Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/d16f59-7754-46a7-aa59-2a06ed104553/1/pKVfIcflxwnOoZBJWHgN9nUKtr8.roa
File: pKVfIcflxwnOoZBJWHgN9nUKtr8.roa (raw, json)
Hash identifier: qGA6i01ULSp10QeMgatK962hi7ICzgTPhclydF20vJ8=
Subject key identifier: A4:A5:5F:21:C7:E5:C7:09:CE:A1:90:49:58:78:0D:F6:75:0A:B6:BF
Certificate issuer: /CN=b80633fe79a6296109fdbf6475d4c2a65e2d4f1c
Certificate serial: 018B7034958818FC28D95D95B4522F293DB1
Authority key identifier: B8:06:33:FE:79:A6:29:61:09:FD:BF:64:75:D4:C2:A6:5E:2D:4F:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAYz_nmmKWEJ_b9kddTCpl4tTxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/d16f59-7754-46a7-aa59-2a06ed104553/1/pKVfIcflxwnOoZBJWHgN9nUKtr8.roa
Signing time: Fri 27 Oct 2023 08:16:16 +0000
ROA not before: Fri 27 Oct 2023 08:16:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199599
IP address blocks: 89.20.60.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:70:34:95:88:18:fc:28:d9:5d:95:b4:52:2f:29:3d:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b80633fe79a6296109fdbf6475d4c2a65e2d4f1c
Validity
Not Before: Oct 27 08:16:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4a55f21c7e5c709cea1904958780df6750ab6bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:79:89:e5:38:ac:cc:11:51:e2:ac:6b:98:5f:
61:7e:43:a7:c9:b4:5b:af:0b:fb:7b:81:5a:be:40:
49:44:b8:df:f0:fa:94:4c:d6:81:17:b1:38:37:6e:
40:67:b8:24:80:84:39:fd:40:ec:8a:9a:e2:f3:cd:
8d:a9:98:a7:ce:d6:84:c3:2c:fb:d3:66:7f:59:ca:
0b:bd:97:d5:c1:03:aa:8c:f9:91:06:ee:05:ce:8f:
c3:a7:96:d6:fd:dd:28:6b:43:93:7c:4b:1e:4a:ed:
c9:55:94:b1:90:13:3d:7d:77:25:18:a7:94:68:ec:
c0:a5:a3:0f:bc:e8:08:4d:c7:25:37:ce:a5:65:25:
b3:16:05:6d:22:cf:9e:ea:68:1e:2c:79:7d:00:39:
31:9b:f2:b9:b5:bf:eb:59:f9:6c:1e:6c:27:57:ec:
f6:f9:ab:a1:1c:a7:82:74:29:e1:b4:ee:4b:5b:85:
c6:3b:b8:76:ae:30:7d:59:9a:76:06:d0:77:01:01:
13:a8:fa:3e:a8:0a:0f:57:83:08:7d:3f:a5:51:5d:
2e:7c:7f:35:ac:f4:56:2b:ab:7c:43:32:d8:6d:31:
7c:e1:32:0c:58:3a:eb:fb:1f:e2:fa:d9:2b:0b:ca:
38:64:a8:2a:c3:27:2f:87:34:72:b5:ee:69:bf:74:
f7:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:A5:5F:21:C7:E5:C7:09:CE:A1:90:49:58:78:0D:F6:75:0A:B6:BF
X509v3 Authority Key Identifier:
keyid:B8:06:33:FE:79:A6:29:61:09:FD:BF:64:75:D4:C2:A6:5E:2D:4F:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAYz_nmmKWEJ_b9kddTCpl4tTxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d16f59-7754-46a7-aa59-2a06ed104553/1/pKVfIcflxwnOoZBJWHgN9nUKtr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d16f59-7754-46a7-aa59-2a06ed104553/1/uAYz_nmmKWEJ_b9kddTCpl4tTxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.20.60.0/22
