Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/A85NsILB7WtmgbsFAeXQSMiFGRM.roa
File: A85NsILB7WtmgbsFAeXQSMiFGRM.roa (raw, json)
Hash identifier: q+dncdhun+ZqPV+9yTHEG7C82gB415+diLFMn9/3BLA=
Subject key identifier: 03:CE:4D:B0:82:C1:ED:6B:66:81:BB:05:01:E5:D0:48:C8:85:19:13
Certificate issuer: /CN=3cdcc8bcdb6c744acdf43dd72d68d20451a179f6
Certificate serial: 01856ED4C34E771E84011D6C9B558FD6731B
Authority key identifier: 3C:DC:C8:BC:DB:6C:74:4A:CD:F4:3D:D7:2D:68:D2:04:51:A1:79:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PNzIvNtsdErN9D3XLWjSBFGhefY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/A85NsILB7WtmgbsFAeXQSMiFGRM.roa
Signing time: Sun 01 Jan 2023 19:35:15 +0000
ROA not before: Sun 01 Jan 2023 19:35:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 152.89.193.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:c3:4e:77:1e:84:01:1d:6c:9b:55:8f:d6:73:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cdcc8bcdb6c744acdf43dd72d68d20451a179f6
Validity
Not Before: Jan 1 19:35:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03ce4db082c1ed6b6681bb0501e5d048c8851913
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:58:62:2a:f2:2b:9b:f0:03:ff:6a:11:55:49:
19:56:de:4f:10:c3:3e:63:7c:8f:d9:f8:e0:b2:5f:
de:b5:7a:17:9d:08:a7:b5:44:1e:30:7b:49:d6:fe:
c9:f2:15:4c:79:38:89:92:b7:a8:21:db:e9:92:72:
8b:9a:0c:53:34:fe:bb:db:41:c2:5d:3b:6a:eb:a6:
b3:4a:0d:4e:8c:bc:89:96:59:54:62:13:01:32:4f:
ee:6e:0a:40:92:16:81:d3:34:9d:f7:e4:35:15:05:
fd:80:14:2e:81:46:c4:7b:d7:8b:fe:a7:8b:5b:4d:
5c:2f:0f:8e:33:e8:a7:00:8e:02:d8:62:8d:fe:52:
a4:c0:5d:f3:dd:78:7b:48:e7:35:c0:d2:35:23:9b:
9e:a1:e0:11:3c:4b:d4:e8:37:36:2f:50:72:4b:f1:
c2:44:dd:66:f3:26:39:9e:a2:35:9e:ec:20:f5:6d:
c0:b5:a7:f9:ea:7e:0a:34:4b:86:97:e1:b1:e7:9f:
56:0b:a3:7b:1c:31:71:a8:d3:76:04:d3:f6:2a:d0:
57:a0:9c:ba:ed:10:b8:68:44:e3:fe:8d:b4:bc:81:
95:80:b5:b9:c9:63:f6:7d:20:fc:9e:31:37:30:79:
5a:db:38:4f:9a:b1:71:17:3b:2a:5a:e2:95:96:26:
79:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:CE:4D:B0:82:C1:ED:6B:66:81:BB:05:01:E5:D0:48:C8:85:19:13
X509v3 Authority Key Identifier:
keyid:3C:DC:C8:BC:DB:6C:74:4A:CD:F4:3D:D7:2D:68:D2:04:51:A1:79:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNzIvNtsdErN9D3XLWjSBFGhefY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/A85NsILB7WtmgbsFAeXQSMiFGRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/PNzIvNtsdErN9D3XLWjSBFGhefY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.193.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:a3:dd:a9:46:03:d9:4c:f2:17:ad:2e:6d:fe:34:9e:4e:ad:
