Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/185cb5-4752-43b8-8e46-c43ab2a12d55/1/0gvjWfsrCwIuDjFsCtjMwTpgb-c.roa
File: 0gvjWfsrCwIuDjFsCtjMwTpgb-c.roa (raw, json)
Hash identifier: sn/4I4B12dM9DGSXr+IrWYx/XxdKQIqIkv3pAabqWtY=
Subject key identifier: D2:0B:E3:59:FB:2B:0B:02:2E:0E:31:6C:0A:D8:CC:C1:3A:60:6F:E7
Certificate issuer: /CN=87f41ae0779e37defc69b2a5b0f7ab8fd40cd3e7
Certificate serial: 018DC77E011E6ABF17806DB9B050F79388DE
Authority key identifier: 87:F4:1A:E0:77:9E:37:DE:FC:69:B2:A5:B0:F7:AB:8F:D4:0C:D3:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h_Qa4HeeN978abKlsPerj9QM0-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/185cb5-4752-43b8-8e46-c43ab2a12d55/1/0gvjWfsrCwIuDjFsCtjMwTpgb-c.roa
Signing time: Tue 20 Feb 2024 17:09:00 +0000
ROA not before: Tue 20 Feb 2024 17:09:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206125
IP address blocks: 89.190.6.0/24 maxlen: 24
2a03:7c00:11::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 10 Apr 2024 16:02:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c7:7e:01:1e:6a:bf:17:80:6d:b9:b0:50:f7:93:88:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87f41ae0779e37defc69b2a5b0f7ab8fd40cd3e7
Validity
Not Before: Feb 20 17:09:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d20be359fb2b0b022e0e316c0ad8ccc13a606fe7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:af:d2:77:0c:94:a6:88:29:27:7a:ec:8d:91:
ed:10:1c:a7:65:a5:75:7c:7b:61:1f:1b:7a:ec:0a:
84:2f:b3:e2:3f:2f:24:4e:4b:7b:a8:93:9d:ea:18:
11:fc:b0:92:85:dc:41:5b:b4:24:e4:43:d7:60:72:
27:83:22:f4:bf:ff:54:13:ea:10:6b:21:d6:be:bd:
9a:41:e6:ab:94:0c:aa:f6:a8:9c:42:11:87:b2:24:
b8:89:00:a5:26:3b:27:18:9d:ba:a1:9b:e8:be:55:
93:b5:6e:e8:4a:13:88:53:3d:98:4a:99:bf:a3:2a:
17:d9:e6:ac:5f:9a:88:44:18:8e:f7:38:2c:6f:3c:
aa:f4:c1:4d:46:5f:df:28:fe:60:a9:26:1e:c5:94:
3f:90:00:f4:1a:98:c4:e2:2e:40:36:c4:91:cc:a4:
2c:e7:6c:28:11:eb:05:17:2a:25:0e:aa:37:02:e9:
f7:6d:83:6b:8b:f4:88:3e:ca:8f:4d:1b:c2:29:a5:
6c:36:81:b9:e5:cb:0d:05:60:2e:3f:40:b4:78:66:
05:c2:cc:c8:33:46:83:dc:09:5d:b9:4c:30:b5:c2:
c7:70:d0:af:54:4e:57:90:bb:0a:48:8b:e4:38:09:
96:da:27:58:29:cb:21:47:cd:75:09:2d:95:73:67:
73:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:0B:E3:59:FB:2B:0B:02:2E:0E:31:6C:0A:D8:CC:C1:3A:60:6F:E7
X509v3 Authority Key Identifier:
keyid:87:F4:1A:E0:77:9E:37:DE:FC:69:B2:A5:B0:F7:AB:8F:D4:0C:D3:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h_Qa4HeeN978abKlsPerj9QM0-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/185cb5-4752-43b8-8e46-c43ab2a12d55/1/0gvjWfsrCwIuDjFsCtjMwTpgb-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/185cb5-4752-43b8-8e46-c43ab2a12d55/1/h_Qa4HeeN978abKlsPerj9QM0-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.190.6.0/24
