Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/CIrQpD4_EIMZzBp1GF2FBRKExXI.roa
File: CIrQpD4_EIMZzBp1GF2FBRKExXI.roa (raw, json)
Hash identifier: VLnVstTIgoYWMyX6ULn0GPYDoazJHF0TEY5rZL0jZ+Y=
Subject key identifier: 08:8A:D0:A4:3E:3F:10:83:19:CC:1A:75:18:5D:85:05:12:84:C5:72
Certificate issuer: /CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Certificate serial: 01857246FBD846CE1AB73FB2FEEB2B22DEA9
Authority key identifier: B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/CIrQpD4_EIMZzBp1GF2FBRKExXI.roa
Signing time: Mon 02 Jan 2023 11:38:52 +0000
ROA not before: Mon 02 Jan 2023 11:38:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204489
IP address blocks: 152.89.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:fb:d8:46:ce:1a:b7:3f:b2:fe:eb:2b:22:de:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Validity
Not Before: Jan 2 11:38:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=088ad0a43e3f108319cc1a75185d85051284c572
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:41:3a:a0:5b:0b:7a:22:c3:aa:b1:c2:09:5c:
f5:a4:f7:d6:d2:04:5f:09:c0:61:69:c5:2d:af:86:
7b:c9:78:37:08:c6:e5:a1:e2:02:9e:25:f1:78:23:
cd:d8:f3:55:e6:74:bc:f0:eb:da:23:5e:5f:3f:f6:
70:2e:46:f0:80:48:0e:1b:22:ff:52:5f:f5:35:9e:
cb:2c:47:0a:76:62:2e:f8:8f:6b:df:09:a9:14:b5:
45:c6:ab:41:59:fa:07:78:f2:cb:e5:43:43:c4:75:
9f:49:be:3f:43:bb:6a:ab:67:0f:01:b4:00:3f:6d:
6d:80:42:0b:5e:64:99:5e:24:bb:f9:6c:51:64:40:
40:52:9d:18:0d:9c:c0:08:0a:16:1f:d9:6d:80:86:
e0:9e:2e:52:29:0b:77:4b:ea:9d:77:6e:36:00:9a:
2c:7e:df:85:7f:bb:fb:31:8a:cc:6b:a0:ba:60:63:
78:db:95:87:ab:75:f3:1d:6e:18:d3:3b:0c:15:30:
af:3d:2f:3f:a5:21:e4:b7:9a:b4:37:a2:bf:30:f4:
b2:22:f0:e6:d8:60:86:8b:38:2f:9b:dc:0e:a5:1a:
85:0b:a7:12:2b:3a:84:04:52:67:40:39:47:35:d0:
c5:bc:32:50:09:ca:9e:10:72:f4:59:4d:1c:e7:be:
2c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:8A:D0:A4:3E:3F:10:83:19:CC:1A:75:18:5D:85:05:12:84:C5:72
X509v3 Authority Key Identifier:
keyid:B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/CIrQpD4_EIMZzBp1GF2FBRKExXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.132.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:33:9c:01:c4:c0:98:a2:4a:a6:84:4e:0a:3c:d9:3b:a3:75:
9d:32:f2:9c:42:31:98:61:c6:c2:f5:62:fe:18:94:7e:e4:b9:
f5:7d:dd:c5:26:d3:aa:9c:d8:54:1f:27:fa:aa:6e:d2:b9:7f:
a1:99:18:00:56:f0:13:48:e4:72:4e:98:dd:5e:a5:8a:4c:3f:
42:03:ad:18:d3:d0:21:3e:72:1d:b7:c0:5c:a3:13:c2:83:f7:
94:64:2f:75:8e:0a:8d:e5:09:c4:4c:0c:f6:b5:9e:f7:af:1d:
bd:55:de:9d:47:a4:38:34:c6:49:3a:2c:42:bf:ad:6d:86:c9:
f2:8c:e2:6f:79:6d:8d:df:6c:ec:03:bd:78:2e:70:9b:7a:e6:
f5:6c:46:32:c2:d6:bf:9c:39:15:e9:69:48:cc:d9:45:4b:db:
23:69:c3:94:d1:72:d2:26:4d:f5:d6:43:52:9a:92:24:a6:da:
9d:36:86:52:6f:00:36:94:2a:6f:98:03:db:2c:ef:66:9f:ff:
ca:30:f9:dd:f7:03:86:4b:42:6e:fa:1b:ed:18:60:f0:18:10:
1b:40:43:7a:2d:a1:ca:c0:01:c2:f3:1a:16:b7:88:de:b0:6e:
a8:ff:b8:a3:41:ba:99:56:8d:b4:6d:af:63:5c:82:e7:f9:52:
e6:4f:c5:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyRvvYRs4atz+y/usrIt6pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3MjU4OGMwMGVlZjcxNTgwOWViNWZkZDZkNjcxN2NjMjhj
MGRmYWMwHhcNMjMwMTAyMTEzODUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODhhZDBhNDNlM2YxMDgzMTljYzFhNzUxODVkODUwNTEyODRjNTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2UE6oFsLeiLDqrHCCVz1pPfW0gRf
CcBhacUtr4Z7yXg3CMbloeICniXxeCPN2PNV5nS88OvaI15fP/ZwLkbwgEgOGyL/
Ul/1NZ7LLEcKdmIu+I9r3wmpFLVFxqtBWfoHePLL5UNDxHWfSb4/Q7tqq2cPAbQA
P21tgEILXmSZXiS7+WxRZEBAUp0YDZzACAoWH9ltgIbgni5SKQt3S+qdd242AJos
ft+Ff7v7MYrMa6C6YGN425WHq3XzHW4Y0zsMFTCvPS8/pSHkt5q0N6K/MPSyIvDm
2GCGizgvm9wOpRqFC6cSKzqEBFJnQDlHNdDFvDJQCcqeEHL0WU0c574skQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAiK0KQ+PxCDGcwadRhdhQUShMVyMB8GA1UdIwQY
MBaAFLcliMAO73FYCetf3W1nF8wowN+sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUt
N2E0MTI1NGVhYWNhLzEvQ0lyUXBENF9FSU1aekJwMUdGMkZCUktFeFhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUtN2E0MTI1NGVhYWNh
LzEvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFmEMA0G
CSqGSIb3DQEBCwUAA4IBAQAqM5wBxMCYokqmhE4KPNk7o3WdMvKcQjGYYcbC9WL+
GJR+5Ln1fd3FJtOqnNhUHyf6qm7SuX+hmRgAVvATSORyTpjdXqWKTD9CA60Y09Ah
PnIdt8BcoxPCg/eUZC91jgqN5QnETAz2tZ73rx29Vd6dR6Q4NMZJOixCv61thsny
jOJveW2N32zsA714LnCbeub1bEYywta/nDkV6WlIzNlFS9sjacOU0XLSJk311kNS
mpIkptqdNoZSbwA2lCpvmAPbLO9mn//KMPnd9wOGS0Ju+hvtGGDwGBAbQEN6LaHK
wAHC8xoWt4jesG6o/7ijQbqZVo20ba9jXILn+VLmT8Xf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:14 2024 by rpki-client on console-fra.rpki-client.org