Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/9Baz2sy6LZ20TkeOc0OBCAqZBYw.roa
File: 9Baz2sy6LZ20TkeOc0OBCAqZBYw.roa (raw, json)
Hash identifier: zA14VeOlHpsY3KrIzh8i2SyYzh1fltUAxBpIXSJDh8c=
Subject key identifier: F4:16:B3:DA:CC:BA:2D:9D:B4:4E:47:8E:73:43:81:08:0A:99:05:8C
Certificate issuer: /CN=007e6b5aa437d3693151502a211496e37d4ae2c5
Certificate serial: 01856ED4D1D458D7D3CC9597B0E09C17EEB4
Authority key identifier: 00:7E:6B:5A:A4:37:D3:69:31:51:50:2A:21:14:96:E3:7D:4A:E2:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AH5rWqQ302kxUVAqIRSW431K4sU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/9Baz2sy6LZ20TkeOc0OBCAqZBYw.roa
Signing time: Sun 01 Jan 2023 19:35:19 +0000
ROA not before: Sun 01 Jan 2023 19:35:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5630
IP address blocks: 89.106.184.0/21 maxlen: 24
2a01:20:4::/48 maxlen: 48
2a01:20::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:d1:d4:58:d7:d3:cc:95:97:b0:e0:9c:17:ee:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=007e6b5aa437d3693151502a211496e37d4ae2c5
Validity
Not Before: Jan 1 19:35:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f416b3daccba2d9db44e478e734381080a99058c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a9:28:1b:16:80:ab:b4:a9:ce:49:40:9a:9c:
4d:a7:21:ba:a8:fb:a1:62:9d:2d:bd:bf:cf:c7:d8:
66:2f:56:d1:5c:88:a9:57:dd:fe:71:95:b8:ee:81:
df:72:76:e0:ac:6e:aa:0b:99:21:fe:e0:25:22:5c:
f5:ba:d1:fb:b2:f7:d5:b1:c8:8a:37:33:c6:e6:c7:
7f:5f:86:17:a2:23:62:0a:a7:38:fe:d4:1b:f0:fb:
03:f4:e6:15:86:7e:1f:fe:b7:90:fa:8a:e5:c4:e2:
a1:0f:6d:56:03:9d:5a:81:ff:ab:8d:fc:cb:af:28:
2e:f3:d6:06:51:a0:6c:b8:37:95:f1:8b:17:4d:0c:
6c:cd:60:74:3c:ff:7c:73:19:f7:d9:17:ab:25:57:
3a:97:41:c1:80:9c:2b:4b:ec:d3:09:89:8f:42:67:
69:b1:ea:7a:7e:28:8c:96:12:cb:d9:1b:f3:20:86:
4d:45:7c:1e:89:cf:8d:e0:9c:0b:61:0c:ab:55:8f:
ee:58:ba:a9:ef:67:21:fc:3d:0d:fb:d3:05:db:e0:
1d:2c:77:af:9a:40:9c:88:3b:dd:c9:dd:a2:71:5b:
4f:bd:52:6f:86:0f:bd:be:cd:41:51:d1:b4:bc:fb:
31:ec:07:5e:fd:6a:da:89:52:71:69:2c:f3:cc:a6:
92:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:16:B3:DA:CC:BA:2D:9D:B4:4E:47:8E:73:43:81:08:0A:99:05:8C
X509v3 Authority Key Identifier:
keyid:00:7E:6B:5A:A4:37:D3:69:31:51:50:2A:21:14:96:E3:7D:4A:E2:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AH5rWqQ302kxUVAqIRSW431K4sU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/9Baz2sy6LZ20TkeOc0OBCAqZBYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/AH5rWqQ302kxUVAqIRSW431K4sU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.106.184.0/21
IPv6:
2a01:20::/48
2a01:20:4::/48
