Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/xEQE3Mr24KdHgza1VHmmiA-tj_g.roa
File: xEQE3Mr24KdHgza1VHmmiA-tj_g.roa (raw, json)
Hash identifier: dIdQYp3BcZOgl3NrLkweAgNMH8+aZEphptQaeUAlK4o=
Subject key identifier: C4:44:04:DC:CA:F6:E0:A7:47:83:36:B5:54:79:A6:88:0F:AD:8F:F8
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 01856EA6B4C36D31619C4AE1F8072F25ECF9
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/xEQE3Mr24KdHgza1VHmmiA-tj_g.roa
Signing time: Sun 01 Jan 2023 18:44:57 +0000
ROA not before: Sun 01 Jan 2023 18:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20860
IP address blocks: 89.43.47.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:b4:c3:6d:31:61:9c:4a:e1:f8:07:2f:25:ec:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jan 1 18:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c44404dccaf6e0a7478336b55479a6880fad8ff8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7d:e9:7e:9e:3d:29:a6:29:8c:18:3e:70:b1:
b7:9e:8a:93:a2:6a:51:3c:eb:29:e1:fe:25:58:2d:
f9:c0:b3:f3:8f:ce:87:89:5f:a7:40:4d:5c:17:7b:
31:13:43:db:a7:9b:64:75:34:02:73:4e:03:90:e6:
d0:1b:38:57:35:66:ca:40:ea:2d:18:8f:cd:b9:c6:
31:af:3e:00:22:e8:24:46:a7:3b:9b:69:91:95:1d:
4c:6e:08:d3:32:27:9a:10:c0:9a:4f:12:d2:2f:98:
62:28:bb:f8:a3:75:ab:be:55:5f:ab:fc:d4:8d:61:
b5:70:09:56:d4:78:d5:87:33:1e:4d:34:3d:56:a8:
81:dd:18:bd:13:1b:4c:32:77:af:53:e3:3d:31:4a:
f2:30:ba:8a:52:4a:72:7b:fc:de:55:33:d9:03:8e:
69:06:97:9b:5c:e0:4d:4f:91:84:ca:12:9b:91:55:
bc:a1:b4:38:ed:38:f7:a5:22:1b:08:8b:13:14:7b:
ba:62:b7:15:30:96:86:d9:d0:11:63:a3:41:78:6d:
c8:f7:dd:41:d3:39:d6:32:a0:df:35:b1:9b:96:9c:
88:42:66:c8:28:a0:20:9a:bf:e9:07:6d:38:2f:30:
96:c5:a3:fb:f1:9a:46:27:f0:d5:18:c0:2b:1e:82:
e9:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:44:04:DC:CA:F6:E0:A7:47:83:36:B5:54:79:A6:88:0F:AD:8F:F8
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/xEQE3Mr24KdHgza1VHmmiA-tj_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.43.47.0/24
Signature Algorithm: sha256WithRSAEncryption
50:a6:70:f9:9c:e5:9d:26:57:63:94:07:ae:4d:c9:26:30:59:
82:24:97:83:76:49:5c:55:f7:4f:18:f8:3a:be:21:21:5f:e0:
b8:56:10:bf:6d:92:8c:f2:26:c5:37:f9:07:1e:32:30:64:cd:
a3:7b:cb:dd:00:d2:52:64:b9:ce:05:05:80:bf:07:fe:42:ba:
02:a3:e9:b1:46:8b:f3:79:e5:70:65:0e:ed:8b:8e:ea:27:75:
1f:e0:0c:fe:1c:09:a2:d6:74:03:e9:f8:55:f9:9d:47:00:71:
d1:85:a1:bd:6b:82:55:a1:b7:2f:00:d8:a8:53:ec:b2:42:d7:
ad:43:3c:7b:b3:76:e9:17:ef:bb:86:f3:af:9c:3f:de:54:e2:
ae:55:df:58:aa:09:57:5a:28:7d:f5:2c:42:23:25:25:41:43:
92:8a:e3:c9:c2:98:a9:e0:dd:e8:d6:c3:b4:77:26:6c:31:21:
6e:54:f1:1e:79:e2:2b:8b:21:f3:41:dd:bf:67:1d:13:3a:7e:
32:8d:21:3c:bd:d1:11:de:c0:0e:33:bf:b6:1d:f2:5e:02:cf:
70:d2:63:d2:64:d2:d1:d8:7e:d5:ea:1b:23:17:a1:06:11:89:
e4:af:a1:7a:e4:92:aa:21:dd:8f:a7:a3:00:8b:f0:4f:4c:80:
78:ca:bc:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuprTDbTFhnErh+AcvJez5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjMwMTAxMTg0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDQ0MDRkY2NhZjZlMGE3NDc4MzM2YjU1NDc5YTY4ODBmYWQ4ZmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsH3pfp49KaYpjBg+cLG3noqTompR
POsp4f4lWC35wLPzj86HiV+nQE1cF3sxE0Pbp5tkdTQCc04DkObQGzhXNWbKQOot
GI/NucYxrz4AIugkRqc7m2mRlR1MbgjTMieaEMCaTxLSL5hiKLv4o3WrvlVfq/zU
jWG1cAlW1HjVhzMeTTQ9VqiB3Ri9ExtMMnevU+M9MUryMLqKUkpye/zeVTPZA45p
BpebXOBNT5GEyhKbkVW8obQ47Tj3pSIbCIsTFHu6YrcVMJaG2dARY6NBeG3I991B
0znWMqDfNbGblpyIQmbIKKAgmr/pB204LzCWxaP78ZpGJ/DVGMArHoLpKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMREBNzK9uCnR4M2tVR5pogPrY/4MB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEveEVRRTNNcjI0S2RIZ3phMVZIbW1pQS10al9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSsvMA0G
CSqGSIb3DQEBCwUAA4IBAQBQpnD5nOWdJldjlAeuTckmMFmCJJeDdklcVfdPGPg6
viEhX+C4VhC/bZKM8ibFN/kHHjIwZM2je8vdANJSZLnOBQWAvwf+QroCo+mxRovz
eeVwZQ7ti47qJ3Uf4Az+HAmi1nQD6fhV+Z1HAHHRhaG9a4JVobcvANioU+yyQtet
Qzx7s3bpF++7hvOvnD/eVOKuVd9YqglXWih99SxCIyUlQUOSiuPJwpip4N3o1sO0
dyZsMSFuVPEeeeIriyHzQd2/Zx0TOn4yjSE8vdER3sAOM7+2HfJeAs9w0mPSZNLR
2H7V6hsjF6EGEYnkr6F65JKqId2Pp6MAi/BPTIB4yrwI
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:39 2024 by rpki-client on console-ams.rpki-client.org