Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/6a7c93-87b4-4a4c-a21e-41a84f419ac5/1/DotIK--YMtcLVaWccGyT5dHpN7A.roa
File: DotIK--YMtcLVaWccGyT5dHpN7A.roa (raw, json)
Hash identifier: K59Lu9GDHnPihzAmNQ1RrCAkrIMqjms28jLowjIbch4=
Subject key identifier: 0E:8B:48:2B:EF:98:32:D7:0B:55:A5:9C:70:6C:93:E5:D1:E9:37:B0
Certificate issuer: /CN=d0b904df5eec2216b343016c5cb24bb90a43d3a4
Certificate serial: 018571831C2C0C9B05233FFB2D94993E258B
Authority key identifier: D0:B9:04:DF:5E:EC:22:16:B3:43:01:6C:5C:B2:4B:B9:0A:43:D3:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0LkE317sIhazQwFsXLJLuQpD06Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/6a7c93-87b4-4a4c-a21e-41a84f419ac5/1/DotIK--YMtcLVaWccGyT5dHpN7A.roa
Signing time: Mon 02 Jan 2023 08:04:55 +0000
ROA not before: Mon 02 Jan 2023 08:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210139
IP address blocks: 89.190.32.0/21 maxlen: 21
89.190.39.0/24 maxlen: 24
185.73.160.0/22 maxlen: 22
2a05:43c0::/29 maxlen: 29
2a05:43c2::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:1c:2c:0c:9b:05:23:3f:fb:2d:94:99:3e:25:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0b904df5eec2216b343016c5cb24bb90a43d3a4
Validity
Not Before: Jan 2 08:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e8b482bef9832d70b55a59c706c93e5d1e937b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:0e:15:3a:55:61:c0:a5:41:43:6a:9f:6c:84:
cb:0f:25:c7:0c:13:1b:01:9c:b9:ca:66:ce:ff:24:
74:be:33:b8:b4:40:56:81:3b:4a:b4:66:21:1d:51:
bc:65:32:8c:4f:3d:1f:66:61:ee:74:91:50:e5:e3:
dc:a5:94:a8:a5:5a:a2:5e:da:32:3e:d0:31:55:08:
20:29:7b:33:05:26:e3:18:d2:bb:82:61:90:ab:cb:
b8:b4:09:4b:bb:1a:36:f6:ba:38:25:2f:d0:11:5a:
a9:81:bf:15:50:a7:70:30:d0:d6:cb:a1:9e:80:f7:
af:52:cc:06:d0:37:8a:12:7b:8b:58:0c:c0:5e:18:
2a:21:1a:03:77:6d:cc:39:18:c3:27:d4:39:38:35:
92:8d:43:dc:e0:21:1e:71:64:f7:20:04:c9:2b:7c:
2b:f8:0e:08:f2:9f:cb:db:4e:fa:52:a3:71:9f:82:
71:2f:70:a8:e3:44:b1:7a:ae:9d:1c:ff:5d:83:42:
f6:2a:ff:6b:4f:80:88:88:73:88:df:02:72:60:5d:
96:94:3a:99:69:30:81:2d:9e:07:1c:81:f4:53:cd:
17:99:0f:db:3b:8b:84:f9:6e:06:d3:04:e3:2f:71:
4a:b5:77:30:9f:6b:ce:82:57:d4:e8:f5:05:12:4b:
d3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:8B:48:2B:EF:98:32:D7:0B:55:A5:9C:70:6C:93:E5:D1:E9:37:B0
X509v3 Authority Key Identifier:
keyid:D0:B9:04:DF:5E:EC:22:16:B3:43:01:6C:5C:B2:4B:B9:0A:43:D3:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0LkE317sIhazQwFsXLJLuQpD06Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/6a7c93-87b4-4a4c-a21e-41a84f419ac5/1/DotIK--YMtcLVaWccGyT5dHpN7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/6a7c93-87b4-4a4c-a21e-41a84f419ac5/1/0LkE317sIhazQwFsXLJLuQpD06Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.190.32.0/21