IPv6:
2a03:7c00:11::/48
Signature Algorithm: sha256WithRSAEncryption
4f:73:56:a4:da:14:65:c1:cf:21:b7:8d:77:b4:33:95:68:e9:
2f:ee:e2:72:fa:21:e7:bb:fb:58:05:e6:d4:f2:7a:6e:32:c3:
4b:e7:e5:b2:f7:dc:fd:d5:d0:38:35:a8:d0:dc:00:f5:16:9d:
0b:e8:e0:ce:7b:b3:47:c4:0e:09:3a:fb:de:ef:5f:05:ba:1d:
6c:08:80:1e:14:34:89:a5:99:aa:34:f4:f4:31:f9:51:4b:1e:
08:9b:dd:75:34:26:97:a8:cf:8c:94:aa:dd:5d:16:2b:18:f7:
a6:88:06:03:f4:4d:ba:11:f6:3b:33:c9:4f:58:2f:19:28:49:
e9:64:ac:ca:f6:bb:b0:ba:b1:56:08:6f:27:93:69:47:9c:d3:
a3:db:64:54:8e:5d:2a:fc:a4:c8:aa:99:7b:e9:d1:3e:e0:17:
38:d6:4f:eb:37:86:83:6a:db:1a:eb:fd:90:b8:d3:7c:3e:aa:
7e:41:3d:b8:10:61:00:ca:aa:bc:c6:95:79:90:2a:cb:18:24:
9c:1b:bd:38:77:e1:89:df:2c:73:f8:71:90:33:f1:c4:54:5d:
a2:eb:4d:b4:43:44:b4:10:11:58:ac:df:29:76:9c:ea:c5:f0:
8f:c9:b6:07:44:c8:c3:0c:77:2b:df:73:aa:73:7a:d0:2a:44:
36:6f:0e:79
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3HfgEear8XgG25sFD3k4jeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZjQxYWUwNzc5ZTM3ZGVmYzY5YjJhNWIwZjdhYjhmZDQw
Y2QzZTcwHhcNMjQwMjIwMTcwOTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjBiZTM1OWZiMmIwYjAyMmUwZTMxNmMwYWQ4Y2NjMTNhNjA2ZmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArK/SdwyUpogpJ3rsjZHtEBynZaV1
fHthHxt67AqEL7PiPy8kTkt7qJOd6hgR/LCShdxBW7Qk5EPXYHIngyL0v/9UE+oQ
ayHWvr2aQearlAyq9qicQhGHsiS4iQClJjsnGJ26oZvovlWTtW7oShOIUz2YSpm/
oyoX2easX5qIRBiO9zgsbzyq9MFNRl/fKP5gqSYexZQ/kAD0GpjE4i5ANsSRzKQs
52woEesFFyolDqo3Aun3bYNri/SIPsqPTRvCKaVsNoG55csNBWAuP0C0eGYFwszI
M0aD3AlduUwwtcLHcNCvVE5XkLsKSIvkOAmW2idYKcshR811CS2Vc2dz6QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNIL41n7KwsCLg4xbArYzME6YG/nMB8GA1UdIwQY
MBaAFIf0GuB3njfe/GmypbD3q4/UDNPnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaF9RYTRIZWVOOTc4YWJLbHNQZXJqOVFNMC1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xODVjYjUtNDc1Mi00M2I4LThlNDYt
YzQzYWIyYTEyZDU1LzEvMGd2aldmc3JDd0l1RGpGc0N0ak13VHBnYi1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xODVjYjUtNDc1Mi00M2I4LThlNDYtYzQzYWIyYTEyZDU1
LzEvaF9RYTRIZWVOOTc4YWJLbHNQZXJqOVFNMC1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAWb4GMA8E
AgACMAkDBwAqA3wAABEwDQYJKoZIhvcNAQELBQADggEBAE9zVqTaFGXBzyG3jXe0
M5Vo6S/u4nL6Iee7+1gF5tTyem4yw0vn5bL33P3V0Dg1qNDcAPUWnQvo4M57s0fE
Dgk6+97vXwW6HWwIgB4UNImlmao09PQx+VFLHgib3XU0Jpeoz4yUqt1dFisY96aI
BgP0TboR9jszyU9YLxkoSelkrMr2u7C6sVYIbyeTaUec06PbZFSOXSr8pMiqmXvp
0T7gFzjWT+s3hoNq2xrr/ZC403w+qn5BPbgQYQDKqrzGlXmQKssYJJwbvTh34Ynf
LHP4cZAz8cRUXaLrTbRDRLQQEVis3yl2nOrF8I/JtgdEyMMMdyvfc6pzetAqRDZv
Dnk=
-----END CERTIFICATE-----
Generated at Wed Apr 10 19:15:29 2024 by rpki-client on console-ams.rpki-client.org