Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/aPzROumO4xV01v7KurzjOxEnp_s.roa
File: aPzROumO4xV01v7KurzjOxEnp_s.roa (raw, json)
Hash identifier: l8FQUcolkHyKvVTYvNPiPLez16rkJn3cjTVs+hUBN14=
Subject key identifier: 68:FC:D1:3A:E9:8E:E3:15:74:D6:FE:CA:BA:BC:E3:3B:11:27:A7:FB
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0187D839A9C37C8CA1CFC62BDDD02B2EC3C6
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/aPzROumO4xV01v7KurzjOxEnp_s.roa
Signing time: Mon 01 May 2023 16:51:10 +0000
ROA not before: Mon 01 May 2023 16:51:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 89.34.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 May 2023 04:40:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:d8:39:a9:c3:7c:8c:a1:cf:c6:2b:dd:d0:2b:2e:c3:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: May 1 16:51:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68fcd13ae98ee31574d6fecababce33b1127a7fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:05:12:74:d7:96:39:e6:39:a9:fd:47:97:65:
1d:f9:1b:cb:8f:10:ca:59:37:7e:73:c8:51:a4:d8:
9a:37:d9:af:62:8f:48:b1:c9:c2:7e:51:08:0c:d8:
d5:45:b4:48:3a:78:77:60:fd:46:51:ea:16:b1:36:
49:37:ac:ab:16:98:54:43:9d:a9:ba:c6:d0:54:1c:
71:b8:c4:d8:84:af:4e:0f:dc:a8:bf:9c:fe:c5:af:
7c:2f:e6:f5:1e:47:0e:1d:e9:3b:fd:48:06:20:85:
87:f5:2d:39:4b:a3:eb:ad:9b:dd:e5:b6:c4:45:65:
45:b7:c1:f5:7c:65:63:03:e6:12:b1:de:dc:39:4f:
0b:a8:5c:a4:a5:95:69:62:d4:97:f7:3f:ae:14:0a:
b0:83:ac:a2:83:d3:e5:fc:ee:72:b3:2c:28:81:a9:
87:6c:38:f2:4a:6d:d2:5f:48:d7:0f:f2:e5:05:4a:
50:91:55:d0:33:5e:11:9a:f6:57:e9:bc:50:0d:e5:
bb:91:c7:fb:b2:ca:c9:12:45:72:ec:1a:1a:c1:bd:
65:ae:59:90:09:45:44:ec:c8:fd:50:79:55:e2:41:
1a:21:7d:9a:0b:39:09:5e:dd:39:f5:51:13:ad:2d:
6a:22:b5:ac:16:25:8f:49:f2:fa:b4:2b:3d:96:3a:
9f:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:FC:D1:3A:E9:8E:E3:15:74:D6:FE:CA:BA:BC:E3:3B:11:27:A7:FB
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/aPzROumO4xV01v7KurzjOxEnp_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.202.0/24
Signature Algorithm: sha256WithRSAEncryption
76:f2:fa:f0:8f:ea:01:7d:50:3e:3a:2b:71:b0:26:44:1a:22:
2c:9d:f7:20:79:dd:89:0a:39:e4:a5:19:38:99:88:ab:3d:65:
f8:a3:e8:4f:18:53:f3:56:17:97:eb:e0:7f:62:d4:ed:17:32:
e2:1c:82:31:49:cf:17:ca:a8:b8:50:7e:bf:32:df:86:de:1a:
a7:80:4b:fb:67:6e:3d:27:f3:96:b5:be:8d:cc:31:fa:9a:34:
0f:58:37:2c:da:4e:a2:a6:33:75:1d:14:64:3a:e1:2a:05:58:
24:e5:a3:ca:f7:a7:0c:2e:47:39:83:9c:5e:e7:82:99:18:48:
69:e9:da:3a:5b:ec:75:14:b5:a4:10:9c:72:b5:12:bb:9a:11:
70:d6:04:74:98:e2:64:b6:20:b2:50:3f:5c:8b:f0:4e:52:da:
cc:c5:04:64:f2:5a:b2:00:71:6b:12:32:a9:31:a7:bc:56:a9:
22:db:f3:fa:1f:29:80:4b:4c:70:c7:5b:85:61:b9:9a:f4:bf:
de:45:1a:f7:52:23:f6:d4:71:f4:9e:9e:5c:06:d0:0f:6e:db:
2f:dd:8f:2c:56:e7:23:58:87:b6:aa:6f:d8:fd:47:10:b6:b3:
f7:92:0d:bf:35:aa:ae:b5:d5:b3:f3:89:d2:e2:1d:1f:02:d8:
8c:2f:93:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfYOanDfIyhz8Yr3dArLsPGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwNTAxMTY1MTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGZjZDEzYWU5OGVlMzE1NzRkNmZlY2FiYWJjZTMzYjExMjdhN2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggUSdNeWOeY5qf1Hl2Ud+RvLjxDK
WTd+c8hRpNiaN9mvYo9IscnCflEIDNjVRbRIOnh3YP1GUeoWsTZJN6yrFphUQ52p
usbQVBxxuMTYhK9OD9yov5z+xa98L+b1HkcOHek7/UgGIIWH9S05S6PrrZvd5bbE
RWVFt8H1fGVjA+YSsd7cOU8LqFykpZVpYtSX9z+uFAqwg6yig9Pl/O5ysywogamH
bDjySm3SX0jXD/LlBUpQkVXQM14RmvZX6bxQDeW7kcf7ssrJEkVy7Boawb1lrlmQ
CUVE7Mj9UHlV4kEaIX2aCzkJXt059VETrS1qIrWsFiWPSfL6tCs9ljqf+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGj80TrpjuMVdNb+yrq84zsRJ6f7MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvYVB6Uk91bU80eFYwMXY3S3VyempPeEVucF9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSLKMA0G
CSqGSIb3DQEBCwUAA4IBAQB28vrwj+oBfVA+OitxsCZEGiIsnfcged2JCjnkpRk4
mYirPWX4o+hPGFPzVheX6+B/YtTtFzLiHIIxSc8Xyqi4UH6/Mt+G3hqngEv7Z249
J/OWtb6NzDH6mjQPWDcs2k6ipjN1HRRkOuEqBVgk5aPK96cMLkc5g5xe54KZGEhp
6do6W+x1FLWkEJxytRK7mhFw1gR0mOJktiCyUD9ci/BOUtrMxQRk8lqyAHFrEjKp
Mae8Vqki2/P6HymAS0xwx1uFYbma9L/eRRr3UiP21HH0np5cBtAPbtsv3Y8sVucj
WIe2qm/Y/UcQtrP3kg2/NaqutdWz84nS4h0fAtiML5MD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:07 2024 by rpki-client on console-fra.rpki-client.org