185.73.160.0/22
IPv6:
2a05:43c0::/29
Signature Algorithm: sha256WithRSAEncryption
29:b3:71:ee:c2:23:b8:14:ac:7d:52:de:e7:ac:95:4b:5a:0b:
48:9c:eb:d0:bd:75:c0:25:14:b3:29:d1:f2:0a:27:ff:fa:78:
06:6c:c6:c4:3b:84:6d:35:3f:42:80:80:8c:c8:d4:15:e2:2d:
a1:c5:7c:cf:88:f8:f2:13:44:71:af:a2:6a:70:33:31:80:ad:
92:4d:9c:13:a3:19:a3:03:4d:e3:c7:e0:3e:68:65:b5:6d:bd:
40:d2:56:58:06:18:78:6c:9e:02:54:92:bf:b7:1d:1f:20:4d:
15:a2:46:8f:d8:03:c3:af:08:3a:32:e2:cd:9f:6b:08:b0:09:
7b:97:ff:34:f9:8a:2e:d9:0a:f7:66:8d:29:20:08:8d:51:48:
ae:52:d3:98:66:6a:f3:2f:41:6c:e9:0f:b5:bc:a4:7a:dc:cf:
b5:da:75:40:a1:ca:9c:c4:c2:68:1e:17:62:76:fa:f8:a7:5c:
3e:d0:3c:b8:7a:9b:74:9f:b0:5e:5e:c4:2c:58:ad:54:c8:3b:
6e:35:b4:5c:58:b5:d1:26:15:ec:3e:98:8b:01:f8:21:4f:21:
fe:f3:f6:0a:4d:a0:47:4c:7e:50:76:4a:72:e1:6a:d6:c9:ac:
32:25:d2:13:93:ea:a8:b8:f3:30:62:22:60:68:e4:7a:cf:17:
fa:b6:45:0b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxgxwsDJsFIz/7LZSZPiWLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwYjkwNGRmNWVlYzIyMTZiMzQzMDE2YzVjYjI0YmI5MGE0
M2QzYTQwHhcNMjMwMTAyMDgwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZThiNDgyYmVmOTgzMmQ3MGI1NWE1OWM3MDZjOTNlNWQxZTkzN2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAow4VOlVhwKVBQ2qfbITLDyXHDBMb
AZy5ymbO/yR0vjO4tEBWgTtKtGYhHVG8ZTKMTz0fZmHudJFQ5ePcpZSopVqiXtoy
PtAxVQggKXszBSbjGNK7gmGQq8u4tAlLuxo29ro4JS/QEVqpgb8VUKdwMNDWy6Ge
gPevUswG0DeKEnuLWAzAXhgqIRoDd23MORjDJ9Q5ODWSjUPc4CEecWT3IATJK3wr
+A4I8p/L2076UqNxn4JxL3Co40Sxeq6dHP9dg0L2Kv9rT4CIiHOI3wJyYF2WlDqZ
aTCBLZ4HHIH0U80XmQ/bO4uE+W4G0wTjL3FKtXcwn2vOglfU6PUFEkvTGwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFA6LSCvvmDLXC1WlnHBsk+XR6TewMB8GA1UdIwQY
MBaAFNC5BN9e7CIWs0MBbFyyS7kKQ9OkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMExrRTMxN3NJaGF6UXdGc1hMSkx1UXBEMDZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi82YTdjOTMtODdiNC00YTRjLWEyMWUt
NDFhODRmNDE5YWM1LzEvRG90SUstLVlNdGNMVmFXY2NHeVQ1ZEhwTjdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi82YTdjOTMtODdiNC00YTRjLWEyMWUtNDFhODRmNDE5YWM1
LzEvMExrRTMxN3NJaGF6UXdGc1hMSkx1UXBEMDZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDWb4gAwQC
uUmgMA0EAgACMAcDBQMqBUPAMA0GCSqGSIb3DQEBCwUAA4IBAQAps3HuwiO4FKx9
Ut7nrJVLWgtInOvQvXXAJRSzKdHyCif/+ngGbMbEO4RtNT9CgICMyNQV4i2hxXzP
iPjyE0Rxr6JqcDMxgK2STZwToxmjA03jx+A+aGW1bb1A0lZYBhh4bJ4CVJK/tx0f
IE0VokaP2APDrwg6MuLNn2sIsAl7l/80+You2Qr3Zo0pIAiNUUiuUtOYZmrzL0Fs
6Q+1vKR63M+12nVAocqcxMJoHhdidvr4p1w+0Dy4ept0n7BeXsQsWK1UyDtuNbRc
WLXRJhXsPpiLAfghTyH+8/YKTaBHTH5Qdkpy4WrWyawyJdITk+qouPMwYiJgaOR6
zxf6tkUL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:24 2024 by rpki-client on console-ams.rpki-client.org