Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/t9BclKvgxrhBIBUH47dNGRDu2HQ.roa
File: t9BclKvgxrhBIBUH47dNGRDu2HQ.roa (raw, json)
Hash identifier: 7UWY9X3XFd0kbCY4MQJQ21I5hEGSG51TgCoT34gtJRY=
Subject key identifier: B7:D0:5C:94:AB:E0:C6:B8:41:20:15:07:E3:B7:4D:19:10:EE:D8:74
Certificate issuer: /CN=f82554a856a422b061ae64c577630f91d408cd4a
Certificate serial: 018CC94D476EE0B273277B6077BFDA3B271A
Authority key identifier: F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/t9BclKvgxrhBIBUH47dNGRDu2HQ.roa
Signing time: Tue 02 Jan 2024 08:32:14 +0000
ROA not before: Tue 02 Jan 2024 08:32:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207849
IP address blocks: 89.234.164.0/22 maxlen: 22
89.234.168.0/22 maxlen: 22
2a00:5881:b100::/40 maxlen: 40
Validation: Failed, certificate revoked on Fri 12 Apr 2024 17:28:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:47:6e:e0:b2:73:27:7b:60:77:bf:da:3b:27:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f82554a856a422b061ae64c577630f91d408cd4a
Validity
Not Before: Jan 2 08:32:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7d05c94abe0c6b841201507e3b74d1910eed874
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:89:3a:2d:4a:b5:23:9d:a7:06:ad:9e:d6:72:
ad:ae:fd:65:b5:42:0f:39:6e:b2:0e:ed:30:ac:bb:
e9:d3:23:36:7c:15:0f:52:ea:66:33:b3:ad:a7:eb:
a4:4b:76:c5:92:aa:bb:69:ba:fb:e3:ad:d6:2d:98:
5f:22:e9:5b:10:a6:fd:80:5b:4d:80:a9:43:fb:e1:
0d:25:d6:40:91:56:4c:7e:0f:86:54:ec:60:1d:b0:
3f:fb:3d:73:90:e8:38:fc:e9:c8:2e:a1:07:a8:ae:
ef:57:e9:c0:46:a3:be:4c:83:9a:4a:b5:69:8b:e4:
9a:52:2d:40:c9:dc:67:18:e0:65:27:ba:c8:67:aa:
34:2a:61:a6:57:bc:6f:7c:f3:64:99:59:bc:c0:74:
20:3d:7b:9f:b8:1d:2e:e7:80:5c:18:80:b8:72:2a:
d7:3e:00:f2:2f:9b:19:8b:05:70:01:fc:75:ee:d4:
a2:23:db:fa:9e:53:31:42:09:fb:b0:d4:57:f3:2d:
57:27:99:52:b1:2b:ef:fc:01:1a:0b:a4:e8:cf:21:
2a:10:a5:a7:e5:04:a1:1f:0f:24:68:9e:9b:23:4c:
ad:35:ca:37:f4:af:fa:9a:92:ab:b4:14:95:d0:72:
2b:ab:e5:9d:de:26:d3:81:b6:23:0b:e9:3d:18:cd:
26:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:D0:5C:94:AB:E0:C6:B8:41:20:15:07:E3:B7:4D:19:10:EE:D8:74
X509v3 Authority Key Identifier:
keyid:F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/t9BclKvgxrhBIBUH47dNGRDu2HQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.234.164.0-89.234.171.255
IPv6:
2a00:5881:b100::/40
Signature Algorithm: sha256WithRSAEncryption
28:59:fd:50:31:d6:fc:bc:97:81:fa:e8:67:a7:f5:85:d7:33:
