Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/oWEtamiPloiLKXTEQckICnr2qQI.roa
File: oWEtamiPloiLKXTEQckICnr2qQI.roa (raw, json)
Hash identifier: GK5OHGAVk4EDrDRHLsu8Sfg67RZ9KZYRCLTFm3JwQ3g=
Subject key identifier: A1:61:2D:6A:68:8F:96:88:8B:29:74:C4:41:C9:08:0A:7A:F6:A9:02
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 0189D69ECC1867BBC5FD6B9DF07C24DA5888
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/oWEtamiPloiLKXTEQckICnr2qQI.roa
Signing time: Tue 08 Aug 2023 19:27:58 +0000
ROA not before: Tue 08 Aug 2023 19:27:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207141
IP address blocks: 89.44.242.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d6:9e:cc:18:67:bb:c5:fd:6b:9d:f0:7c:24:da:58:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Aug 8 19:27:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1612d6a688f96888b2974c441c9080a7af6a902
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:21:b2:77:26:2c:7f:10:d8:fe:0e:36:70:20:
6e:65:2e:42:ed:d7:54:83:9e:7d:d5:df:4a:a7:9d:
e8:72:f1:cc:83:4a:ba:e4:bd:47:2a:0b:fe:a9:a8:
0a:fb:61:0f:f5:f6:2b:a5:cb:0c:ce:c3:39:9d:c4:
ef:44:2c:68:e2:3c:8d:09:33:f9:5a:91:17:76:dd:
41:c5:ca:b7:e3:b2:ae:90:5c:51:71:2f:d5:1b:88:
b1:57:00:b3:0e:f2:1a:cf:a3:13:cd:63:35:62:ab:
72:40:fd:d5:62:20:27:e1:0e:d3:95:68:82:49:70:
fc:e2:45:ea:f8:ea:de:b5:c8:2e:a8:dd:53:a0:fd:
0e:8e:df:3f:70:40:be:7f:ac:ed:ab:88:a5:31:b9:
20:d2:b2:12:6d:dd:91:d4:d3:44:a1:ce:1b:1b:b7:
02:3b:b7:c5:90:3e:8a:87:db:1a:9f:dd:8e:58:05:
eb:39:9e:fa:b1:ac:f5:fb:58:82:a9:22:2e:0f:49:
8a:59:66:cc:32:23:dd:d1:54:b7:7f:67:f0:7c:32:
fd:8c:fe:4e:5d:6c:94:d3:7a:80:db:fb:a5:af:c7:
ba:7e:73:64:0f:3f:d1:fc:56:12:89:a7:ea:e4:4e:
3a:2c:45:80:0c:f4:c3:bd:45:72:d4:b4:9d:bd:05:
ed:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:61:2D:6A:68:8F:96:88:8B:29:74:C4:41:C9:08:0A:7A:F6:A9:02
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/oWEtamiPloiLKXTEQckICnr2qQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.242.0/24
Signature Algorithm: sha256WithRSAEncryption
24:c8:1f:e6:2f:bb:c2:b2:b4:2e:fc:91:1f:52:b9:24:c2:8e:
3d:4a:39:6a:eb:0a:ad:9e:01:9e:2f:19:cf:59:d1:42:dc:74:
d1:7a:7f:c0:33:26:c7:83:b7:23:e9:66:26:a4:fb:49:92:ed:
7c:b2:4e:6a:2c:c9:25:44:35:6e:4a:91:80:8f:10:40:b0:00:
9f:91:4b:02:7b:de:04:1d:39:e4:7c:0a:3e:30:9d:e4:3d:5e:
8a:a1:2c:e3:2c:2b:1f:0b:8b:9c:59:b3:03:e8:f2:66:dc:aa:
c3:af:b0:20:1e:1c:c4:01:0a:cc:3b:65:b4:6a:a8:76:0b:5f:
24:8e:22:66:b2:7e:b7:ba:79:ff:d3:67:5c:7b:cf:84:98:f0:
83:37:55:75:cb:56:72:e4:02:de:d0:9e:f0:a2:f7:9a:25:55:
3c:79:56:de:d4:3b:86:13:47:60:75:1a:b0:99:08:51:82:ce:
7e:1c:d4:c2:71:71:96:1a:f8:a5:9d:7d:f3:70:ed:65:37:eb:
81:aa:e8:86:ae:6b:bb:72:0e:a6:c7:0d:72:a4:d9:c5:4c:ce:
0a:96:83:47:39:e3:b8:77:33:e1:f7:e2:ab:f0:b0:91:23:c1:
3d:e1:19:8a:a4:09:47:d6:a2:4c:46:0e:55:c9:99:4d:a1:d2:
60:b0:6d:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnWnswYZ7vF/Wud8Hwk2liIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMwODA4MTkyNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTYxMmQ2YTY4OGY5Njg4OGIyOTc0YzQ0MWM5MDgwYTdhZjZhOTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgiGydyYsfxDY/g42cCBuZS5C7ddU
g5591d9Kp53ocvHMg0q65L1HKgv+qagK+2EP9fYrpcsMzsM5ncTvRCxo4jyNCTP5
WpEXdt1Bxcq347KukFxRcS/VG4ixVwCzDvIaz6MTzWM1YqtyQP3VYiAn4Q7TlWiC
SXD84kXq+OretcguqN1ToP0Ojt8/cEC+f6ztq4ilMbkg0rISbd2R1NNEoc4bG7cC
O7fFkD6Kh9san92OWAXrOZ76saz1+1iCqSIuD0mKWWbMMiPd0VS3f2fwfDL9jP5O
XWyU03qA2/ulr8e6fnNkDz/R/FYSiafq5E46LEWADPTDvUVy1LSdvQXtyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKFhLWpoj5aIiyl0xEHJCAp69qkCMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvb1dFdGFtaVBsb2lMS1hURVFja0lDbnIycVFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSzyMA0G
CSqGSIb3DQEBCwUAA4IBAQAkyB/mL7vCsrQu/JEfUrkkwo49Sjlq6wqtngGeLxnP
WdFC3HTRen/AMybHg7cj6WYmpPtJku18sk5qLMklRDVuSpGAjxBAsACfkUsCe94E
HTnkfAo+MJ3kPV6KoSzjLCsfC4ucWbMD6PJm3KrDr7AgHhzEAQrMO2W0aqh2C18k
jiJmsn63unn/02dce8+EmPCDN1V1y1Zy5ALe0J7woveaJVU8eVbe1DuGE0dgdRqw
mQhRgs5+HNTCcXGWGvilnX3zcO1lN+uBquiGrmu7cg6mxw1ypNnFTM4KloNHOeO4
dzPh9+Kr8LCRI8E94RmKpAlH1qJMRg5VyZlNodJgsG3O
-----END CERTIFICATE-----
Generated at Thu Aug 10 05:03:16 2023 by rpki-client on console-fra.rpki-client.org