Signature Algorithm: sha256WithRSAEncryption
60:83:0d:57:c3:19:0d:e8:80:6e:50:8e:2d:73:df:5f:84:32:
79:bd:8e:bb:2a:91:4a:3c:bd:19:b4:fe:49:9a:08:dc:69:72:
2f:f1:39:e1:87:e8:64:ea:8c:d0:c8:00:1c:d2:ac:f6:04:33:
a6:34:df:73:f3:43:2c:42:8e:3c:ed:5d:ea:da:7f:d3:ca:d9:
8e:27:f4:f6:e7:0c:69:8e:c4:24:ba:5a:e9:92:5e:e2:67:75:
bf:93:18:d1:fe:c1:56:3b:dc:2b:4b:4f:7a:3a:5c:72:44:38:
0a:48:a3:b0:ea:25:2c:59:77:3e:0d:3d:86:f2:50:e5:80:d6:
a2:90:e5:27:77:64:79:93:f5:66:d0:62:65:17:75:91:87:61:
34:1a:a9:f1:88:2b:0f:12:69:39:f2:ca:71:50:66:e6:82:1d:
0e:fe:f3:7d:43:03:ac:0d:35:54:a8:83:6e:a1:a8:88:a1:f4:
5e:f1:dd:ac:0a:2d:00:a8:5f:db:ff:20:14:a0:dd:f1:ac:82:
97:3b:35:85:c8:e3:f9:91:94:63:d5:69:d5:34:35:c8:86:4f:
b4:68:b5:ff:66:d3:88:cb:27:51:04:fa:a5:ee:6b:a6:37:40:
45:c7:9b:ab:74:e8:51:aa:93:7c:77:ca:af:2f:98:7e:aa:4e:
b4:dd:ba:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtwNJWIGPwo2V2VtFIvKT2xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDYzM2ZlNzlhNjI5NjEwOWZkYmY2NDc1ZDRjMmE2NWUy
ZDRmMWMwHhcNMjMxMDI3MDgxNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGE1NWYyMWM3ZTVjNzA5Y2VhMTkwNDk1ODc4MGRmNjc1MGFiNmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3mJ5TiszBFR4qxrmF9hfkOnybRb
rwv7e4FavkBJRLjf8PqUTNaBF7E4N25AZ7gkgIQ5/UDsipri882NqZinztaEwyz7
02Z/WcoLvZfVwQOqjPmRBu4Fzo/Dp5bW/d0oa0OTfEseSu3JVZSxkBM9fXclGKeU
aOzApaMPvOgITcclN86lZSWzFgVtIs+e6mgeLHl9ADkxm/K5tb/rWflsHmwnV+z2
+auhHKeCdCnhtO5LW4XGO7h2rjB9WZp2BtB3AQETqPo+qAoPV4MIfT+lUV0ufH81
rPRWK6t8QzLYbTF84TIMWDrr+x/i+tkrC8o4ZKgqwycvhzRyte5pv3T3qwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKSlXyHH5ccJzqGQSVh4DfZ1Cra/MB8GA1UdIwQY
MBaAFLgGM/55pilhCf2/ZHXUwqZeLU8cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFZel9ubW1LV0VKX2I5a2RkVENwbDR0VHh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9kMTZmNTktNzc1NC00NmE3LWFhNTkt
MmEwNmVkMTA0NTUzLzEvcEtWZkljZmx4d25Pb1pCSldIZ045blVLdHI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9kMTZmNTktNzc1NC00NmE3LWFhNTktMmEwNmVkMTA0NTUz
LzEvdUFZel9ubW1LV0VKX2I5a2RkVENwbDR0VHh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWRQ8MA0G
CSqGSIb3DQEBCwUAA4IBAQBggw1XwxkN6IBuUI4tc99fhDJ5vY67KpFKPL0ZtP5J
mgjcaXIv8Tnhh+hk6ozQyAAc0qz2BDOmNN9z80MsQo487V3q2n/TytmOJ/T25wxp
jsQkulrpkl7iZ3W/kxjR/sFWO9wrS096OlxyRDgKSKOw6iUsWXc+DT2G8lDlgNai
kOUnd2R5k/Vm0GJlF3WRh2E0GqnxiCsPEmk58spxUGbmgh0O/vN9QwOsDTVUqINu
oaiIofRe8d2sCi0AqF/b/yAUoN3xrIKXOzWFyOP5kZRj1WnVNDXIhk+0aLX/ZtOI
yydRBPql7mumN0BFx5urdOhRqpN8d8qvL5h+qk603bpa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:21 2024 by rpki-client on console-fra.rpki-client.org