Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/4fc787-e681-4e16-b1ec-a1c5d7eb4bd7/1/o5cn3bukjsAv1_5FomtcNbnbwXk.roa
File: o5cn3bukjsAv1_5FomtcNbnbwXk.roa (raw, json)
Hash identifier: TMn3km/Kts2wwQya3OxWPlf0elOYw2d8cbXR6dGWt38=
Subject key identifier: A3:97:27:DD:BB:A4:8E:C0:2F:D7:FE:45:A2:6B:5C:35:B9:DB:C1:79
Certificate issuer: /CN=f7e679e58e4b8bf63e95002b54be471d634b9506
Certificate serial: 018CC5013C58064CE50B44ADC1EC54184679
Authority key identifier: F7:E6:79:E5:8E:4B:8B:F6:3E:95:00:2B:54:BE:47:1D:63:4B:95:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9-Z55Y5Li_Y-lQArVL5HHWNLlQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/4fc787-e681-4e16-b1ec-a1c5d7eb4bd7/1/o5cn3bukjsAv1_5FomtcNbnbwXk.roa
Signing time: Mon 01 Jan 2024 12:30:41 +0000
ROA not before: Mon 01 Jan 2024 12:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209358
IP address blocks: 152.89.68.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 29 Jan 2024 09:19:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:3c:58:06:4c:e5:0b:44:ad:c1:ec:54:18:46:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7e679e58e4b8bf63e95002b54be471d634b9506
Validity
Not Before: Jan 1 12:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a39727ddbba48ec02fd7fe45a26b5c35b9dbc179
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:40:a5:3a:e5:11:4c:9d:0e:b1:af:19:96:3f:
9c:f4:a2:cc:c9:ee:58:c5:4e:4e:14:64:a5:39:ef:
09:7b:eb:8b:3d:63:a4:94:7b:64:3a:3f:cf:59:23:
1c:59:ab:04:66:0d:cf:4b:62:2c:4c:5c:08:de:e3:
0e:f0:f8:34:8e:42:79:12:3b:11:7f:df:6e:93:e4:
95:cd:f9:67:95:2d:d2:2b:b4:06:1f:73:73:1c:71:
e6:0a:12:f4:36:ec:84:a5:39:39:83:08:90:1f:de:
bd:0e:37:47:1b:b7:27:65:10:95:35:fb:8d:0b:7c:
6c:61:db:70:70:d2:26:95:bc:b3:76:dc:9b:b4:92:
d3:3c:ae:a2:68:0a:41:92:eb:0a:6d:b4:25:cd:ee:
6c:9f:9a:d6:ba:09:32:6b:fb:7a:69:9f:d9:86:43:
a5:8f:12:a6:36:27:9b:a4:e9:53:85:b8:da:59:f8:
73:79:df:70:74:d4:e5:d9:03:c5:d3:d8:e2:f9:59:
e9:3b:bb:74:5e:db:71:47:c0:da:80:7f:e4:c9:a6:
43:70:90:1d:16:f1:e1:2a:73:3f:fa:ba:af:7f:73:
28:46:d0:2f:30:59:be:fa:a2:48:b8:70:80:c0:f1:
71:00:0d:40:22:9b:7a:8c:51:30:d9:c6:45:2e:53:
dc:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:97:27:DD:BB:A4:8E:C0:2F:D7:FE:45:A2:6B:5C:35:B9:DB:C1:79
X509v3 Authority Key Identifier:
keyid:F7:E6:79:E5:8E:4B:8B:F6:3E:95:00:2B:54:BE:47:1D:63:4B:95:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9-Z55Y5Li_Y-lQArVL5HHWNLlQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/4fc787-e681-4e16-b1ec-a1c5d7eb4bd7/1/o5cn3bukjsAv1_5FomtcNbnbwXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/4fc787-e681-4e16-b1ec-a1c5d7eb4bd7/1/9-Z55Y5Li_Y-lQArVL5HHWNLlQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.68.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:1b:95:03:05:c0:6f:1a:b8:a9:4d:46:95:68:87:d4:86:78:
