Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/CAXaYXXPxOa8wkDaSNe3GUNZ9ao.roa
File: CAXaYXXPxOa8wkDaSNe3GUNZ9ao.roa (raw, json)
Hash identifier: ShOwmj9KiSxTNBYlpQO37TNf3MMam20aBL1BbI2tg2w=
Subject key identifier: 08:05:DA:61:75:CF:C4:E6:BC:C2:40:DA:48:D7:B7:19:43:59:F5:AA
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 0188959D48912720938F78C8667B94C324C7
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/CAXaYXXPxOa8wkDaSNe3GUNZ9ao.roa
Signing time: Wed 07 Jun 2023 11:28:12 +0000
ROA not before: Wed 07 Jun 2023 11:28:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200196
IP address blocks: 89.23.88.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:95:9d:48:91:27:20:93:8f:78:c8:66:7b:94:c3:24:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Jun 7 11:28:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0805da6175cfc4e6bcc240da48d7b7194359f5aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ca:fb:36:0f:37:06:18:1f:df:28:8d:8e:40:
fc:43:f9:c7:24:e9:e3:cd:d0:85:ae:7d:7e:ca:cb:
ce:a2:7a:ed:98:ce:d8:e6:13:3c:5c:09:62:26:d9:
db:b3:95:7b:1e:ad:67:be:61:f7:aa:08:97:f8:0c:
36:45:62:4b:9c:0e:03:c9:d9:68:2e:79:75:45:16:
a2:87:04:77:9c:2e:80:e1:2e:ae:9a:ee:51:ad:e6:
e4:43:4c:45:2a:d9:5a:99:55:2e:a1:bf:c0:42:c2:
b0:7d:44:01:1c:73:48:87:2f:9d:99:6a:7b:91:48:
aa:80:64:e7:3b:f2:0f:78:55:07:68:31:5d:17:58:
f8:67:a7:83:6e:f8:ba:76:42:51:e4:93:bc:08:4a:
07:19:b7:ed:47:8e:1b:e1:ab:4d:74:68:75:cc:c4:
89:09:70:78:91:e4:74:f0:ec:d1:77:92:a4:2d:04:
2a:07:b6:3d:1c:d6:40:eb:de:7e:14:bf:2f:df:f5:
af:da:d8:9a:ab:2d:ae:aa:14:e9:0a:4e:95:ac:6c:
f9:b3:bc:f8:54:9f:ee:45:0a:c0:66:51:50:3f:4c:
d9:81:70:52:b7:74:0f:c8:b7:45:15:a2:8b:b7:9f:
31:50:7c:de:cf:7e:ff:94:08:8d:a5:f0:aa:be:28:
f1:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:05:DA:61:75:CF:C4:E6:BC:C2:40:DA:48:D7:B7:19:43:59:F5:AA
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/CAXaYXXPxOa8wkDaSNe3GUNZ9ao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.88.0/24
Signature Algorithm: sha256WithRSAEncryption
25:6f:42:90:32:02:81:95:7e:91:a4:84:6d:8e:97:88:51:49:
88:74:ae:ef:9f:c7:37:2c:de:06:7f:e0:1e:7e:ce:9a:39:b6:
27:2b:fb:26:be:ca:29:4d:af:29:87:d3:93:c5:d9:a3:7a:69:
6d:9f:7e:e6:6c:c9:86:4f:b5:6c:ca:83:db:bc:05:31:e3:35:
2d:f8:9c:fa:ff:79:3c:63:93:2e:48:d5:bd:c0:cc:36:22:21:
50:6c:14:60:b4:89:9e:63:13:09:e4:85:f5:5a:3e:1e:86:f1:
be:c8:24:5c:5d:5b:6a:4e:9b:12:67:c0:e6:57:61:c7:73:47:
e2:e8:88:18:9b:26:b1:93:6c:8d:e0:ca:30:0b:9c:e4:65:22:
60:5e:18:c4:43:f7:ed:80:dc:e4:81:78:e5:a5:d9:84:98:c8:
00:eb:57:7a:96:12:22:50:85:99:6c:90:e5:6c:b1:23:d1:98:
92:e6:ff:2a:d1:2b:c0:32:b7:9f:52:6f:6d:25:5a:18:4c:09:
54:af:d1:9b:b2:d5:97:b3:f3:94:55:96:76:3b:d1:29:b8:6a:
13:45:6c:97:b0:d1:18:7b:39:41:83:f1:bb:4c:bb:dd:cf:a2:
9c:d9:62:0b:ee:35:cd:5a:c7:35:5d:c8:76:a7:be:d0:ce:20:
2f:10:75:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiVnUiRJyCTj3jIZnuUwyTHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjMwNjA3MTEyODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODA1ZGE2MTc1Y2ZjNGU2YmNjMjQwZGE0OGQ3YjcxOTQzNTlmNWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsr7Ng83Bhgf3yiNjkD8Q/nHJOnj
zdCFrn1+ysvOonrtmM7Y5hM8XAliJtnbs5V7Hq1nvmH3qgiX+Aw2RWJLnA4Dydlo
Lnl1RRaihwR3nC6A4S6umu5RrebkQ0xFKtlamVUuob/AQsKwfUQBHHNIhy+dmWp7
kUiqgGTnO/IPeFUHaDFdF1j4Z6eDbvi6dkJR5JO8CEoHGbftR44b4atNdGh1zMSJ
CXB4keR08OzRd5KkLQQqB7Y9HNZA695+FL8v3/Wv2tiaqy2uqhTpCk6VrGz5s7z4
VJ/uRQrAZlFQP0zZgXBSt3QPyLdFFaKLt58xUHzez37/lAiNpfCqvijxCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAgF2mF1z8TmvMJA2kjXtxlDWfWqMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvQ0FYYVlYWFB4T2E4d2tEYVNOZTNHVU5aOWFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRdYMA0G
CSqGSIb3DQEBCwUAA4IBAQAlb0KQMgKBlX6RpIRtjpeIUUmIdK7vn8c3LN4Gf+Ae
fs6aObYnK/smvsopTa8ph9OTxdmjemltn37mbMmGT7VsyoPbvAUx4zUt+Jz6/3k8
Y5MuSNW9wMw2IiFQbBRgtImeYxMJ5IX1Wj4ehvG+yCRcXVtqTpsSZ8DmV2HHc0fi
6IgYmyaxk2yN4MowC5zkZSJgXhjEQ/ftgNzkgXjlpdmEmMgA61d6lhIiUIWZbJDl
bLEj0ZiS5v8q0SvAMrefUm9tJVoYTAlUr9GbstWXs/OUVZZ2O9EpuGoTRWyXsNEY
ezlBg/G7TLvdz6Kc2WIL7jXNWsc1Xch2p77QziAvEHXb
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:38 2024 by rpki-client on console-ams.rpki-client.org