Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/0KyNOSoHEfJiK7ZUMA4SDGvmdlY.roa
File: 0KyNOSoHEfJiK7ZUMA4SDGvmdlY.roa (raw, json)
Hash identifier: AALri9QKc+oclw8WdiBQh4KPkhpnOAyYfEP3pPueZ/Q=
Subject key identifier: D0:AC:8D:39:2A:07:11:F2:62:2B:B6:54:30:0E:12:0C:6B:E6:76:56
Certificate issuer: /CN=f82554a856a422b061ae64c577630f91d408cd4a
Certificate serial: 0185E408B1B67DABEF9A340D82BE5919B8DD
Authority key identifier: F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/0KyNOSoHEfJiK7ZUMA4SDGvmdlY.roa
Signing time: Tue 24 Jan 2023 13:47:33 +0000
ROA not before: Tue 24 Jan 2023 13:47:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207849
IP address blocks: 89.234.164.0/22 maxlen: 22
2a00:5881:b100::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 23 Feb 2023 11:17:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:08:b1:b6:7d:ab:ef:9a:34:0d:82:be:59:19:b8:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f82554a856a422b061ae64c577630f91d408cd4a
Validity
Not Before: Jan 24 13:47:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0ac8d392a0711f2622bb654300e120c6be67656
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:6e:5e:15:4f:64:83:29:c1:4a:19:5e:5b:4d:
7c:f7:bb:80:b4:e7:ab:a9:af:5a:c7:48:e8:77:16:
37:90:b4:9c:b2:8d:29:ce:e3:5d:c6:1d:75:4d:e1:
16:07:fc:95:32:77:af:91:19:20:6a:c2:c5:59:39:
b7:21:54:40:41:46:f2:a7:47:f0:1a:57:33:10:13:
47:b9:47:e3:1c:2b:02:5b:4f:e8:fb:9f:f5:ec:3d:
ec:69:e9:06:a0:8d:e4:78:69:5f:d4:a2:20:ba:6e:
50:c0:e0:32:e6:da:8e:0b:ee:6d:5b:c2:22:24:63:
43:62:90:d0:63:00:53:06:26:91:e9:4b:23:06:7a:
f4:75:88:24:cc:bf:18:7d:2b:fa:4f:30:0f:28:85:
8f:91:b2:4f:2f:6e:1f:13:4c:64:3c:4f:89:7a:e1:
f5:cb:0e:d3:98:87:11:92:75:04:88:da:35:a0:e9:
33:01:47:0b:e8:1c:fb:1b:fa:5c:5f:9a:aa:96:9a:
c9:9a:c3:a7:5b:6d:b1:0d:36:84:c5:0c:2e:60:49:
4c:a3:71:7d:56:c5:6a:35:5c:8b:95:0a:0a:cb:73:
15:84:f4:db:56:d2:05:2f:6c:b8:bd:04:5c:89:0a:
8c:f9:81:73:36:3e:a3:48:b5:0b:9d:c0:0c:66:f3:
2b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:AC:8D:39:2A:07:11:F2:62:2B:B6:54:30:0E:12:0C:6B:E6:76:56
X509v3 Authority Key Identifier:
keyid:F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/0KyNOSoHEfJiK7ZUMA4SDGvmdlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.234.164.0/22
IPv6:
2a00:5881:b100::/40
Signature Algorithm: sha256WithRSAEncryption
90:b3:db:7a:b7:d4:21:e9:1e:63:8d:c0:38:3d:1a:50:f1:1f:
d4:10:24:23:ca:97:62:bd:96:f8:60:88:77:11:d7:69:84:6a:
