Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/b5ba29-b29f-4065-98fb-b529b0cf5411/1/drCT7QV1iCflleAH_XOyry3s6GM.roa
File: drCT7QV1iCflleAH_XOyry3s6GM.roa (raw, json)
Hash identifier: /iiOOkJAxLqtfiD97T8fHT2T12LcNG1ZUWKYcyBFEVo=
Subject key identifier: 76:B0:93:ED:05:75:88:27:E5:95:E0:07:FD:73:B2:AF:2D:EC:E8:63
Certificate issuer: /CN=2cc57499546c4efd730ff871df3bd1afbf3b9f01
Certificate serial: 0185715E77C62D506AB4A4F29B6065C8A686
Authority key identifier: 2C:C5:74:99:54:6C:4E:FD:73:0F:F8:71:DF:3B:D1:AF:BF:3B:9F:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LMV0mVRsTv1zD_hx3zvRr787nwE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/b5ba29-b29f-4065-98fb-b529b0cf5411/1/drCT7QV1iCflleAH_XOyry3s6GM.roa
Signing time: Mon 02 Jan 2023 07:24:54 +0000
ROA not before: Mon 02 Jan 2023 07:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209626
IP address blocks: 89.106.200.0/24 maxlen: 24
2a12:5240::/48 maxlen: 48
2a12:5240::/47 maxlen: 47
2a12:5240:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:77:c6:2d:50:6a:b4:a4:f2:9b:60:65:c8:a6:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cc57499546c4efd730ff871df3bd1afbf3b9f01
Validity
Not Before: Jan 2 07:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76b093ed05758827e595e007fd73b2af2dece863
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:71:67:cf:a0:95:be:e0:ac:eb:0d:a7:97:b9:
aa:38:4d:c6:75:32:c4:e0:74:d8:5e:fa:c0:dc:f3:
5e:24:db:ac:2c:15:3f:7b:73:59:c6:94:87:8f:7d:
95:c8:c4:0e:a6:72:22:fe:0e:e6:88:d6:78:4e:6d:
f6:fc:5a:e1:d5:53:88:f7:74:98:be:b9:ae:92:b9:
62:06:75:ae:2e:c5:f4:eb:4c:43:85:c9:83:49:4b:
96:9d:cf:1a:ae:cc:03:1c:bb:6a:c9:bc:ac:7f:76:
49:6e:88:86:cd:a9:95:49:c9:bc:cb:03:ea:c5:1e:
c8:f3:94:8d:7e:f2:71:d3:83:55:04:fd:ff:4e:7b:
8c:51:1a:be:d0:25:85:b2:66:de:40:26:20:42:87:
71:96:35:98:c0:5b:a0:5a:33:2c:86:8e:9d:83:18:
99:87:06:b7:7c:14:39:ca:79:17:71:f0:2a:2f:f6:
1b:e2:87:5c:21:79:2b:2c:15:5f:b6:d3:30:17:b0:
13:dc:83:4e:82:39:79:6e:a4:53:9f:0c:c4:b2:c9:
29:96:8d:58:f7:ba:a9:f4:9f:39:8d:8c:e0:30:f0:
52:a6:47:3a:74:59:48:39:84:c5:b3:e6:a8:e8:a0:
88:3f:37:13:d4:fe:a8:b9:de:d1:dd:f1:02:1b:e8:
76:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:B0:93:ED:05:75:88:27:E5:95:E0:07:FD:73:B2:AF:2D:EC:E8:63
X509v3 Authority Key Identifier:
keyid:2C:C5:74:99:54:6C:4E:FD:73:0F:F8:71:DF:3B:D1:AF:BF:3B:9F:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LMV0mVRsTv1zD_hx3zvRr787nwE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/b5ba29-b29f-4065-98fb-b529b0cf5411/1/drCT7QV1iCflleAH_XOyry3s6GM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/b5ba29-b29f-4065-98fb-b529b0cf5411/1/LMV0mVRsTv1zD_hx3zvRr787nwE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.106.200.0/24
