Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/6OaDo6XzW57xtImCGL9KdixHD3w.roa
File: 6OaDo6XzW57xtImCGL9KdixHD3w.roa (raw, json)
Hash identifier: gDR8NLNLLVtnMtvHK30Gzmj75sZ5c8azOGQC9P7A7Mo=
Subject key identifier: E8:E6:83:A3:A5:F3:5B:9E:F1:B4:89:82:18:BF:4A:76:2C:47:0F:7C
Certificate issuer: /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial: 0187E131169748790E4FEF540B8FB62C1478
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/6OaDo6XzW57xtImCGL9KdixHD3w.roa
Signing time: Wed 03 May 2023 10:38:23 +0000
ROA not before: Wed 03 May 2023 10:38:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56913
IP address blocks: 89.187.5.0/24 maxlen: 24
89.187.11.0/24 maxlen: 24
89.187.23.0/24 maxlen: 24
89.187.28.0/24 maxlen: 24
89.187.30.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e1:31:16:97:48:79:0e:4f:ef:54:0b:8f:b6:2c:14:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Validity
Not Before: May 3 10:38:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e8e683a3a5f35b9ef1b4898218bf4a762c470f7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:60:fe:f4:ca:38:c6:a2:9e:7a:d2:cc:da:01:
b8:1e:94:4f:39:46:e4:7f:bd:6f:8a:33:db:86:72:
f2:a5:72:d5:1a:85:48:48:19:32:e8:ac:b6:a4:c7:
19:d2:23:c4:30:60:a3:82:d9:56:cc:ed:0d:74:d6:
fd:9f:29:99:8a:7d:ca:f3:0f:39:87:94:48:7c:30:
94:79:91:0c:c8:0b:66:85:69:33:0e:75:60:46:ee:
17:63:7c:d9:12:b1:53:3b:1c:e0:31:56:3b:c4:02:
17:c6:75:18:3b:d0:eb:48:04:28:f4:9c:51:4a:58:
08:67:83:1d:1c:cf:55:32:16:d2:0d:4d:52:9d:b3:
dd:38:a1:c6:38:f7:7f:21:6b:e2:58:bc:93:90:1e:
40:26:ec:f6:6d:15:4d:62:3d:c2:75:8f:91:08:be:
26:33:65:64:60:a8:64:fa:2c:53:0f:05:d1:e3:8d:
e4:ee:f4:ab:b3:f2:61:7d:11:7a:69:bc:47:6b:e6:
8e:c7:be:2c:14:21:df:e2:d9:bc:fd:b6:68:4f:4d:
54:4c:d5:bc:5c:72:83:f9:88:25:c1:78:3a:71:b4:
11:82:03:17:36:6c:e4:9c:97:4d:b1:d3:ff:06:a8:
02:6e:b3:e7:e3:52:53:32:09:29:fc:98:ba:c4:b0:
d8:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:E6:83:A3:A5:F3:5B:9E:F1:B4:89:82:18:BF:4A:76:2C:47:0F:7C
X509v3 Authority Key Identifier:
keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/6OaDo6XzW57xtImCGL9KdixHD3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.187.5.0/24
89.187.11.0/24
89.187.23.0/24
89.187.28.0/24
89.187.30.0/24
Signature Algorithm: sha256WithRSAEncryption
61:26:27:52:f0:f1:e5:7d:c2:5b:f6:17:57:d3:78:5e:14:e4:
2c:9d:44:ff:99:57:71:54:0b:42:1f:19:e6:17:68:ad:b7:46:
af:9c:a5:fb:e9:d6:a6:42:85:ed:bf:c5:6e:4d:29:02:88:ff:
d4:97:3c:33:13:7f:33:2e:34:f4:5a:86:95:66:ba:2d:00:00:
da:7d:40:d9:2f:db:fb:b4:2f:14:14:6e:02:3c:7d:f8:f3:ae:
18:c7:27:7a:e8:ea:eb:32:c5:77:c6:18:9e:9d:5a:26:4a:8e:
ab:25:02:1d:d4:04:9b:fd:5f:70:42:27:12:bd:74:3e:1e:b8:
e7:3a:86:7e:b9:47:2d:94:db:43:70:9c:a2:89:0f:5d:ee:99:
8a:37:b5:60:ac:74:74:a2:c6:b4:cd:e4:d5:fd:d5:d1:7a:4c:
91:78:05:13:b0:09:0f:d4:60:f5:84:4c:11:d6:84:55:b4:c0:
3a:2c:3e:5c:97:42:50:c8:2c:be:88:d1:e8:c2:a5:c1:81:87:
cd:ca:b1:dd:0f:c4:4b:07:f0:3f:11:bc:63:be:34:f4:72:80:
e8:22:93:44:5c:4c:65:39:a1:1e:40:99:53:19:e7:73:0b:f7:
74:f4:5b:e1:3b:04:81:c6:de:d3:5a:a1:9b:7e:23:f6:31:7a:
44:b7:b5:89
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYfhMRaXSHkOT+9UC4+2LBR4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjMwNTAzMTAzODIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGU2ODNhM2E1ZjM1YjllZjFiNDg5ODIxOGJmNGE3NjJjNDcwZjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGD+9Mo4xqKeetLM2gG4HpRPOUbk
f71vijPbhnLypXLVGoVISBky6Ky2pMcZ0iPEMGCjgtlWzO0NdNb9nymZin3K8w85
h5RIfDCUeZEMyAtmhWkzDnVgRu4XY3zZErFTOxzgMVY7xAIXxnUYO9DrSAQo9JxR
SlgIZ4MdHM9VMhbSDU1SnbPdOKHGOPd/IWviWLyTkB5AJuz2bRVNYj3CdY+RCL4m
M2VkYKhk+ixTDwXR443k7vSrs/JhfRF6abxHa+aOx74sFCHf4tm8/bZoT01UTNW8
XHKD+YglwXg6cbQRggMXNmzknJdNsdP/BqgCbrPn41JTMgkp/Ji6xLDYKQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOjmg6Ol81ue8bSJghi/SnYsRw98MB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvNk9hRG82WHpXNTd4dEltQ0dMOUtkaXhIRDN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWbsFAwQA
WbsLAwQAWbsXAwQAWbscAwQAWbseMA0GCSqGSIb3DQEBCwUAA4IBAQBhJidS8PHl
fcJb9hdX03heFOQsnUT/mVdxVAtCHxnmF2itt0avnKX76damQoXtv8VuTSkCiP/U
lzwzE38zLjT0WoaVZrotAADafUDZL9v7tC8UFG4CPH34864Yxyd66OrrMsV3xhie
nVomSo6rJQId1ASb/V9wQicSvXQ+HrjnOoZ+uUctlNtDcJyiiQ9d7pmKN7VgrHR0
osa0zeTV/dXRekyReAUTsAkP1GD1hEwR1oRVtMA6LD5cl0JQyCy+iNHowqXBgYfN
yrHdD8RLB/A/EbxjvjT0coDoIpNEXExlOaEeQJlTGedzC/d09FvhOwSBxt7TWqGb
fiP2MXpEt7WJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:49 2024 by rpki-client on console-fra.rpki-client.org