Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/tVMSF1f6TWGHuN7RhzgXb6BQdA8.roa
File: tVMSF1f6TWGHuN7RhzgXb6BQdA8.roa (raw, json)
Hash identifier: LyF+ws8q7TNbv33DWCTLXgDr90h1iQh/HZYvt3X5fEk=
Subject key identifier: B5:53:12:17:57:FA:4D:61:87:B8:DE:D1:87:38:17:6F:A0:50:74:0F
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 018937A77BA67DC91E18A47C09F565D7F9A5
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/tVMSF1f6TWGHuN7RhzgXb6BQdA8.roa
Signing time: Sat 08 Jul 2023 22:37:50 +0000
ROA not before: Sat 08 Jul 2023 22:37:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207141
IP address blocks: 89.44.240.0/22 maxlen: 22
89.44.240.0/24 maxlen: 24
89.44.241.0/24 maxlen: 24
89.44.242.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:37:a7:7b:a6:7d:c9:1e:18:a4:7c:09:f5:65:d7:f9:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jul 8 22:37:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b553121757fa4d6187b8ded18738176fa050740f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2c:e2:94:45:e3:cd:26:84:11:e8:18:88:42:
36:f4:62:b7:ba:8c:6d:98:e8:c8:ba:68:7d:05:4e:
18:5c:c1:a2:33:d7:5d:70:94:d9:0c:0e:7c:3e:35:
f8:37:1c:70:e6:a7:af:72:54:39:91:80:7a:f0:cc:
2d:98:f6:3f:ce:49:5b:11:62:cf:dc:15:f8:b5:ed:
22:7d:39:fe:47:6f:34:14:b3:02:7e:f7:18:c6:50:
31:dc:66:23:c8:84:91:35:5e:28:95:ad:16:92:c8:
05:df:6d:af:a4:c6:dc:24:e0:8b:f9:37:41:9f:bb:
25:f1:43:40:96:0b:e2:8b:8a:8f:70:3b:e8:1b:de:
53:ac:d8:d3:6e:14:4e:9e:db:8c:05:5c:f7:25:40:
ba:ab:f5:9b:ef:d1:3f:24:da:36:77:c5:02:e7:de:
fe:ec:9a:fc:69:05:81:b4:12:aa:14:46:b6:d3:ad:
9a:ba:3d:8f:08:6d:14:3e:fb:39:60:0d:a8:ca:51:
8e:ec:82:06:c9:7a:6b:7d:d7:51:06:4e:93:77:d9:
fb:0e:6d:23:fc:f3:43:97:c3:01:5e:59:63:21:3e:
5d:7a:5d:db:c8:74:cc:2b:3c:fe:7f:15:9b:36:9a:
d5:5d:a9:43:95:f2:7c:07:1f:c2:ca:91:de:2e:bd:
b0:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:53:12:17:57:FA:4D:61:87:B8:DE:D1:87:38:17:6F:A0:50:74:0F
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/tVMSF1f6TWGHuN7RhzgXb6BQdA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.240.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:fc:ef:22:c5:06:a5:0f:35:87:fa:70:81:df:5c:f9:12:28:
60:e1:8b:46:d7:17:08:11:9c:e2:cf:04:bd:2a:5e:f0:66:0c:
76:98:6c:71:ec:0d:99:bd:85:94:a5:c2:79:ed:98:60:ec:41:
8d:d5:23:79:33:98:4b:0f:95:75:c9:90:00:ab:43:da:aa:95:
43:b6:cc:21:75:50:c0:e5:de:7c:77:94:75:9d:5f:28:aa:8e:
c4:df:3f:fa:5a:40:0c:49:46:07:cc:c8:32:1c:dc:b3:4c:86:
25:a8:f1:80:c1:09:4b:58:d3:23:45:ae:69:e7:01:0d:2e:e6:
19:d6:94:b2:49:3d:cc:8c:e4:59:b9:de:14:df:1c:24:37:e4:
c3:e2:db:42:ba:b2:db:03:51:ce:07:27:31:21:ab:e9:46:a4:
bb:1e:41:02:de:0a:1a:b3:32:dd:7e:8e:75:01:4c:e1:45:4d:
58:75:3e:ce:2e:5b:c2:58:32:ca:b1:86:4f:2e:0f:a5:a3:9b:
b9:69:31:4f:b8:bf:8b:30:02:fc:00:00:88:67:e1:26:1d:b6:
ae:29:e5:b4:1c:e8:b7:44:03:2a:80:b3:b8:3a:a5:dc:fe:34:
17:09:3a:45:a0:c3:d9:68:04:5c:3d:ad:ca:67:45:fc:7a:40:
44:ae:79:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYk3p3umfckeGKR8CfVl1/mlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMwNzA4MjIzNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTUzMTIxNzU3ZmE0ZDYxODdiOGRlZDE4NzM4MTc2ZmEwNTA3NDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyzilEXjzSaEEegYiEI29GK3uoxt
mOjIumh9BU4YXMGiM9ddcJTZDA58PjX4Nxxw5qevclQ5kYB68MwtmPY/zklbEWLP
3BX4te0ifTn+R280FLMCfvcYxlAx3GYjyISRNV4ola0WksgF322vpMbcJOCL+TdB
n7sl8UNAlgvii4qPcDvoG95TrNjTbhROntuMBVz3JUC6q/Wb79E/JNo2d8UC597+
7Jr8aQWBtBKqFEa2062auj2PCG0UPvs5YA2oylGO7IIGyXprfddRBk6Td9n7Dm0j
/PNDl8MBXlljIT5del3byHTMKzz+fxWbNprVXalDlfJ8Bx/CypHeLr2w8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLVTEhdX+k1hh7je0Yc4F2+gUHQPMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvdFZNU0YxZjZUV0dIdU43Umh6Z1hiNkJRZEE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWSzwMA0G
CSqGSIb3DQEBCwUAA4IBAQCK/O8ixQalDzWH+nCB31z5Eihg4YtG1xcIEZzizwS9
Kl7wZgx2mGxx7A2ZvYWUpcJ57Zhg7EGN1SN5M5hLD5V1yZAAq0PaqpVDtswhdVDA
5d58d5R1nV8oqo7E3z/6WkAMSUYHzMgyHNyzTIYlqPGAwQlLWNMjRa5p5wENLuYZ
1pSyST3MjORZud4U3xwkN+TD4ttCurLbA1HOBycxIavpRqS7HkEC3goaszLdfo51
AUzhRU1YdT7OLlvCWDLKsYZPLg+lo5u5aTFPuL+LMAL8AACIZ+EmHbauKeW0HOi3
RAMqgLO4OqXc/jQXCTpFoMPZaARcPa3KZ0X8ekBErnlr
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:26 2023 by rpki-client on console-fra.rpki-client.org