IPv6:
2a12:5240::/47
Signature Algorithm: sha256WithRSAEncryption
3e:bd:40:38:58:45:2b:61:1c:21:33:94:7d:00:c9:cd:16:60:
2a:0a:83:61:fb:07:25:6c:8b:54:54:41:8d:55:ac:c6:b0:a7:
29:6c:2c:99:e6:e8:ac:8a:b4:8f:cd:99:66:1b:f2:41:54:cc:
5f:4e:10:b0:d4:b6:16:28:cc:b0:a0:62:8a:46:2a:0c:5a:a1:
02:66:0c:87:9c:87:fd:9f:83:79:07:5d:96:3f:22:67:07:a1:
6b:07:76:63:f9:bc:2a:b6:71:0b:70:30:cb:6a:38:34:90:a4:
df:e1:aa:90:bb:66:1a:84:d9:4d:e4:31:57:ee:0b:0a:46:ee:
6f:9d:7e:85:51:a6:c2:e9:70:45:58:87:66:68:3f:b6:85:b6:
f6:81:ab:57:1f:a0:c8:87:2c:92:61:28:9c:2a:25:f2:b0:d6:
08:cb:3d:b9:0d:fd:80:ed:15:95:56:8e:41:6a:e1:f3:4d:59:
47:04:66:57:3c:cc:5a:97:c3:4e:68:cb:58:84:11:a6:1b:fa:
c5:79:5f:fd:89:4f:ba:c3:e4:b9:90:a2:6a:c2:63:06:c8:f5:
5f:d0:8d:b5:c8:e1:7e:f9:18:f0:48:e1:29:10:78:29:33:86:
58:1b:db:67:02:25:78:ec:3a:79:30:8d:57:68:14:5d:de:e6:
8a:a3:cb:eb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxXnfGLVBqtKTym2BlyKaGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYzU3NDk5NTQ2YzRlZmQ3MzBmZjg3MWRmM2JkMWFmYmYz
YjlmMDEwHhcNMjMwMTAyMDcyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmIwOTNlZDA1NzU4ODI3ZTU5NWUwMDdmZDczYjJhZjJkZWNlODYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonFnz6CVvuCs6w2nl7mqOE3GdTLE
4HTYXvrA3PNeJNusLBU/e3NZxpSHj32VyMQOpnIi/g7miNZ4Tm32/Frh1VOI93SY
vrmukrliBnWuLsX060xDhcmDSUuWnc8arswDHLtqybysf3ZJboiGzamVScm8ywPq
xR7I85SNfvJx04NVBP3/TnuMURq+0CWFsmbeQCYgQodxljWYwFugWjMsho6dgxiZ
hwa3fBQ5ynkXcfAqL/Yb4odcIXkrLBVfttMwF7AT3INOgjl5bqRTnwzEsskplo1Y
97qp9J85jYzgMPBSpkc6dFlIOYTFs+ao6KCIPzcT1P6oud7R3fECG+h2swIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHawk+0FdYgn5ZXgB/1zsq8t7OhjMB8GA1UdIwQY
MBaAFCzFdJlUbE79cw/4cd870a+/O58BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE1WMG1WUnNUdjF6RF9oeDN6dlJyNzg3bndFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9iNWJhMjktYjI5Zi00MDY1LTk4ZmIt
YjUyOWIwY2Y1NDExLzEvZHJDVDdRVjFpQ2ZsbGVBSF9YT3lyeTNzNkdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9iNWJhMjktYjI5Zi00MDY1LTk4ZmItYjUyOWIwY2Y1NDEx
LzEvTE1WMG1WUnNUdjF6RF9oeDN6dlJyNzg3bndFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAWWrIMA8E
AgACMAkDBwEqElJAAAAwDQYJKoZIhvcNAQELBQADggEBAD69QDhYRSthHCEzlH0A
yc0WYCoKg2H7ByVsi1RUQY1VrMawpylsLJnm6KyKtI/NmWYb8kFUzF9OELDUthYo
zLCgYopGKgxaoQJmDIech/2fg3kHXZY/ImcHoWsHdmP5vCq2cQtwMMtqODSQpN/h
qpC7ZhqE2U3kMVfuCwpG7m+dfoVRpsLpcEVYh2ZoP7aFtvaBq1cfoMiHLJJhKJwq
JfKw1gjLPbkN/YDtFZVWjkFq4fNNWUcEZlc8zFqXw05oy1iEEaYb+sV5X/2JT7rD
5LmQomrCYwbI9V/QjbXI4X75GPBI4SkQeCkzhlgb22cCJXjsOnkwjVdoFF3e5oqj
y+s=
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:06 2024 by rpki-client on console-ams.rpki-client.org