Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/_bpOX8m02JKjO_Hxgvq9eiRlBKE.roa
File: _bpOX8m02JKjO_Hxgvq9eiRlBKE.roa (raw, json)
Hash identifier: 4d6J/FPjBZ21jITxvR8YMvPUo5iZ7IXzyxvsRdRhP+U=
Subject key identifier: FD:BA:4E:5F:C9:B4:D8:92:A3:3B:F1:F1:82:FA:BD:7A:24:65:04:A1
Certificate issuer: /CN=87be093097097c4457ff5aa3e5893c8c15432612
Certificate serial: 0186D7A32C4F28504C4632A7793623E91AE9
Authority key identifier: 87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/_bpOX8m02JKjO_Hxgvq9eiRlBKE.roa
Signing time: Sun 12 Mar 2023 21:04:00 +0000
ROA not before: Sun 12 Mar 2023 21:04:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50917
IP address blocks: 89.37.98.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:d7:a3:2c:4f:28:50:4c:46:32:a7:79:36:23:e9:1a:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87be093097097c4457ff5aa3e5893c8c15432612
Validity
Not Before: Mar 12 21:04:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fdba4e5fc9b4d892a33bf1f182fabd7a246504a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a6:35:fe:96:9d:c7:7e:1c:f1:a8:4a:22:0d:
26:62:b5:ac:67:0e:62:01:25:f0:8c:6a:fd:41:ed:
5d:21:9c:20:b3:a7:05:c6:3f:f2:fa:50:12:5c:02:
84:86:a8:ec:8b:dc:0d:11:eb:fe:f2:97:5a:26:60:
48:a3:55:ad:b4:ae:88:95:69:a0:4e:be:b8:44:69:
fa:32:15:93:00:11:81:8d:dd:5b:a8:d6:d7:9a:8d:
0b:ed:a5:a1:ee:3e:c6:25:94:71:76:db:a8:bb:b5:
d9:ff:9a:d1:f0:8b:20:86:c9:03:13:2c:22:36:6c:
5e:57:88:64:91:5c:7c:bd:df:28:7a:28:19:9c:68:
48:ac:b3:82:85:9c:43:c1:9a:c5:dc:a2:d0:be:fb:
23:a2:3a:11:da:91:fc:73:61:66:74:64:f1:b6:ba:
21:99:2e:dc:0f:0c:4b:33:d8:27:65:4b:89:bc:07:
75:f3:44:0b:40:4a:23:69:b7:8a:e6:7e:0e:d5:dc:
05:34:a5:1f:4b:eb:f0:7d:28:59:54:59:0f:67:75:
e8:a6:af:ed:5c:d8:f2:98:3f:30:19:b1:2f:bb:00:
be:4b:c0:14:a5:52:32:47:19:03:2a:0a:b0:8a:36:
66:db:da:37:7f:15:d2:0c:65:a8:8c:4b:64:0f:c8:
b0:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:BA:4E:5F:C9:B4:D8:92:A3:3B:F1:F1:82:FA:BD:7A:24:65:04:A1
X509v3 Authority Key Identifier:
keyid:87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/_bpOX8m02JKjO_Hxgvq9eiRlBKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.98.0/24
Signature Algorithm: sha256WithRSAEncryption
44:d6:c8:c0:9c:04:eb:6f:36:cb:b2:9d:90:72:15:62:bd:2e:
2b:78:95:6f:a7:34:59:f4:c3:af:55:5c:d7:7a:c2:a5:32:89:
c0:4f:77:8e:37:42:b1:54:44:4f:fe:98:99:1d:01:d8:82:47:
7a:95:21:90:26:17:7e:a9:5e:cc:a9:13:f5:34:f5:ae:4b:fe:
eb:c4:7f:4e:20:d6:b7:df:f7:ab:f5:44:9f:97:ef:73:ec:02:
fc:20:e8:9b:af:2b:39:fb:cf:7a:3a:67:b9:18:b5:5a:fd:f6:
51:f8:a4:f3:cd:55:22:fa:29:60:8f:1c:aa:2f:57:aa:70:a9:
77:7e:43:e3:3d:63:20:db:d1:d7:70:ea:ca:4f:0d:5f:72:5a:
67:d3:f2:7a:fb:7c:29:d3:b3:9d:eb:b0:d0:02:76:0c:e3:8a:
2a:f9:25:c7:7f:8a:2e:80:be:33:21:58:e8:1f:b7:9d:56:f2:
88:41:34:62:c1:de:3c:28:00:40:33:30:c2:be:7d:89:7e:80:
2c:79:24:92:10:0d:7d:5b:8d:f6:12:24:ef:fb:b8:fd:7a:91:
87:77:58:be:13:eb:9b:bd:dc:12:f7:18:fb:05:dd:cb:6f:62:
6a:0e:8a:82:77:92:46:b6:d1:59:b8:ad:01:2e:1a:09:61:92:
77:d6:05:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbXoyxPKFBMRjKneTYj6RrpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YmUwOTMwOTcwOTdjNDQ1N2ZmNWFhM2U1ODkzYzhjMTU0
MzI2MTIwHhcNMjMwMzEyMjEwNDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGJhNGU1ZmM5YjRkODkyYTMzYmYxZjE4MmZhYmQ3YTI0NjUwNGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6Y1/padx34c8ahKIg0mYrWsZw5i
ASXwjGr9Qe1dIZwgs6cFxj/y+lASXAKEhqjsi9wNEev+8pdaJmBIo1WttK6IlWmg
Tr64RGn6MhWTABGBjd1bqNbXmo0L7aWh7j7GJZRxdtuou7XZ/5rR8IsghskDEywi
NmxeV4hkkVx8vd8oeigZnGhIrLOChZxDwZrF3KLQvvsjojoR2pH8c2FmdGTxtroh
mS7cDwxLM9gnZUuJvAd180QLQEojabeK5n4O1dwFNKUfS+vwfShZVFkPZ3Xopq/t
XNjymD8wGbEvuwC+S8AUpVIyRxkDKgqwijZm29o3fxXSDGWojEtkD8iwMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP26Tl/JtNiSozvx8YL6vXokZQShMB8GA1UdIwQY
MBaAFIe+CTCXCXxEV/9ao+WJPIwVQyYSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMt
MmNkZTY1ZjMxMTJhLzEvX2JwT1g4bTAySktqT19IeGd2cTllaVJsQktFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMtMmNkZTY1ZjMxMTJh
LzEvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSViMA0G
CSqGSIb3DQEBCwUAA4IBAQBE1sjAnATrbzbLsp2QchVivS4reJVvpzRZ9MOvVVzX
esKlMonAT3eON0KxVERP/piZHQHYgkd6lSGQJhd+qV7MqRP1NPWuS/7rxH9OINa3
3/er9USfl+9z7AL8IOibrys5+896Ome5GLVa/fZR+KTzzVUi+ilgjxyqL1eqcKl3
fkPjPWMg29HXcOrKTw1fclpn0/J6+3wp07Od67DQAnYM44oq+SXHf4ougL4zIVjo
H7edVvKIQTRiwd48KABAMzDCvn2JfoAseSSSEA19W432EiTv+7j9epGHd1i+E+ub
vdwS9xj7Bd3Lb2JqDoqCd5JGttFZuK0BLhoJYZJ31gVd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:20 2024 by rpki-client on console-fra.rpki-client.org