Signature Algorithm: sha256WithRSAEncryption
96:e0:f7:ab:67:93:0f:09:67:0f:1c:87:5a:52:69:f1:26:34:
18:97:59:d3:8f:45:67:cd:9f:d6:eb:34:ea:37:45:78:2e:79:
1e:b7:fe:78:fc:d9:ad:7d:95:45:2d:11:4b:db:36:d1:ae:1d:
c5:9e:10:3a:bf:fd:86:76:48:f5:2e:a3:f3:2c:23:d2:21:7f:
47:29:7f:c0:c3:2e:25:06:8e:c0:e0:08:e5:b0:40:39:5f:fb:
97:61:e5:ac:b4:32:22:84:27:09:df:1f:c6:51:a8:ba:0f:6d:
a8:bf:a9:c8:26:75:84:ad:1b:4d:18:a6:73:00:99:6e:80:97:
ab:f7:a9:3f:e0:f5:59:4f:56:7e:04:11:5b:97:00:89:01:b9:
81:69:8e:01:c4:57:9e:b7:aa:c9:ca:70:fb:b6:41:07:7b:9e:
fa:14:85:70:c4:63:48:76:59:6c:77:f9:de:42:e8:90:d6:bb:
54:74:03:6b:61:aa:28:73:d4:54:1d:e3:70:9f:32:ca:9c:c5:
fe:cc:24:a8:81:4c:e4:f1:ab:fc:c8:06:3b:9f:71:37:c1:03:
1e:71:03:de:d5:e3:37:51:aa:80:bf:85:3b:76:ad:dc:af:fa:
73:dd:96:7b:6e:b9:42:f8:45:03:f3:8d:45:cf:73:b3:09:3a:
c0:5c:c4:db
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVu1NHUWNfTzJWXsOCcF+60MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwN2U2YjVhYTQzN2QzNjkzMTUxNTAyYTIxMTQ5NmUzN2Q0
YWUyYzUwHhcNMjMwMTAxMTkzNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDE2YjNkYWNjYmEyZDlkYjQ0ZTQ3OGU3MzQzODEwODBhOTkwNThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6koGxaAq7SpzklAmpxNpyG6qPuh
Yp0tvb/Px9hmL1bRXIipV93+cZW47oHfcnbgrG6qC5kh/uAlIlz1utH7svfVsciK
NzPG5sd/X4YXoiNiCqc4/tQb8PsD9OYVhn4f/reQ+orlxOKhD21WA51agf+rjfzL
rygu89YGUaBsuDeV8YsXTQxszWB0PP98cxn32RerJVc6l0HBgJwrS+zTCYmPQmdp
sep6fiiMlhLL2RvzIIZNRXweic+N4JwLYQyrVY/uWLqp72ch/D0N+9MF2+AdLHev
mkCciDvdyd2icVtPvVJvhg+9vs1BUdG0vPsx7Ade/WraiVJxaSzzzKaSuQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFPQWs9rMui2dtE5HjnNDgQgKmQWMMB8GA1UdIwQY
MBaAFAB+a1qkN9NpMVFQKiEUluN9SuLFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUg1cldxUTMwMmt4VVZBcUlSU1c0MzFLNHNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy81MThmYWItNzYwNi00ODMyLWFhNjYt
NWE4YzY3ODQyMzg5LzEvOUJhejJzeTZMWjIwVGtlT2MwT0JDQXFaQll3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy81MThmYWItNzYwNi00ODMyLWFhNjYtNWE4YzY3ODQyMzg5
LzEvQUg1cldxUTMwMmt4VVZBcUlSU1c0MzFLNHNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQDWWq4MBgE
AgACMBIDBwAqAQAgAAADBwAqAQAgAAQwDQYJKoZIhvcNAQELBQADggEBAJbg96tn
kw8JZw8ch1pSafEmNBiXWdOPRWfNn9brNOo3RXgueR63/nj82a19lUUtEUvbNtGu
HcWeEDq//YZ2SPUuo/MsI9Ihf0cpf8DDLiUGjsDgCOWwQDlf+5dh5ay0MiKEJwnf
H8ZRqLoPbai/qcgmdYStG00YpnMAmW6Al6v3qT/g9VlPVn4EEVuXAIkBuYFpjgHE
V563qsnKcPu2QQd7nvoUhXDEY0h2WWx3+d5C6JDWu1R0A2thqihz1FQd43CfMsqc
xf7MJKiBTOTxq/zIBjufcTfBAx5xA97V4zdRqoC/hTt2rdyv+nPdlntuuUL4RQPz
jUXPc7MJOsBcxNs=
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:17 2024 by rpki-client on console-fra.rpki-client.org