d8:9f:fc:55:a9:97:d7:3f:02:3a:96:9a:ca:39:16:a8:17:d3:
c7:35:d4:be:7a:d8:58:14:12:1d:c9:c6:f0:1c:e2:d0:aa:dd:
b5:6c:19:40:47:dc:43:fe:09:77:3e:d7:b8:2a:1a:20:84:ae:
bf:85:ea:8c:fb:d3:20:c7:4e:06:29:05:ce:bd:fe:f7:d1:c2:
fa:c1:50:9e:e6:8e:da:ab:da:6a:60:d9:5e:50:cd:e4:3c:ff:
4a:4a:18:fe:e8:c9:63:b3:f1:aa:ea:7a:f7:cf:0e:91:b6:cb:
5e:58:11:05:f2:92:c7:db:24:83:84:13:db:46:3a:bf:88:a8:
d6:e4:1f:a3:71:27:6c:d0:49:b7:c5:97:96:aa:a6:d8:cb:20:
ed:c9:5d:c6:ac:71:e9:a9:ab:5b:31:3a:4f:6e:d6:32:c6:b6:
c7:20:58:e1:78:e9:e0:79:11:9a:b7:9a:6d:a6:37:d0:de:aa:
3a:b8:44:b2:59:15:95:83:45:25:d1:e3:0b:19:92:4b:f0:86:
16:75:0d:cc:f0:f3:04:fe:1f:a8:63:ab:38:f6:55:18:97:c5:
f3:12:ff:1f:51:b9:e0:ad:be:8b:7d:cd:b8:e0:b9:95:6d:e2:
c2:94:20:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1MNOdx6EAR1sm1WP1nMbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZGNjOGJjZGI2Yzc0NGFjZGY0M2RkNzJkNjhkMjA0NTFh
MTc5ZjYwHhcNMjMwMTAxMTkzNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2NlNGRiMDgyYzFlZDZiNjY4MWJiMDUwMWU1ZDA0OGM4ODUxOTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFhiKvIrm/AD/2oRVUkZVt5PEMM+
Y3yP2fjgsl/etXoXnQintUQeMHtJ1v7J8hVMeTiJkreoIdvpknKLmgxTNP6720HC
XTtq66azSg1OjLyJlllUYhMBMk/ubgpAkhaB0zSd9+Q1FQX9gBQugUbEe9eL/qeL
W01cLw+OM+inAI4C2GKN/lKkwF3z3Xh7SOc1wNI1I5ueoeARPEvU6Dc2L1ByS/HC
RN1m8yY5nqI1nuwg9W3Ataf56n4KNEuGl+Gx559WC6N7HDFxqNN2BNP2KtBXoJy6
7RC4aETj/o20vIGVgLW5yWP2fSD8njE3MHla2zhPmrFxFzsqWuKVliZ5fQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAPOTbCCwe1rZoG7BQHl0EjIhRkTMB8GA1UdIwQY
MBaAFDzcyLzbbHRKzfQ91y1o0gRRoXn2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE56SXZOdHNkRXJOOUQzWExXalNCRkdoZWZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8zNTY4MjYtZmMxMC00YWE5LTk2YTQt
NjM3YjM3MWRhOGU2LzEvQTg1TnNJTEI3V3RtZ2JzRkFlWFFTTWlGR1JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8zNTY4MjYtZmMxMC00YWE5LTk2YTQtNjM3YjM3MWRhOGU2
LzEvUE56SXZOdHNkRXJOOUQzWExXalNCRkdoZWZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFnBMA0G
CSqGSIb3DQEBCwUAA4IBAQCOo92pRgPZTPIXrS5t/jSeTq3Yn/xVqZfXPwI6lprK
ORaoF9PHNdS+ethYFBIdycbwHOLQqt21bBlAR9xD/gl3Pte4KhoghK6/heqM+9Mg
x04GKQXOvf730cL6wVCe5o7aq9pqYNleUM3kPP9KShj+6Mljs/Gq6nr3zw6Rtste
WBEF8pLH2ySDhBPbRjq/iKjW5B+jcSds0Em3xZeWqqbYyyDtyV3GrHHpqatbMTpP
btYyxrbHIFjheOngeRGat5ptpjfQ3qo6uESyWRWVg0Ul0eMLGZJL8IYWdQ3M8PME
/h+oY6s49lUYl8XzEv8fUbngrb6Lfc244LmVbeLClCCM
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:28 2023 by rpki-client on console-ams.rpki-client.org