Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/ibaHi0y1l8qv32_8pKVSyWN7Lio.roa
File: ibaHi0y1l8qv32_8pKVSyWN7Lio.roa (raw, json)
Hash identifier: HGuGpXezjZVz/aU9NVzRkeYRTrYH3iWdikleIVCkQ/4=
Subject key identifier: 89:B6:87:8B:4C:B5:97:CA:AF:DF:6F:FC:A4:A5:52:C9:63:7B:2E:2A
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018750477B892DE43D0459E7388D83CEDFD1
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/ibaHi0y1l8qv32_8pKVSyWN7Lio.roa
Signing time: Wed 05 Apr 2023 07:17:54 +0000
ROA not before: Wed 05 Apr 2023 07:17:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210423
IP address blocks: 84.236.234.0/23 maxlen: 23
95.178.112.0/22 maxlen: 22
84.232.35.0/24 maxlen: 24
94.24.46.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:50:47:7b:89:2d:e4:3d:04:59:e7:38:8d:83:ce:df:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Apr 5 07:17:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89b6878b4cb597caafdf6ffca4a552c9637b2e2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ce:d6:0d:a0:b1:5c:4f:f6:00:1d:2f:df:4b:
e2:ce:59:00:3b:ff:24:51:07:69:91:3b:7e:7b:e1:
6d:c7:06:94:bb:3a:40:f1:fb:d6:c4:61:ca:95:e9:
a5:af:52:f1:e1:45:08:fa:01:cb:ad:b2:8c:e6:f1:
b7:b5:6c:d8:7f:f8:00:4f:76:4a:64:72:52:83:d6:
6b:c4:2a:fa:af:0d:5b:b9:28:ec:99:85:9b:7f:dd:
f5:b6:d7:7d:d3:97:c0:fe:bb:57:f1:4b:60:1a:ea:
dc:6f:73:a7:bc:c6:a2:01:76:4b:9e:69:7d:b9:f8:
e8:27:3d:77:a6:00:5c:9c:06:90:7e:00:1c:fc:7b:
fc:25:d3:50:2d:75:98:8c:04:4b:15:eb:42:ad:8c:
8a:98:15:74:0a:92:4d:4f:42:c7:92:cb:89:a8:3e:
16:70:66:6f:c0:d4:6e:fd:4f:69:bc:d6:7d:c7:43:
71:93:fa:b6:61:8b:42:8f:a6:4f:17:91:c6:11:6b:
99:dc:e9:fe:96:7c:82:78:f1:09:d2:9f:63:18:50:
f2:ff:29:56:18:b4:68:b9:23:59:d4:f0:ce:95:33:
53:db:2f:f3:8f:ae:c6:f1:4c:38:b1:1b:1d:73:15:
76:4d:ee:41:68:06:73:32:83:4c:1c:30:f8:c3:89:
2e:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:B6:87:8B:4C:B5:97:CA:AF:DF:6F:FC:A4:A5:52:C9:63:7B:2E:2A
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/ibaHi0y1l8qv32_8pKVSyWN7Lio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.232.35.0/24
84.236.234.0/23
94.24.46.0/23
95.178.112.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:ff:5b:77:ed:b7:db:36:f7:b2:cd:a0:46:f1:2c:6c:c6:f8:
5c:4b:97:03:5f:54:e3:60:e3:9b:75:d9:94:98:37:46:8c:8a:
9b:f2:77:43:b3:07:79:d8:e3:39:22:59:21:c9:7a:02:2c:bd:
6f:46:aa:aa:f2:ef:f2:a2:6d:ce:6c:90:3f:4f:b9:0e:0c:cf:
f5:e0:43:6f:05:26:6c:b0:31:71:31:02:19:9b:e8:7d:71:7d:
bc:f0:11:17:44:69:b4:c7:6d:f9:29:d8:e9:55:c0:44:de:a3:
48:44:de:00:6d:a7:5e:da:f5:51:a3:be:17:3a:94:60:ca:5c:
00:9f:e7:fe:b2:5d:97:7d:51:72:8a:7c:c2:ea:e7:da:60:2f:
76:5c:1c:c0:6b:b3:07:08:02:86:7c:24:ae:ef:49:54:76:f6:
03:f0:26:4c:0b:8b:c6:b6:f1:77:2a:5e:c2:a9:57:69:70:7d:
bf:a2:cd:8b:51:fe:57:4b:ec:59:8b:d5:69:e3:86:6b:33:70:
5b:45:6c:cb:b6:a8:6c:9e:76:0f:10:5c:c0:8b:5b:ec:8a:72:
88:e8:6f:24:67:87:ec:3a:fb:09:a0:f5:b5:ea:ce:c7:ce:96:
d4:17:74:cb:a9:c5:a1:45:32:32:10:fe:47:9e:89:75:dd:e1:
a3:18:61:98
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYdQR3uJLeQ9BFnnOI2Dzt/RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjMwNDA1MDcxNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWI2ODc4YjRjYjU5N2NhYWZkZjZmZmNhNGE1NTJjOTYzN2IyZTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAos7WDaCxXE/2AB0v30vizlkAO/8k
UQdpkTt+e+FtxwaUuzpA8fvWxGHKlemlr1Lx4UUI+gHLrbKM5vG3tWzYf/gAT3ZK
ZHJSg9ZrxCr6rw1buSjsmYWbf931ttd905fA/rtX8UtgGurcb3OnvMaiAXZLnml9
ufjoJz13pgBcnAaQfgAc/Hv8JdNQLXWYjARLFetCrYyKmBV0CpJNT0LHksuJqD4W
cGZvwNRu/U9pvNZ9x0Nxk/q2YYtCj6ZPF5HGEWuZ3On+lnyCePEJ0p9jGFDy/ylW
GLRouSNZ1PDOlTNT2y/zj67G8Uw4sRsdcxV2Te5BaAZzMoNMHDD4w4kuTwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIm2h4tMtZfKr99v/KSlUsljey4qMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvaWJhSGkweTFsOHF2MzJfOHBLVlN5V043TGlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVOgjAwQB
VOzqAwQBXhguAwQCX7JwMA0GCSqGSIb3DQEBCwUAA4IBAQB8/1t37bfbNveyzaBG
8SxsxvhcS5cDX1TjYOObddmUmDdGjIqb8ndDswd52OM5IlkhyXoCLL1vRqqq8u/y
om3ObJA/T7kODM/14ENvBSZssDFxMQIZm+h9cX288BEXRGm0x235KdjpVcBE3qNI
RN4Abade2vVRo74XOpRgylwAn+f+sl2XfVFyinzC6ufaYC92XBzAa7MHCAKGfCSu
70lUdvYD8CZMC4vGtvF3Kl7CqVdpcH2/os2LUf5XS+xZi9Vp44ZrM3BbRWzLtqhs
nnYPEFzAi1vsinKI6G8kZ4fsOvsJoPW16s7HzpbUF3TLqcWhRTIyEP5Hnol13eGj
GGGY
-----END CERTIFICATE-----
Generated at Wed Nov 8 08:49:15 2023 by rpki-client on console-ams.rpki-client.org