
File: DatAn2709yDWFaDXDIpQHdgkbxU.roa (raw, json)
Hash identifier: m175b8HjkxYMPnPZHgZzD1qtXVdp5k3tITKYqoyJV6s=
Subject key identifier: 0D:AB:40:9F:6E:F4:F7:20:D6:15:A0:D7:0C:8A:50:1D:D8:24:6F:15
Certificate issuer: /CN=ebb08be800126511cff8d25699d9ac136ed0ec8c
Certificate serial: 018570D5203B2E52EB0840EC4E170B39286C
Authority key identifier: EB:B0:8B:E8:00:12:65:11:CF:F8:D2:56:99:D9:AC:13:6E:D0:EC:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/67CL6AASZRHP-NJWmdmsE27Q7Iw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/6c142a-2b5e-416b-94de-ba9d51fe9e2b/1/DatAn2709yDWFaDXDIpQHdgkbxU.roa
Signing time: Mon 02 Jan 2023 04:54:53 +0000
ROA not before: Mon 02 Jan 2023 04:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41695
IP address blocks: 134.0.64.0/21 maxlen: 21
89.21.224.0/19 maxlen: 19
2a01:420::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:20:3b:2e:52:eb:08:40:ec:4e:17:0b:39:28:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebb08be800126511cff8d25699d9ac136ed0ec8c
Validity
Not Before: Jan 2 04:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0dab409f6ef4f720d615a0d70c8a501dd8246f15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:47:fa:39:96:60:18:97:fb:84:ea:a9:79:85:
cc:dc:cc:c5:e6:88:31:15:e5:80:f9:b1:20:b8:8f:
47:6c:8a:0d:36:a6:ee:07:e0:d9:e7:dd:9e:50:5a:
b1:14:4f:ed:70:63:19:0c:f4:c2:99:0e:81:70:3d:
a6:5b:b2:15:81:52:8d:96:68:be:4f:46:e8:d4:1e:
44:9a:f8:72:83:8c:35:15:7d:ef:14:ea:f3:f1:d4:
49:68:ff:63:3d:e1:e0:26:1b:ce:9b:72:77:bc:bf:
c6:36:d8:b6:dd:60:59:1e:c0:2b:df:10:2d:c4:a4:
15:8f:e2:c8:7c:be:26:e9:3a:9f:b9:78:a0:8e:44:
e5:23:fa:56:a2:83:78:d9:72:92:8b:9f:fb:44:a6:
6e:59:24:18:81:cf:5f:8c:31:6c:66:05:2b:ac:28:
a5:12:38:d6:8e:92:c0:59:fa:d3:c6:55:b7:b3:5f:
d0:1f:26:89:a9:43:2b:a8:93:6c:eb:3b:4f:b2:01:
e5:f1:db:4e:68:a9:6e:15:fa:1e:12:d3:f7:ce:8b:
19:68:ad:e2:3e:c0:93:b9:86:08:9d:4c:28:00:9a:
5e:f3:04:67:f8:80:1b:01:7a:d9:76:09:b1:9a:71:
c9:6f:84:b3:65:51:03:d1:8f:de:e1:5d:06:f0:1a:
7b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:AB:40:9F:6E:F4:F7:20:D6:15:A0:D7:0C:8A:50:1D:D8:24:6F:15
X509v3 Authority Key Identifier:
keyid:EB:B0:8B:E8:00:12:65:11:CF:F8:D2:56:99:D9:AC:13:6E:D0:EC:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/67CL6AASZRHP-NJWmdmsE27Q7Iw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6c142a-2b5e-416b-94de-ba9d51fe9e2b/1/DatAn2709yDWFaDXDIpQHdgkbxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6c142a-2b5e-416b-94de-ba9d51fe9e2b/1/67CL6AASZRHP-NJWmdmsE27Q7Iw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.21.224.0/19
134.0.64.0/21
IPv6:
2a01:420::/32