21:bf:4a:34:53:04:0e:53:d1:fc:f6:3e:f5:b5:b0:6d:13:07:
9b:f6:1a:98:34:08:39:57:bb:50:d9:54:70:c7:c5:1e:25:9a:
1d:6b:92:76:fd:75:ce:22:85:08:5c:d3:6b:d0:78:a4:75:9a:
ed:39:9c:73:33:fd:22:28:ca:84:21:e0:11:1f:33:40:79:0f:
8c:38:db:26:2b:fd:89:8f:9c:f7:44:54:d6:42:ac:be:bc:d6:
1f:9f:7a:13:eb:36:19:3b:1c:ac:76:2c:d3:66:3f:db:51:1b:
6c:ab:5c:4f:86:48:a4:99:97:d0:4d:57:a4:f9:f8:18:30:fe:
f1:b1:cc:79:02:1b:63:4f:23:13:af:94:c5:49:9d:28:8c:75:
84:a7:05:9a:4e:cb:da:c6:81:c7:bb:a2:6e:95:1e:82:ae:39:
08:52:1d:a2:1d:7e:e4:24:6d:46:60:c5:e1:d7:83:80:4b:b2:
1f:a1:37:b7:a7:5e:87:26:9d:d7:68:d3:03:1f:1c:da:ae:8c:
e4:39:2f:5b:4a:42:d6:d7:5d:9b:f6:9d:57:eb:6e:78:26:88:
d5:34:d8:ef:06:06:bb:90:47:68:4a:66:f2:13:9d:40:59:10:
ae:bd:00:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFATxYBkzlC0StwexUGEZ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3ZTY3OWU1OGU0YjhiZjYzZTk1MDAyYjU0YmU0NzFkNjM0
Yjk1MDYwHhcNMjQwMTAxMTIzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzk3MjdkZGJiYTQ4ZWMwMmZkN2ZlNDVhMjZiNWMzNWI5ZGJjMTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEClOuURTJ0Osa8Zlj+c9KLMye5Y
xU5OFGSlOe8Je+uLPWOklHtkOj/PWSMcWasEZg3PS2IsTFwI3uMO8Pg0jkJ5EjsR
f99uk+SVzflnlS3SK7QGH3NzHHHmChL0NuyEpTk5gwiQH969DjdHG7cnZRCVNfuN
C3xsYdtwcNImlbyzdtybtJLTPK6iaApBkusKbbQlze5sn5rWugkya/t6aZ/ZhkOl
jxKmNiebpOlThbjaWfhzed9wdNTl2QPF09ji+VnpO7t0XttxR8DagH/kyaZDcJAd
FvHhKnM/+rqvf3MoRtAvMFm++qJIuHCAwPFxAA1AIpt6jFEw2cZFLlPcJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKOXJ927pI7AL9f+RaJrXDW528F5MB8GA1UdIwQY
MBaAFPfmeeWOS4v2PpUAK1S+Rx1jS5UGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOS1aNTVZNUxpX1ktbFFBclZMNUhIV05MbFFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC80ZmM3ODctZTY4MS00ZTE2LWIxZWMt
YTFjNWQ3ZWI0YmQ3LzEvbzVjbjNidWtqc0F2MV81Rm9tdGNOYm5id1hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC80ZmM3ODctZTY4MS00ZTE2LWIxZWMtYTFjNWQ3ZWI0YmQ3
LzEvOS1aNTVZNUxpX1ktbFFBclZMNUhIV05MbFFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmFlEMA0G
CSqGSIb3DQEBCwUAA4IBAQCeG5UDBcBvGripTUaVaIfUhnghv0o0UwQOU9H89j71
tbBtEweb9hqYNAg5V7tQ2VRwx8UeJZoda5J2/XXOIoUIXNNr0HikdZrtOZxzM/0i
KMqEIeARHzNAeQ+MONsmK/2Jj5z3RFTWQqy+vNYfn3oT6zYZOxysdizTZj/bURts
q1xPhkikmZfQTVek+fgYMP7xscx5AhtjTyMTr5TFSZ0ojHWEpwWaTsvaxoHHu6Ju
lR6CrjkIUh2iHX7kJG1GYMXh14OAS7IfoTe3p16HJp3XaNMDHxzarozkOS9bSkLW
112b9p1X6254JojVNNjvBga7kEdoSmbyE51AWRCuvQBi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:01 2024 by rpki-client on console-ams.rpki-client.org