Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/pb8jCIzNhvgFbZsmk07ebGIwLdA.roa
File: pb8jCIzNhvgFbZsmk07ebGIwLdA.roa (raw, json)
Hash identifier: H9JjuuJKd7wXBqLFW0yDAr0uwjng5LEhAPwF7KGYCmo=
Subject key identifier: A5:BF:23:08:8C:CD:86:F8:05:6D:9B:26:93:4E:DE:6C:62:30:2D:D0
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 018C824235D7FD33A7BD3485A59DD4CBDCB6
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/pb8jCIzNhvgFbZsmk07ebGIwLdA.roa
Signing time: Tue 19 Dec 2023 13:27:06 +0000
ROA not before: Tue 19 Dec 2023 13:27:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 215850
IP address blocks: 212.16.89.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:82:42:35:d7:fd:33:a7:bd:34:85:a5:9d:d4:cb:dc:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Dec 19 13:27:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5bf23088ccd86f8056d9b26934ede6c62302dd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:5f:2f:1c:bf:c2:56:75:ee:31:fb:de:b6:e9:
4d:71:d1:55:b5:25:ac:66:7f:4e:60:00:76:1f:af:
9b:a2:5c:8e:a8:c2:50:2c:dc:c7:a2:62:7e:66:aa:
5c:6a:87:4a:aa:17:20:07:8d:7d:c8:c9:13:52:b8:
b4:d6:7d:99:43:97:d2:c7:df:6c:67:a5:6f:95:99:
7f:ce:b1:58:30:6f:e9:5f:7c:51:e1:92:17:21:7e:
11:b8:49:ef:3c:d8:eb:e4:c2:40:8e:e8:1c:64:f6:
da:5c:ed:d0:7c:6a:c8:02:60:26:ea:37:8a:26:c9:
98:33:da:6f:05:5e:82:67:b7:e4:28:bb:fd:90:ee:
e6:5f:34:bf:9b:10:04:6b:1d:14:23:ed:a3:8e:d1:
03:be:c5:88:c9:7d:bc:14:01:aa:82:58:3c:35:fa:
e9:ee:e5:cd:40:a5:00:46:4f:8e:95:45:85:3c:bc:
fd:ce:a3:60:a5:2f:3b:d6:c3:aa:8d:32:8c:66:3e:
a5:f0:be:21:ef:be:8b:e0:51:de:1b:b8:38:c0:b4:
01:8b:f1:d5:bd:f9:56:97:07:a2:8c:1f:10:28:6f:
de:e3:5d:f0:fd:62:5f:5f:00:75:c6:fd:b1:65:3e:
b1:02:d4:ea:7b:d9:27:27:bd:0a:4d:54:92:07:1c:
29:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:BF:23:08:8C:CD:86:F8:05:6D:9B:26:93:4E:DE:6C:62:30:2D:D0
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/pb8jCIzNhvgFbZsmk07ebGIwLdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.16.89.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:b9:aa:28:65:ce:44:b6:91:24:9b:81:2c:73:09:fd:6d:dd:
97:6e:bd:5d:94:3c:38:03:da:27:a2:54:8f:5f:37:93:32:7b:
ca:3d:3f:32:5a:56:99:81:f6:1d:36:5e:26:11:aa:96:9e:aa:
64:3d:7c:fb:fc:7d:99:dc:da:00:37:52:d5:f3:1a:4f:b6:12:
9f:87:89:b8:e4:1d:cd:11:e4:17:5a:21:95:a0:b5:ad:95:58:
f8:3e:73:93:b9:63:d0:3f:10:69:7e:32:28:91:91:9c:4b:3c:
8f:13:63:09:2d:62:4f:10:86:50:61:a5:62:c6:fb:f8:64:2c:
b3:c4:f4:37:63:7e:93:6e:22:3b:42:60:0f:ff:17:04:17:17:
11:c2:6c:86:45:3d:b5:8f:22:bd:5a:06:12:c7:0b:48:ea:39:
b2:c6:b8:ba:3b:15:0f:29:30:71:77:a4:c7:b8:d2:b3:7f:c4:
b9:cc:ce:ae:8c:03:2b:d6:92:5d:aa:aa:98:51:9c:59:ae:2d:
ad:85:35:2a:eb:73:cc:57:5b:01:ac:fc:d0:65:07:fc:35:d6:
76:87:66:a2:75:02:40:cb:8b:9b:fb:2e:cb:e8:56:86:96:43:
25:92:3f:91:5e:d9:5f:3a:d8:30:92:12:ca:c9:e9:23:f3:38:
99:a3:49:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyCQjXX/TOnvTSFpZ3Uy9y2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjMxMjE5MTMyNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWJmMjMwODhjY2Q4NmY4MDU2ZDliMjY5MzRlZGU2YzYyMzAyZGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy18vHL/CVnXuMfvetulNcdFVtSWs
Zn9OYAB2H6+bolyOqMJQLNzHomJ+ZqpcaodKqhcgB419yMkTUri01n2ZQ5fSx99s
Z6VvlZl/zrFYMG/pX3xR4ZIXIX4RuEnvPNjr5MJAjugcZPbaXO3QfGrIAmAm6jeK
JsmYM9pvBV6CZ7fkKLv9kO7mXzS/mxAEax0UI+2jjtEDvsWIyX28FAGqglg8Nfrp
7uXNQKUARk+OlUWFPLz9zqNgpS871sOqjTKMZj6l8L4h776L4FHeG7g4wLQBi/HV
vflWlweijB8QKG/e413w/WJfXwB1xv2xZT6xAtTqe9knJ70KTVSSBxwphwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKW/IwiMzYb4BW2bJpNO3mxiMC3QMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvcGI4akNJek5odmdGYlpzbWswN2ViR0l3TGRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BBZMA0G
CSqGSIb3DQEBCwUAA4IBAQBquaooZc5EtpEkm4Escwn9bd2Xbr1dlDw4A9onolSP
XzeTMnvKPT8yWlaZgfYdNl4mEaqWnqpkPXz7/H2Z3NoAN1LV8xpPthKfh4m45B3N
EeQXWiGVoLWtlVj4PnOTuWPQPxBpfjIokZGcSzyPE2MJLWJPEIZQYaVixvv4ZCyz
xPQ3Y36TbiI7QmAP/xcEFxcRwmyGRT21jyK9WgYSxwtI6jmyxri6OxUPKTBxd6TH
uNKzf8S5zM6ujAMr1pJdqqqYUZxZri2thTUq63PMV1sBrPzQZQf8NdZ2h2aidQJA
y4ub+y7L6FaGlkMlkj+RXtlfOtgwkhLKyekj8ziZo0lq
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:48 2024 by rpki-client on console-ams.rpki-client.org