ef:55:05:da:45:30:f1:64:86:d7:a3:af:27:31:4a:22:00:84:
3a:95:23:f6:e4:1c:38:db:78:3a:5a:9b:c8:f6:3d:dc:f0:5f:
3c:ad:36:3f:63:0b:61:0f:b5:44:be:47:3b:e4:64:e0:7f:91:
c9:be:98:b9:8c:69:1c:23:e4:93:56:15:93:2e:04:e9:ca:2b:
f4:dd:80:e1:a8:17:95:34:7e:ac:08:3b:50:3e:9d:0b:1a:eb:
75:9d:ad:1e:08:2d:bf:17:94:bd:69:bf:0e:5f:f6:f6:51:6f:
bc:16:fe:68:68:a8:8f:bf:ab:27:50:dd:b1:91:84:77:ab:90:
bc:ef:bd:49:b4:0d:f2:4b:d5:69:f6:9a:67:a4:12:b0:a1:cb:
4f:26:79:81:c6:47:d3:f9:fd:67:08:1c:4c:ff:8a:30:6e:4f:
7c:d5:cf:25:56:fc:b2:7f:1b:f9:80:66:af:86:3a:7c:81:93:
25:c8:88:0b:12:d2:d8:8a:44:94:a4:e0:bf:5a:f6:85:71:23:
1d:a5:39:cd:b9:63:f1:b4:6d:47:6f:28:0d:8e:b1:b8:c7:13:
ed:0d:0c:85
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYXkCLG2favvmjQNgr5ZGbjdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MjU1NGE4NTZhNDIyYjA2MWFlNjRjNTc3NjMwZjkxZDQw
OGNkNGEwHhcNMjMwMTI0MTM0NzMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGFjOGQzOTJhMDcxMWYyNjIyYmI2NTQzMDBlMTIwYzZiZTY3NjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqW5eFU9kgynBShleW01897uAtOer
qa9ax0jodxY3kLScso0pzuNdxh11TeEWB/yVMnevkRkgasLFWTm3IVRAQUbyp0fw
GlczEBNHuUfjHCsCW0/o+5/17D3saekGoI3keGlf1KIgum5QwOAy5tqOC+5tW8Ii
JGNDYpDQYwBTBiaR6UsjBnr0dYgkzL8YfSv6TzAPKIWPkbJPL24fE0xkPE+JeuH1
yw7TmIcRknUEiNo1oOkzAUcL6Bz7G/pcX5qqlprJmsOnW22xDTaExQwuYElMo3F9
VsVqNVyLlQoKy3MVhPTbVtIFL2y4vQRciQqM+YFzNj6jSLULncAMZvMrTQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNCsjTkqBxHyYiu2VDAOEgxr5nZWMB8GA1UdIwQY
MBaAFPglVKhWpCKwYa5kxXdjD5HUCM1KMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1DVlVxRmFrSXJCaHJtVEZkMk1Qa2RRSXpVby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNm
LTk2NWQ2ZDYwM2JmYS8xLzBLeU5PU29IRWZKaUs3WlVNQTRTREd2bWRsWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNmLTk2NWQ2ZDYwM2Jm
YS8xLzEtQ1ZVcUZha0lyQmhybVRGZDJNUGtkUUl6VW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLwYIKwYBBQUHAQcBAf8EIDAeMAwEAgABMAYDBAJZ6qQw
DgQCAAIwCAMGACoAWIGxMA0GCSqGSIb3DQEBCwUAA4IBAQCQs9t6t9Qh6R5jjcA4
PRpQ8R/UECQjypdivZb4YIh3EddphGrvVQXaRTDxZIbXo68nMUoiAIQ6lSP25Bw4
23g6WpvI9j3c8F88rTY/YwthD7VEvkc75GTgf5HJvpi5jGkcI+STVhWTLgTpyiv0
3YDhqBeVNH6sCDtQPp0LGut1na0eCC2/F5S9ab8OX/b2UW+8Fv5oaKiPv6snUN2x
kYR3q5C8771JtA3yS9Vp9ppnpBKwoctPJnmBxkfT+f1nCBxM/4owbk981c8lVvyy
fxv5gGavhjp8gZMlyIgLEtLYikSUpOC/WvaFcSMdpTnNuWPxtG1HbygNjrG4xxPt
DQyF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:25 2024 by rpki-client on console-ams.rpki-client.org