Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/nMGsFk0zvJivaPJtGYSkKzPxO6E.roa
File: nMGsFk0zvJivaPJtGYSkKzPxO6E.roa (raw, json)
Hash identifier: Vs0GUMyO9n8VddJC1j0p3AN2LlJAVsBzsyEMe3pL7Jw=
Subject key identifier: 9C:C1:AC:16:4D:33:BC:98:AF:68:F2:6D:19:84:A4:2B:33:F1:3B:A1
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 018C40D909F680CD4D8C0FB8326DA18516F7
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/nMGsFk0zvJivaPJtGYSkKzPxO6E.roa
Signing time: Wed 06 Dec 2023 20:36:54 +0000
ROA not before: Wed 06 Dec 2023 20:36:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34508
IP address blocks: 89.175.44.0/23 maxlen: 23
89.175.58.0/23 maxlen: 23
89.175.88.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:40:d9:09:f6:80:cd:4d:8c:0f:b8:32:6d:a1:85:16:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Dec 6 20:36:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9cc1ac164d33bc98af68f26d1984a42b33f13ba1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:db:1f:fa:7f:ff:08:d0:bc:08:9a:b8:a9:b3:
51:0e:fb:20:92:6d:fe:2c:fd:8d:8d:c1:39:70:fc:
21:a7:b2:57:66:ce:b8:2f:15:1a:fb:2d:27:ef:de:
73:f2:99:e8:62:ec:08:46:38:7a:34:45:66:8a:b6:
14:ed:39:b2:71:c9:ee:5b:0b:94:08:30:eb:87:80:
c7:68:89:73:d8:3e:e4:cc:d9:17:b1:0a:16:54:72:
86:09:86:8d:b9:6f:d9:05:4e:63:8b:ff:45:09:61:
c5:66:cd:59:3a:56:9c:76:e0:ba:f1:15:2b:b6:69:
ab:f9:d7:91:fa:52:bd:56:97:18:ea:8a:3d:1e:11:
27:ac:40:3d:89:f6:df:58:c3:7d:4d:79:61:9c:00:
18:29:1f:02:c5:26:a7:9d:29:dc:9a:a9:09:86:a0:
c9:9b:8e:6b:a0:39:fa:b2:6e:39:67:19:c6:f7:0f:
24:07:f4:72:03:0c:66:6d:37:e5:a6:bb:34:21:36:
7d:a1:58:be:12:a1:ce:42:61:02:02:0c:18:a3:65:
5a:df:9f:75:33:ba:e4:f3:64:48:21:10:41:a2:49:
49:74:8b:2d:89:3e:04:01:1f:78:7e:f0:ab:25:0e:
63:40:35:7e:49:15:4a:80:ca:b2:d3:6e:7a:44:3e:
90:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:C1:AC:16:4D:33:BC:98:AF:68:F2:6D:19:84:A4:2B:33:F1:3B:A1
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/nMGsFk0zvJivaPJtGYSkKzPxO6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.175.44.0/23
89.175.58.0/23
89.175.88.0/23
Signature Algorithm: sha256WithRSAEncryption
87:55:73:9f:4a:fe:00:36:e3:95:be:2e:cf:2d:51:7b:a7:2a:
7e:86:a9:2a:35:b5:49:be:5c:22:23:4f:91:40:23:4e:51:fc:
08:8c:99:d2:2f:b1:1c:ff:66:33:34:f4:37:b1:83:fd:15:33:
73:3a:43:70:a1:1f:c2:70:65:48:b9:94:1d:19:6b:c7:0a:41:
df:63:80:89:6c:d6:2d:c1:74:57:10:d1:1b:cc:9a:5a:99:19:
b4:41:52:34:f3:11:13:c4:e4:81:58:62:17:5c:ba:fb:f2:b4:
97:b7:f2:17:d8:9b:35:ba:c8:4b:6e:a0:6b:a9:a0:8d:0b:31:
c7:b5:f9:11:2a:99:7b:37:7d:bd:d5:c4:2c:96:1f:b4:53:b3:
d8:f4:78:62:4a:02:79:19:97:a5:63:5a:f0:39:7c:87:21:2f:
02:ac:56:af:42:85:4d:84:45:0f:c9:7c:b6:e6:6b:1e:c1:66:
64:78:4f:6f:28:98:a4:da:9f:0f:3e:3c:53:4c:01:b7:ec:96:
ce:04:01:84:8b:ba:b5:80:84:e3:e8:ac:f6:9d:9e:09:a4:82:
cf:ed:76:5c:5a:d1:a2:64:e3:29:c7:a4:ce:bd:c4:8b:cc:2c:
04:61:a0:35:8f:4b:ae:ee:69:85:fb:93:15:63:03:cf:5c:9a:
9e:30:71:f5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYxA2Qn2gM1NjA+4Mm2hhRb3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjMxMjA2MjAzNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2MxYWMxNjRkMzNiYzk4YWY2OGYyNmQxOTg0YTQyYjMzZjEzYmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9sf+n//CNC8CJq4qbNRDvsgkm3+
LP2NjcE5cPwhp7JXZs64LxUa+y0n795z8pnoYuwIRjh6NEVmirYU7TmyccnuWwuU
CDDrh4DHaIlz2D7kzNkXsQoWVHKGCYaNuW/ZBU5ji/9FCWHFZs1ZOlacduC68RUr
tmmr+deR+lK9VpcY6oo9HhEnrEA9ifbfWMN9TXlhnAAYKR8CxSannSncmqkJhqDJ
m45roDn6sm45ZxnG9w8kB/RyAwxmbTflprs0ITZ9oVi+EqHOQmECAgwYo2Va3591
M7rk82RIIRBBoklJdIstiT4EAR94fvCrJQ5jQDV+SRVKgMqy0256RD6QmQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJzBrBZNM7yYr2jybRmEpCsz8TuhMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvbk1Hc0ZrMHp2Sml2YVBKdEdZU2tLelB4TzZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBWa8sAwQB
Wa86AwQBWa9YMA0GCSqGSIb3DQEBCwUAA4IBAQCHVXOfSv4ANuOVvi7PLVF7pyp+
hqkqNbVJvlwiI0+RQCNOUfwIjJnSL7Ec/2YzNPQ3sYP9FTNzOkNwoR/CcGVIuZQd
GWvHCkHfY4CJbNYtwXRXENEbzJpamRm0QVI08xETxOSBWGIXXLr78rSXt/IX2Js1
ushLbqBrqaCNCzHHtfkRKpl7N3291cQslh+0U7PY9HhiSgJ5GZelY1rwOXyHIS8C
rFavQoVNhEUPyXy25msewWZkeE9vKJik2p8PPjxTTAG37JbOBAGEi7q1gITj6Kz2
nZ4JpILP7XZcWtGiZOMpx6TOvcSLzCwEYaA1j0uu7mmF+5MVYwPPXJqeMHH1
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:21 2024 by rpki-client on console-fra.rpki-client.org