Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/d16f59-7754-46a7-aa59-2a06ed104553/1/tPy85pT4b5ELszzb5Ukl719hWVc.roa
File: tPy85pT4b5ELszzb5Ukl719hWVc.roa (raw, json)
Hash identifier: 5ERiG4dgGsNlY9huevA3k4YOi/B4NqI3zSTPGwpJ+rM=
Subject key identifier: B4:FC:BC:E6:94:F8:6F:91:0B:B3:3C:DB:E5:49:25:EF:5F:61:59:57
Certificate issuer: /CN=b80633fe79a6296109fdbf6475d4c2a65e2d4f1c
Certificate serial: 018CC2DB313C4A9B927C873ADBFAD93B479B
Authority key identifier: B8:06:33:FE:79:A6:29:61:09:FD:BF:64:75:D4:C2:A6:5E:2D:4F:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAYz_nmmKWEJ_b9kddTCpl4tTxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/d16f59-7754-46a7-aa59-2a06ed104553/1/tPy85pT4b5ELszzb5Ukl719hWVc.roa
Signing time: Mon 01 Jan 2024 02:29:54 +0000
ROA not before: Mon 01 Jan 2024 02:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199599
IP address blocks: 89.20.60.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Oct 2024 19:51:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:31:3c:4a:9b:92:7c:87:3a:db:fa:d9:3b:47:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b80633fe79a6296109fdbf6475d4c2a65e2d4f1c
Validity
Not Before: Jan 1 02:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4fcbce694f86f910bb33cdbe54925ef5f615957
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a5:25:15:39:7b:e6:e3:2d:0d:08:98:1c:1f:
53:06:ea:3f:65:bd:48:03:fc:59:bb:b4:50:37:96:
e8:b8:1c:1d:48:fb:4a:61:0d:f2:d7:aa:0f:05:01:
08:57:76:1e:97:09:a9:09:61:af:aa:3c:46:2f:b0:
a5:49:81:e3:1e:d4:27:5e:63:74:7a:79:8d:de:4f:
f5:98:f1:42:92:34:dc:ef:a0:ac:08:28:4f:db:7a:
fd:a5:48:c0:e3:24:5a:ee:b8:da:46:86:a5:7c:ca:
88:4e:41:3a:7f:33:eb:04:30:82:c2:18:c4:3b:39:
b4:b4:8b:32:87:dc:12:95:b4:26:c1:7b:47:7a:d5:
81:63:f0:de:59:8f:8d:2c:e2:0e:55:e0:66:99:24:
80:b3:13:a1:c2:c8:78:01:80:48:0a:a5:8c:6c:a0:
2e:26:98:b2:46:10:21:f5:74:39:be:02:78:40:89:
e7:2d:f4:7e:d2:41:56:25:4c:69:69:c0:fa:8d:03:
7e:16:24:fb:96:bc:06:78:68:5f:71:fe:6c:5f:61:
3b:ca:03:7b:80:d3:5d:a4:b8:23:04:88:ea:6f:f5:
29:6a:cc:bc:1c:aa:56:52:d3:04:bc:68:79:cd:a7:
64:3d:e3:ab:b6:af:05:0a:f7:92:ff:c9:93:cf:da:
86:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:FC:BC:E6:94:F8:6F:91:0B:B3:3C:DB:E5:49:25:EF:5F:61:59:57
X509v3 Authority Key Identifier:
keyid:B8:06:33:FE:79:A6:29:61:09:FD:BF:64:75:D4:C2:A6:5E:2D:4F:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAYz_nmmKWEJ_b9kddTCpl4tTxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d16f59-7754-46a7-aa59-2a06ed104553/1/tPy85pT4b5ELszzb5Ukl719hWVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d16f59-7754-46a7-aa59-2a06ed104553/1/uAYz_nmmKWEJ_b9kddTCpl4tTxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.20.60.0/22
