Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/51qiso4IwD7QzwgJuPIeAeh0TnE.roa
File: 51qiso4IwD7QzwgJuPIeAeh0TnE.roa (raw, json)
Hash identifier: /vf2Q4ZP6f/EwHnVi8M/48At1U+eOwD+Rd4lOMGWgzw=
Subject key identifier: E7:5A:A2:B2:8E:08:C0:3E:D0:CF:08:09:B8:F2:1E:01:E8:74:4E:71
Certificate issuer: /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial: 0187E0A5024EBB068E7C4E4B061EAD101023
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/51qiso4IwD7QzwgJuPIeAeh0TnE.roa
Signing time: Wed 03 May 2023 08:05:23 +0000
ROA not before: Wed 03 May 2023 08:05:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56913
IP address blocks: 89.187.5.0/24 maxlen: 24
89.187.11.0/24 maxlen: 24
89.187.16.0/24 maxlen: 24
89.187.20.0/24 maxlen: 24
89.187.23.0/24 maxlen: 24
89.187.28.0/24 maxlen: 24
89.187.30.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 May 2023 10:05:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e0:a5:02:4e:bb:06:8e:7c:4e:4b:06:1e:ad:10:10:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Validity
Not Before: May 3 08:05:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e75aa2b28e08c03ed0cf0809b8f21e01e8744e71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:2f:38:f3:16:17:d8:1b:40:75:a3:85:e0:fa:
ed:f0:cf:c2:87:17:0f:16:1f:0e:6b:f3:0a:2d:b8:
94:af:ac:d6:4a:e4:f1:6e:98:46:5c:1b:74:40:ed:
93:f1:3d:b5:10:fd:1b:56:01:48:55:94:0b:f5:85:
e0:3f:10:65:91:21:18:cd:aa:82:0b:82:e8:c6:95:
e1:28:1f:2c:2b:d6:7a:e2:d1:f4:1f:b9:f0:c4:78:
93:55:39:6a:c6:5c:13:cf:84:08:48:67:1c:2d:f9:
0d:d3:bd:43:ff:00:18:09:c3:5e:66:28:fb:20:88:
2d:8b:25:68:c6:19:cf:60:3e:ef:97:44:04:04:68:
64:68:3f:82:c2:9c:01:19:b0:08:47:05:83:a1:5f:
5e:19:d6:d7:cd:3a:8e:87:01:ad:d7:84:e1:43:ad:
24:f8:14:a7:d9:12:2b:79:f3:3f:fc:39:c9:22:ad:
51:3f:1e:d2:76:4e:9f:f2:26:b4:0b:93:5b:28:9d:
e4:55:f1:60:08:3c:32:22:fb:d0:56:4d:b9:04:e6:
ee:90:d6:02:4e:28:b6:b4:d1:54:53:bf:13:b5:2c:
68:08:5b:f6:27:cc:75:d7:31:55:95:0d:c0:12:6d:
f9:ff:8c:57:40:5e:47:26:ad:5b:d6:ec:19:2e:fa:
f5:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:5A:A2:B2:8E:08:C0:3E:D0:CF:08:09:B8:F2:1E:01:E8:74:4E:71
X509v3 Authority Key Identifier:
keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/51qiso4IwD7QzwgJuPIeAeh0TnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.187.5.0/24
89.187.11.0/24
89.187.16.0/24
89.187.20.0/24
89.187.23.0/24
89.187.28.0/24
89.187.30.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:29:8f:04:b3:5b:7f:22:ae:e0:5f:a2:e6:8a:df:99:8e:14:
df:6e:c4:b1:42:85:2c:35:9a:84:43:88:57:9b:b0:7f:0b:06:
49:a4:79:68:b3:90:e5:19:45:b7:2d:d7:28:26:d6:65:7d:22:
66:7f:d3:2f:bb:ae:b8:1a:e5:45:be:25:6e:f1:15:22:ba:7a:
18:83:b1:34:1c:21:27:4e:a6:ef:46:0b:c0:67:32:0d:ba:23:
ec:20:55:9a:5a:04:57:f7:29:13:46:fa:62:cd:0d:87:bb:21:
67:c0:f7:9b:19:a2:c0:81:00:22:0c:e9:bb:ac:29:76:27:6e:
cd:be:79:bb:c3:74:7d:a4:3b:c9:0d:cc:41:48:47:64:fa:05:
d7:42:5b:09:d0:d4:97:ec:6e:65:ea:66:db:26:ff:77:93:05:
f5:6a:e5:d4:46:27:b5:f8:80:5f:41:ee:8a:9c:f0:32:fc:56:
af:40:13:d0:05:34:8c:b7:ac:6e:3c:4c:74:b8:8f:f6:51:1b:
55:c7:88:23:34:f2:57:1d:95:6a:ed:57:b9:d4:78:2f:3d:9d:
8d:9b:76:e4:d3:f3:2b:39:d2:e1:04:4a:38:33:b1:26:ad:10:
66:67:ae:71:ae:1c:b9:22:09:a1:a9:3c:e2:9f:54:ee:11:01:
c8:6f:c0:ce
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYfgpQJOuwaOfE5LBh6tEBAjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjMwNTAzMDgwNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzVhYTJiMjhlMDhjMDNlZDBjZjA4MDliOGYyMWUwMWU4NzQ0ZTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3i848xYX2BtAdaOF4Prt8M/ChxcP
Fh8Oa/MKLbiUr6zWSuTxbphGXBt0QO2T8T21EP0bVgFIVZQL9YXgPxBlkSEYzaqC
C4LoxpXhKB8sK9Z64tH0H7nwxHiTVTlqxlwTz4QISGccLfkN071D/wAYCcNeZij7
IIgtiyVoxhnPYD7vl0QEBGhkaD+CwpwBGbAIRwWDoV9eGdbXzTqOhwGt14ThQ60k
+BSn2RIrefM//DnJIq1RPx7Sdk6f8ia0C5NbKJ3kVfFgCDwyIvvQVk25BObukNYC
Tii2tNFUU78TtSxoCFv2J8x11zFVlQ3AEm35/4xXQF5HJq1b1uwZLvr11wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOdaorKOCMA+0M8ICbjyHgHodE5xMB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvNTFxaXNvNEl3RDdRendnSnVQSWVBZWgwVG5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAWbsFAwQA
WbsLAwQAWbsQAwQAWbsUAwQAWbsXAwQAWbscAwQAWbseMA0GCSqGSIb3DQEBCwUA
A4IBAQCsKY8Es1t/Iq7gX6Lmit+ZjhTfbsSxQoUsNZqEQ4hXm7B/CwZJpHlos5Dl
GUW3LdcoJtZlfSJmf9Mvu664GuVFviVu8RUiunoYg7E0HCEnTqbvRgvAZzINuiPs
IFWaWgRX9ykTRvpizQ2HuyFnwPebGaLAgQAiDOm7rCl2J27Nvnm7w3R9pDvJDcxB
SEdk+gXXQlsJ0NSX7G5l6mbbJv93kwX1auXURie1+IBfQe6KnPAy/FavQBPQBTSM
t6xuPEx0uI/2URtVx4gjNPJXHZVq7Ve51HgvPZ2Nm3bk0/MrOdLhBEo4M7EmrRBm
Z65xrhy5IgmhqTzin1TuEQHIb8DO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:03 2024 by rpki-client on console-ams.rpki-client.org