Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/xmcnCAo6YWJ63W5VhDK2R5m2m4k.roa
File: xmcnCAo6YWJ63W5VhDK2R5m2m4k.roa (raw, json)
Hash identifier: V2oKj2HZH0AIvLoaAFP1ddy3GMww25Ck2K1U6mY25RY=
Subject key identifier: C6:67:27:08:0A:3A:61:62:7A:DD:6E:55:84:32:B6:47:99:B6:9B:89
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 018AEFFBD995FBD1D33A2CD10771983E8198
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/xmcnCAo6YWJ63W5VhDK2R5m2m4k.roa
Signing time: Mon 02 Oct 2023 10:42:54 +0000
ROA not before: Mon 02 Oct 2023 10:42:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48359
IP address blocks: 89.44.240.0/24 maxlen: 24
89.42.44.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 04 Oct 2023 08:20:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:fb:d9:95:fb:d1:d3:3a:2c:d1:07:71:98:3e:81:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Oct 2 10:42:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c66727080a3a61627add6e558432b64799b69b89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:55:4c:73:7a:f0:4d:88:db:a1:fb:73:3a:3a:
11:51:fd:14:76:fc:3f:5b:b6:3e:a5:54:50:d5:ec:
a2:1b:e7:6a:09:a4:33:47:61:93:0d:0f:44:12:7a:
e7:13:79:95:5b:57:d0:44:11:ac:b0:b0:9a:b4:cf:
cf:86:4c:b1:38:2d:e6:a3:57:d9:55:7a:5b:fb:2a:
48:39:cd:a3:c3:58:73:30:78:5a:a6:67:b1:95:4d:
99:1e:fc:69:f6:88:fc:d8:90:a1:b4:92:4b:ba:18:
81:21:b0:52:a2:03:b3:4b:23:41:9a:f2:3c:11:ef:
44:c5:0d:e4:ec:b2:01:36:fd:a8:f2:dc:5f:6d:d5:
de:d7:60:77:30:fc:65:d4:5a:22:53:c1:44:ab:fd:
6c:9a:a7:8a:55:15:ce:7d:f1:7a:d8:bf:13:f3:63:
33:53:e2:84:10:9c:fb:e3:24:60:d4:c4:d3:a8:1a:
57:91:97:bf:d0:43:b4:38:23:18:c3:f6:1d:16:25:
98:a6:21:ec:4c:83:4d:5e:1d:bc:dc:48:06:9e:39:
40:72:cb:0b:b8:93:ab:35:b7:2e:4f:34:07:5f:9f:
68:69:bc:61:2e:5c:d9:ba:e9:d7:06:8c:56:96:ed:
d8:aa:91:a6:4f:76:fe:ed:84:be:14:e6:d1:d2:18:
23:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:67:27:08:0A:3A:61:62:7A:DD:6E:55:84:32:B6:47:99:B6:9B:89
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/xmcnCAo6YWJ63W5VhDK2R5m2m4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.44.0/22
89.44.240.0/24
Signature Algorithm: sha256WithRSAEncryption
63:5b:ae:97:4c:a7:ea:a8:e0:30:f4:3c:45:77:a2:d5:8c:e0:
f9:16:3a:3b:6d:0c:92:2c:73:72:f1:00:43:85:d0:aa:43:8e:
cf:2d:9c:a5:df:58:4b:7b:ef:9c:5c:68:05:53:3c:d0:7c:a4:
95:78:c1:0d:11:c2:2f:7b:fe:cc:f7:34:ad:9f:99:7f:66:29:
aa:7c:39:fb:b1:27:a4:77:ad:bc:bb:95:4f:9d:2f:bd:0e:8c:
17:8e:2f:89:35:b6:50:64:04:be:e0:94:1d:b2:2e:15:07:74:
33:5a:d0:28:e7:14:0c:2d:fc:bf:79:98:d3:da:62:b8:68:8a:
c4:b9:7a:f3:fb:67:00:30:1b:d1:ea:d5:5b:6b:84:a4:97:ea:
2d:6e:4d:c4:b4:2d:6c:28:d9:a1:6e:32:77:e0:43:ce:06:25:
07:1e:c0:c4:3e:64:8d:84:b0:9e:ba:82:ee:06:3c:a2:97:29:
27:61:bd:64:5e:83:19:d3:51:fa:d4:c5:3f:52:0c:a1:dc:a8:
95:1c:18:bf:2d:37:25:ec:87:cb:ae:b8:13:5c:15:87:21:f2:
85:04:35:02:3f:ea:f0:ae:a8:60:b6:08:f1:29:7d:bb:bc:d1:
31:ed:5d:9c:8f:d6:4d:25:1c:66:be:6e:f1:31:90:60:13:f1:
6d:cc:c7:19
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrv+9mV+9HTOizRB3GYPoGYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMxMDAyMTA0MjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjY3MjcwODBhM2E2MTYyN2FkZDZlNTU4NDMyYjY0Nzk5YjY5Yjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4lVMc3rwTYjboftzOjoRUf0Udvw/
W7Y+pVRQ1eyiG+dqCaQzR2GTDQ9EEnrnE3mVW1fQRBGssLCatM/PhkyxOC3mo1fZ
VXpb+ypIOc2jw1hzMHhapmexlU2ZHvxp9oj82JChtJJLuhiBIbBSogOzSyNBmvI8
Ee9ExQ3k7LIBNv2o8txfbdXe12B3MPxl1FoiU8FEq/1smqeKVRXOffF62L8T82Mz
U+KEEJz74yRg1MTTqBpXkZe/0EO0OCMYw/YdFiWYpiHsTINNXh283EgGnjlAcssL
uJOrNbcuTzQHX59oabxhLlzZuunXBoxWlu3YqpGmT3b+7YS+FObR0hgjhQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMZnJwgKOmFiet1uVYQytkeZtpuJMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEveG1jbkNBbzZZV0o2M1c1VmhESzJSNW0ybTRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWSosAwQA
WSzwMA0GCSqGSIb3DQEBCwUAA4IBAQBjW66XTKfqqOAw9DxFd6LVjOD5Fjo7bQyS
LHNy8QBDhdCqQ47PLZyl31hLe++cXGgFUzzQfKSVeMENEcIve/7M9zStn5l/Zimq
fDn7sSekd628u5VPnS+9DowXji+JNbZQZAS+4JQdsi4VB3QzWtAo5xQMLfy/eZjT
2mK4aIrEuXrz+2cAMBvR6tVba4Skl+otbk3EtC1sKNmhbjJ34EPOBiUHHsDEPmSN
hLCeuoLuBjyilyknYb1kXoMZ01H61MU/Ugyh3KiVHBi/LTcl7IfLrrgTXBWHIfKF
BDUCP+rwrqhgtgjxKX27vNEx7V2cj9ZNJRxmvm7xMZBgE/FtzMcZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:49 2024 by rpki-client on console-ams.rpki-client.org