Signature Algorithm: sha256WithRSAEncryption
80:f3:d0:df:1c:45:8b:1e:33:cb:bc:91:60:09:04:7b:b3:88:
9d:12:99:a7:86:b1:a5:fa:89:d3:17:e7:6b:1c:ba:41:cf:04:
6f:1f:fc:ce:03:5a:77:99:a1:c2:14:4f:0c:ca:0c:8d:71:fe:
74:4f:88:76:24:aa:5d:2c:c2:61:1a:9c:a7:be:1c:4a:ed:df:
d6:97:1f:6a:60:b1:45:f4:61:23:68:ba:fa:99:10:b7:5d:ef:
28:ad:57:36:0a:b0:13:47:26:78:53:be:8e:a8:fa:ad:1b:1a:
09:5e:c8:10:c2:29:50:85:c5:88:68:4e:dc:6d:22:a0:0f:e3:
9e:16:3b:5c:13:ac:75:0a:d4:85:1f:51:97:71:8f:fb:a7:d5:
90:af:c7:27:c9:88:d0:13:5c:5c:a5:46:95:10:cf:9b:ac:28:
99:ab:8e:a9:07:82:d4:78:d7:54:66:6b:70:1d:28:7e:2e:90:
d6:ca:0c:79:ec:ed:9e:31:eb:4b:75:14:8f:1f:46:eb:0f:a7:
68:16:26:fd:5b:34:dc:d8:47:be:79:49:66:2f:b1:84:a0:67:
d3:fc:5a:b1:de:2e:84:a8:1f:53:d1:cb:6e:c7:05:7b:37:d1:
bc:8e:e9:d3:e8:a0:c6:84:3c:df:aa:b7:7a:39:22:9b:31:bc:
d1:e2:a4:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2zE8SpuSfIc62/rZO0ebMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDYzM2ZlNzlhNjI5NjEwOWZkYmY2NDc1ZDRjMmE2NWUy
ZDRmMWMwHhcNMjQwMTAxMDIyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGZjYmNlNjk0Zjg2ZjkxMGJiMzNjZGJlNTQ5MjVlZjVmNjE1OTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6UlFTl75uMtDQiYHB9TBuo/Zb1I
A/xZu7RQN5bouBwdSPtKYQ3y16oPBQEIV3YelwmpCWGvqjxGL7ClSYHjHtQnXmN0
enmN3k/1mPFCkjTc76CsCChP23r9pUjA4yRa7rjaRoalfMqITkE6fzPrBDCCwhjE
Ozm0tIsyh9wSlbQmwXtHetWBY/DeWY+NLOIOVeBmmSSAsxOhwsh4AYBICqWMbKAu
JpiyRhAh9XQ5vgJ4QInnLfR+0kFWJUxpacD6jQN+FiT7lrwGeGhfcf5sX2E7ygN7
gNNdpLgjBIjqb/Upasy8HKpWUtMEvGh5zadkPeOrtq8FCveS/8mTz9qGNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLT8vOaU+G+RC7M82+VJJe9fYVlXMB8GA1UdIwQY
MBaAFLgGM/55pilhCf2/ZHXUwqZeLU8cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFZel9ubW1LV0VKX2I5a2RkVENwbDR0VHh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9kMTZmNTktNzc1NC00NmE3LWFhNTkt
MmEwNmVkMTA0NTUzLzEvdFB5ODVwVDRiNUVMc3p6YjVVa2w3MTloV1ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9kMTZmNTktNzc1NC00NmE3LWFhNTktMmEwNmVkMTA0NTUz
LzEvdUFZel9ubW1LV0VKX2I5a2RkVENwbDR0VHh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWRQ8MA0G
CSqGSIb3DQEBCwUAA4IBAQCA89DfHEWLHjPLvJFgCQR7s4idEpmnhrGl+onTF+dr
HLpBzwRvH/zOA1p3maHCFE8MygyNcf50T4h2JKpdLMJhGpynvhxK7d/Wlx9qYLFF
9GEjaLr6mRC3Xe8orVc2CrATRyZ4U76OqPqtGxoJXsgQwilQhcWIaE7cbSKgD+Oe
FjtcE6x1CtSFH1GXcY/7p9WQr8cnyYjQE1xcpUaVEM+brCiZq46pB4LUeNdUZmtw
HSh+LpDWygx57O2eMetLdRSPH0brD6doFib9WzTc2Ee+eUlmL7GEoGfT/Fqx3i6E
qB9T0ctuxwV7N9G8junT6KDGhDzfqrd6OSKbMbzR4qQw
-----END CERTIFICATE-----
Generated at Tue Oct 1 21:37:44 2024 by rpki-client on console-fra.rpki-client.org