Signature Algorithm: sha256WithRSAEncryption
d1:79:a4:e5:09:d3:68:2d:15:4d:1f:fc:20:b1:43:ed:0c:f9:
75:8d:4a:bd:64:76:4a:e0:38:11:57:9c:e5:9d:68:b1:74:24:
f5:58:e5:89:1c:b8:ed:90:95:a6:01:13:07:4f:68:77:3e:31:
90:2f:13:d5:b9:7a:e7:26:a8:87:f4:ab:27:c8:b2:f6:56:36:
fa:f5:b9:e9:69:bc:11:20:ad:54:97:31:66:b5:1a:0a:17:42:
80:fc:70:91:de:77:51:81:98:34:b7:4b:74:cd:38:4e:fb:18:
a8:40:a3:b4:13:66:ec:bf:54:9c:58:ab:1b:37:e6:75:ef:16:
b7:09:cc:ef:2c:34:30:f6:68:de:8a:7c:61:a8:70:7b:54:b4:
12:f6:a3:cb:93:c4:c1:1a:b2:7b:6e:60:38:74:77:93:5e:f7:
a6:2d:f5:dc:65:05:e4:33:99:4e:cd:1d:ed:13:28:fc:b2:65:
4d:b9:26:a4:a8:71:8d:1f:9a:ef:7d:20:04:cc:94:aa:75:28:
2b:89:3a:7f:fe:ca:ac:ed:04:1f:01:1e:8f:47:d0:c3:0d:31:
21:82:d4:f1:04:b0:69:46:b3:4e:bd:87:da:94:8b:38:16:41:
d1:7f:79:ad:ed:87:4a:1f:b5:19:fb:3d:46:d2:f9:b9:b7:99:
9e:ef:15:20
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVw1SA7LlLrCEDsThcLOShsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViYjA4YmU4MDAxMjY1MTFjZmY4ZDI1Njk5ZDlhYzEzNmVk
MGVjOGMwHhcNMjMwMTAyMDQ1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGFiNDA5ZjZlZjRmNzIwZDYxNWEwZDcwYzhhNTAxZGQ4MjQ2ZjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEf6OZZgGJf7hOqpeYXM3MzF5ogx
FeWA+bEguI9HbIoNNqbuB+DZ592eUFqxFE/tcGMZDPTCmQ6BcD2mW7IVgVKNlmi+
T0bo1B5Emvhyg4w1FX3vFOrz8dRJaP9jPeHgJhvOm3J3vL/GNti23WBZHsAr3xAt
xKQVj+LIfL4m6TqfuXigjkTlI/pWooN42XKSi5/7RKZuWSQYgc9fjDFsZgUrrCil
EjjWjpLAWfrTxlW3s1/QHyaJqUMrqJNs6ztPsgHl8dtOaKluFfoeEtP3zosZaK3i
PsCTuYYInUwoAJpe8wRn+IAbAXrZdgmxmnHJb4SzZVED0Y/e4V0G8Bp7xwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFA2rQJ9u9Pcg1hWg1wyKUB3YJG8VMB8GA1UdIwQY
MBaAFOuwi+gAEmURz/jSVpnZrBNu0OyMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjdDTDZBQVNaUkhQLU5KV21kbXNFMjdRN0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82YzE0MmEtMmI1ZS00MTZiLTk0ZGUt
YmE5ZDUxZmU5ZTJiLzEvRGF0QW4yNzA5eURXRmFEWERJcFFIZGdrYnhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82YzE0MmEtMmI1ZS00MTZiLTk0ZGUtYmE5ZDUxZmU5ZTJi
LzEvNjdDTDZBQVNaUkhQLU5KV21kbXNFMjdRN0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFWRXgAwQD
hgBAMA0EAgACMAcDBQAqAQQgMA0GCSqGSIb3DQEBCwUAA4IBAQDReaTlCdNoLRVN
H/wgsUPtDPl1jUq9ZHZK4DgRV5zlnWixdCT1WOWJHLjtkJWmARMHT2h3PjGQLxPV
uXrnJqiH9KsnyLL2Vjb69bnpabwRIK1UlzFmtRoKF0KA/HCR3ndRgZg0t0t0zThO
+xioQKO0E2bsv1ScWKsbN+Z17xa3CczvLDQw9mjeinxhqHB7VLQS9qPLk8TBGrJ7
bmA4dHeTXvemLfXcZQXkM5lOzR3tEyj8smVNuSakqHGNH5rvfSAEzJSqdSgriTp/
/sqs7QQfAR6PR9DDDTEhgtTxBLBpRrNOvYfalIs4FkHRf3mt7YdKH7UZ+z1G0vm5
t5me7xUg
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:37 2024 by rpki-client on console-ams.rpki-client.org