f0:b4:75:59:63:48:c8:20:45:3e:ea:90:b3:78:a4:8b:60:e7:
8a:5d:c5:c2:d9:aa:b5:a8:88:8d:df:e5:0b:34:2a:4b:0a:27:
1c:a7:f9:3f:d8:e0:1a:68:b2:c6:59:e8:3a:dd:35:06:1a:14:
7f:e0:e6:06:81:12:61:f2:27:34:bd:26:a4:e7:11:0d:1d:4f:
3c:0d:a4:15:3f:20:36:b3:dc:9e:fd:00:6f:b4:b5:3d:14:00:
83:8e:48:59:0e:75:d6:07:b6:6f:0e:41:fc:fc:98:93:47:32:
66:3c:df:0f:e1:bc:be:71:ca:d1:cc:f1:96:21:6b:67:0b:cf:
43:02:f3:d9:29:ad:54:54:c6:d1:a1:25:85:3d:e6:17:4c:bf:
e0:a6:0e:29:24:8d:b5:ec:3c:cb:e0:9d:ca:ad:1a:42:f1:21:
84:76:57:90:93:18:f6:6f:59:38:d9:2a:b0:71:6f:ae:fa:cb:
5c:fc:b6:13:e6:65:0e:e8:f9:b8:cc:7e:4a:21:3a:04:7b:29:
f5:4f:79:c3:eb:66:69:5f:76:e9:68:a4:56:ec:f3:96:ed:17:
76:c7:29:fb:8b:34:2f:3e:aa:86:cb:a0:cb:e0:7b:b9:a0:45:
55:53:f7:5d
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzJTUdu4LJzJ3tgd7/aOycaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MjU1NGE4NTZhNDIyYjA2MWFlNjRjNTc3NjMwZjkxZDQw
OGNkNGEwHhcNMjQwMTAyMDgzMjE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2QwNWM5NGFiZTBjNmI4NDEyMDE1MDdlM2I3NGQxOTEwZWVkODc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIk6LUq1I52nBq2e1nKtrv1ltUIP
OW6yDu0wrLvp0yM2fBUPUupmM7Otp+ukS3bFkqq7abr7463WLZhfIulbEKb9gFtN
gKlD++ENJdZAkVZMfg+GVOxgHbA/+z1zkOg4/OnILqEHqK7vV+nARqO+TIOaSrVp
i+SaUi1AydxnGOBlJ7rIZ6o0KmGmV7xvfPNkmVm8wHQgPXufuB0u54BcGIC4cirX
PgDyL5sZiwVwAfx17tSiI9v6nlMxQgn7sNRX8y1XJ5lSsSvv/AEaC6TozyEqEKWn
5QShHw8kaJ6bI0ytNco39K/6mpKrtBSV0HIrq+Wd3ibTgbYjC+k9GM0mLQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLfQXJSr4Ma4QSAVB+O3TRkQ7th0MB8GA1UdIwQY
MBaAFPglVKhWpCKwYa5kxXdjD5HUCM1KMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1DVlVxRmFrSXJCaHJtVEZkMk1Qa2RRSXpVby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNm
LTk2NWQ2ZDYwM2JmYS8xL3Q5QmNsS3ZneHJoQklCVUg0N2ROR1JEdTJIUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNmLTk2NWQ2ZDYwM2Jm
YS8xLzEtQ1ZVcUZha0lyQmhybVRGZDJNUGtkUUl6VW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMBQEAgABMA4wDAMEAlnq
pAMEAlnqqDAOBAIAAjAIAwYAKgBYgbEwDQYJKoZIhvcNAQELBQADggEBAChZ/VAx
1vy8l4H66Gen9YXXM/C0dVljSMggRT7qkLN4pItg54pdxcLZqrWoiI3f5Qs0KksK
Jxyn+T/Y4BpossZZ6DrdNQYaFH/g5gaBEmHyJzS9JqTnEQ0dTzwNpBU/IDaz3J79
AG+0tT0UAIOOSFkOddYHtm8OQfz8mJNHMmY83w/hvL5xytHM8ZYha2cLz0MC89kp
rVRUxtGhJYU95hdMv+CmDikkjbXsPMvgncqtGkLxIYR2V5CTGPZvWTjZKrBxb676
y1z8thPmZQ7o+bjMfkohOgR7KfVPecPrZmlfdulopFbs85btF3bHKfuLNC8+qobL
oMvge7mgRVVT910=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:25 2024 by rpki-client on console-ams.rpki-client.org