Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/kIsZF2alRWxX-g3pgSMqBUO1u5o.roa
File: kIsZF2alRWxX-g3pgSMqBUO1u5o.roa (raw, json)
Hash identifier: 1bXbP7FAnsyzGKvJY9UG4PqfE1uQUBZtlACR97Xrobk=
Subject key identifier: 90:8B:19:17:66:A5:45:6C:57:FA:0D:E9:81:23:2A:05:43:B5:BB:9A
Certificate issuer: /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Certificate serial: 01856F02443C8CF6E98FBA2064059B33E6FE
Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/kIsZF2alRWxX-g3pgSMqBUO1u5o.roa
Signing time: Sun 01 Jan 2023 20:24:57 +0000
ROA not before: Sun 01 Jan 2023 20:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203744
IP address blocks: 89.111.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:44:3c:8c:f6:e9:8f:ba:20:64:05:9b:33:e6:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Validity
Not Before: Jan 1 20:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=908b191766a5456c57fa0de981232a0543b5bb9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:de:6b:f3:66:56:cb:d7:0c:32:79:18:22:74:
5c:d1:b6:f2:6b:64:8f:5b:92:6c:2a:09:8a:a4:ae:
57:26:b8:84:f0:20:9e:17:a6:7f:69:1e:1f:44:b3:
4b:b5:a4:db:3b:f4:f7:f5:bb:2e:ca:23:05:8e:60:
01:5f:8a:57:38:22:80:9d:70:43:6a:a1:34:fd:4b:
1f:81:85:b1:19:8c:10:53:cc:20:c5:f5:70:d7:55:
63:26:c2:5e:3c:15:5a:89:4f:ff:c6:c9:97:9b:a3:
c7:27:a4:50:66:90:2b:d7:c5:7f:d1:63:4f:85:ec:
5f:1e:fc:c3:07:a1:9f:89:05:8c:24:22:ea:74:5c:
09:3d:5f:43:43:12:c2:ac:c1:a5:3f:c7:85:de:91:
d8:6d:fe:7e:db:70:57:83:9e:32:16:8f:da:40:10:
d4:b3:5f:7b:c4:2b:3b:9e:cb:2d:2c:ba:1b:f5:5f:
76:07:60:33:09:fb:d8:2a:f5:12:01:28:b6:32:9e:
89:be:31:fc:25:73:33:39:3e:a9:50:3c:48:b2:19:
76:97:f4:8c:8b:21:84:af:8e:a8:3e:6d:f9:2e:01:
9c:06:cb:fe:40:d8:d7:16:e3:de:11:57:97:bf:e6:
50:c2:53:70:ec:17:a9:c3:c6:6d:18:e0:b6:cf:ee:
e2:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:8B:19:17:66:A5:45:6C:57:FA:0D:E9:81:23:2A:05:43:B5:BB:9A
X509v3 Authority Key Identifier:
keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/kIsZF2alRWxX-g3pgSMqBUO1u5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.111.240.0/24
Signature Algorithm: sha256WithRSAEncryption
12:3a:96:0c:bd:54:1d:a4:27:79:a8:61:8c:d9:21:2e:e9:8d:
4f:2a:ab:1f:81:37:be:ec:50:df:7d:3a:9a:35:37:27:b6:45:
56:17:4f:56:51:bf:45:54:05:7a:e6:11:a1:8e:03:d9:de:75:
7e:f5:2f:41:35:88:98:b7:75:28:6a:45:02:57:dc:18:54:c5:
1f:50:11:ec:b2:ac:50:3e:5b:a0:2f:62:d7:53:17:89:8d:63:
12:d3:3b:2a:fe:12:f4:aa:14:6e:b7:a7:f2:06:56:b9:e2:86:
fc:17:69:7f:3e:0d:4a:36:59:af:45:68:b7:5a:2d:47:bc:7d:
91:5c:e2:62:df:42:c3:36:79:fc:a8:b4:e9:d0:8c:f7:cc:54:
14:dd:b3:50:ad:a8:62:ff:1c:15:c8:cf:73:e9:c9:df:70:b9:
89:cb:27:02:b7:77:c2:c7:a1:5f:e7:c6:d5:aa:96:38:58:f3:
ef:af:68:ed:7c:86:0b:06:0d:fa:24:7a:5e:39:95:7f:e2:35:
c7:bc:d7:d8:38:6e:51:d2:e3:45:14:c3:16:54:40:e3:cb:16:
a4:ba:b2:24:0f:36:48:b7:1a:68:78:21:52:9c:53:b3:b8:0a:
e6:44:73:b1:fa:8c:6e:5c:94:32:e0:63:80:1c:d8:fb:10:98:
7b:23:f3:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAkQ8jPbpj7ogZAWbM+b+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1
ZGVlZTgwHhcNMjMwMTAxMjAyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDhiMTkxNzY2YTU0NTZjNTdmYTBkZTk4MTIzMmEwNTQzYjViYjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjt5r82ZWy9cMMnkYInRc0bbya2SP
W5JsKgmKpK5XJriE8CCeF6Z/aR4fRLNLtaTbO/T39bsuyiMFjmABX4pXOCKAnXBD
aqE0/UsfgYWxGYwQU8wgxfVw11VjJsJePBVaiU//xsmXm6PHJ6RQZpAr18V/0WNP
hexfHvzDB6GfiQWMJCLqdFwJPV9DQxLCrMGlP8eF3pHYbf5+23BXg54yFo/aQBDU
s197xCs7nsstLLob9V92B2AzCfvYKvUSASi2Mp6JvjH8JXMzOT6pUDxIshl2l/SM
iyGEr46oPm35LgGcBsv+QNjXFuPeEVeXv+ZQwlNw7Bepw8ZtGOC2z+7iHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJCLGRdmpUVsV/oN6YEjKgVDtbuaMB8GA1UdIwQY
MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt
ZDliNTMzZjdmYmMzLzEva0lzWkYyYWxSV3hYLWczcGdTTXFCVU8xdTVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz
LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWW/wMA0G
CSqGSIb3DQEBCwUAA4IBAQASOpYMvVQdpCd5qGGM2SEu6Y1PKqsfgTe+7FDffTqa
NTcntkVWF09WUb9FVAV65hGhjgPZ3nV+9S9BNYiYt3UoakUCV9wYVMUfUBHssqxQ
PlugL2LXUxeJjWMS0zsq/hL0qhRut6fyBla54ob8F2l/Pg1KNlmvRWi3Wi1HvH2R
XOJi30LDNnn8qLTp0Iz3zFQU3bNQrahi/xwVyM9z6cnfcLmJyycCt3fCx6Ff58bV
qpY4WPPvr2jtfIYLBg36JHpeOZV/4jXHvNfYOG5R0uNFFMMWVEDjyxakurIkDzZI
txpoeCFSnFOzuArmRHOx+oxuXJQy4GOAHNj7EJh7I/Ns
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:28 2024 by rpki-client on console-ams.rpki-client.org