Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/CpSgRlxD-ZJYQ-22Vb0IpDbK12c.roa
File: CpSgRlxD-ZJYQ-22Vb0IpDbK12c.roa (raw, json)
Hash identifier: SJbIWzzYIFS2zbvdvpG82B5yhl0Zr7MB1+PoqkbDEdU=
Subject key identifier: 0A:94:A0:46:5C:43:F9:92:58:43:ED:B6:55:BD:08:A4:36:CA:D7:67
Certificate issuer: /CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Certificate serial: 01856FC292A47C0AFDDE2EF8BF6C02218FE8
Authority key identifier: 0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/CpSgRlxD-ZJYQ-22Vb0IpDbK12c.roa
Signing time: Sun 01 Jan 2023 23:55:00 +0000
ROA not before: Sun 01 Jan 2023 23:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33875
IP address blocks: 89.35.218.0/24 maxlen: 24
89.35.219.0/24 maxlen: 24
89.35.220.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:92:a4:7c:0a:fd:de:2e:f8:bf:6c:02:21:8f:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Validity
Not Before: Jan 1 23:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a94a0465c43f9925843edb655bd08a436cad767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:77:e0:61:13:7d:36:bd:fa:a8:8f:bd:ec:dc:
b0:4c:2f:17:49:9c:ca:93:ec:89:cb:f5:8e:e7:e4:
e1:80:d1:20:34:2c:f4:81:2c:3f:ee:5d:82:c2:f9:
80:25:3a:e3:76:39:bb:22:b1:19:78:0a:4c:9b:33:
04:c9:59:c2:d0:a3:7e:08:71:8d:44:b1:c5:70:b6:
86:15:3c:22:f3:21:a8:dd:65:1c:93:a4:7b:e7:4a:
0e:62:a6:7e:d7:f9:89:80:66:8c:f7:82:7f:da:8b:
1d:9e:66:37:c8:d6:ff:9b:8a:8c:a4:ec:aa:97:65:
1a:cc:3c:c2:2e:91:9e:25:2c:de:5f:63:dd:ab:56:
97:23:09:90:cf:d2:5b:2e:ae:ef:13:ce:50:05:d5:
58:a3:88:9c:1b:dd:87:02:67:d1:9b:57:76:ec:93:
ab:b9:cf:10:d2:0d:e1:ee:8e:fe:74:8c:3e:1b:6e:
de:b3:81:bb:41:77:08:77:e1:19:4d:06:ea:42:8f:
e5:8a:81:71:22:a0:5b:f0:7d:7f:5d:5f:db:70:b9:
57:77:6d:35:ac:d3:38:b7:ad:4b:6e:08:36:85:fe:
55:67:92:57:ce:d0:91:9e:66:37:d4:51:d9:61:a2:
9c:1a:09:a5:3b:bf:5a:27:51:85:3a:08:87:f7:3f:
02:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:94:A0:46:5C:43:F9:92:58:43:ED:B6:55:BD:08:A4:36:CA:D7:67
X509v3 Authority Key Identifier:
keyid:0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/CpSgRlxD-ZJYQ-22Vb0IpDbK12c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.218.0-89.35.220.255
Signature Algorithm: sha256WithRSAEncryption
6b:e8:9a:f0:3e:17:09:3e:1a:0c:ee:c1:51:09:2f:ae:35:c0:
87:ee:77:11:4d:b8:02:c9:2b:9d:8a:9b:d1:6f:de:89:e8:c0:
9e:5e:5c:d6:97:89:f5:30:77:ae:ac:8e:f6:6e:79:4e:e3:cb:
bb:e7:6b:74:18:41:88:32:f6:07:56:86:8f:8b:0f:37:45:8a:
d7:02:74:04:e1:9d:7b:4d:63:65:78:1e:5f:f9:25:77:ee:e4:
41:91:9b:f4:72:99:9a:08:ea:e7:55:d6:66:c7:44:e3:56:98:
66:15:5d:cc:55:74:a2:56:d1:04:86:91:9b:18:68:c7:64:3a:
4a:d8:2a:fa:85:99:7a:d7:f3:79:14:ba:31:a9:de:22:8a:03:
d7:aa:00:df:9d:81:7b:1a:57:2c:86:3a:6f:99:1e:c1:75:b2:
1c:48:1d:7c:b2:36:2b:1b:7f:ff:c6:eb:6a:82:9c:9a:4d:b1:
72:49:01:24:2c:7f:8f:6c:36:20:1b:f0:c9:dc:7e:b5:24:74:
4c:f1:6e:67:d2:94:c0:61:91:f5:60:b8:fe:fb:ae:1e:16:e3:
a6:3e:31:e2:88:b9:0c:bf:e2:3f:b2:b8:73:60:1b:ba:c8:5c:
93:05:3c:5e:f7:44:7e:9c:01:1c:44:13:80:9c:6c:52:d7:1a:
62:1f:5a:44
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVvwpKkfAr93i74v2wCIY/oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNTU2YWNiNWYzYjk2MWI1Y2MyNGEyOTk1ZjM0ZWU5MWY3
OWRjMTYwHhcNMjMwMTAxMjM1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTk0YTA0NjVjNDNmOTkyNTg0M2VkYjY1NWJkMDhhNDM2Y2FkNzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3fgYRN9Nr36qI+97NywTC8XSZzK
k+yJy/WO5+ThgNEgNCz0gSw/7l2CwvmAJTrjdjm7IrEZeApMmzMEyVnC0KN+CHGN
RLHFcLaGFTwi8yGo3WUck6R750oOYqZ+1/mJgGaM94J/2osdnmY3yNb/m4qMpOyq
l2UazDzCLpGeJSzeX2Pdq1aXIwmQz9JbLq7vE85QBdVYo4icG92HAmfRm1d27JOr
uc8Q0g3h7o7+dIw+G27es4G7QXcId+EZTQbqQo/lioFxIqBb8H1/XV/bcLlXd201
rNM4t61Lbgg2hf5VZ5JXztCRnmY31FHZYaKcGgmlO79aJ1GFOgiH9z8CLwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAqUoEZcQ/mSWEPttlW9CKQ2ytdnMB8GA1UdIwQY
MBaAFAtVastfO5YbXMJKKZXzTukfedwWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEt
ZDJiYmYzN2RhYmI0LzEvQ3BTZ1JseEQtWkpZUS0yMlZiMElwRGJLMTJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEtZDJiYmYzN2RhYmI0
LzEvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFZI9oD
BABZI9wwDQYJKoZIhvcNAQELBQADggEBAGvomvA+Fwk+GgzuwVEJL641wIfudxFN
uALJK52Km9Fv3onowJ5eXNaXifUwd66sjvZueU7jy7vna3QYQYgy9gdWho+LDzdF
itcCdAThnXtNY2V4Hl/5JXfu5EGRm/RymZoI6udV1mbHRONWmGYVXcxVdKJW0QSG
kZsYaMdkOkrYKvqFmXrX83kUujGp3iKKA9eqAN+dgXsaVyyGOm+ZHsF1shxIHXyy
Nisbf//G62qCnJpNsXJJASQsf49sNiAb8MncfrUkdEzxbmfSlMBhkfVguP77rh4W
46Y+MeKIuQy/4j+yuHNgG7rIXJMFPF73RH6cARxEE4CcbFLXGmIfWkQ=
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:33 2024 by rpki-client on console-ams.rpki-client.org