Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/TLQzcppnmz0OorCzEk28Uw70fRA.roa
File: TLQzcppnmz0OorCzEk28Uw70fRA.roa (raw, json)
Hash identifier: GxcE90IvTHbSof3u9TnR1io30uYZoYryPAe+ggDinME=
Subject key identifier: 4C:B4:33:72:9A:67:9B:3D:0E:A2:B0:B3:12:4D:BC:53:0E:F4:7D:10
Certificate issuer: /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial: 0187DB31BF55B96229667C46845706DC36FB
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/TLQzcppnmz0OorCzEk28Uw70fRA.roa
Signing time: Tue 02 May 2023 06:41:23 +0000
ROA not before: Tue 02 May 2023 06:41:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 89.187.8.0/24 maxlen: 24
89.187.6.0/24 maxlen: 24
89.187.17.0/24 maxlen: 24
89.187.18.0/24 maxlen: 24
89.187.19.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:db:31:bf:55:b9:62:29:66:7c:46:84:57:06:dc:36:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Validity
Not Before: May 2 06:41:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4cb433729a679b3d0ea2b0b3124dbc530ef47d10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ea:aa:06:f6:cf:bb:19:9d:50:1a:95:e1:d9:
d5:00:62:19:a2:98:27:fe:85:2a:3e:a8:70:95:92:
9d:f9:6d:c2:30:05:09:3a:b2:76:42:40:06:1d:6f:
7a:40:15:13:b8:5e:c5:99:95:2f:39:18:4a:3e:96:
ac:c9:dd:03:c9:da:91:3b:c5:22:cc:e9:4a:63:3d:
0a:22:b2:5d:90:a4:e0:53:b4:25:84:34:c3:ec:04:
8d:07:ee:e1:39:32:2d:21:5e:86:5b:6d:5e:7a:d1:
e7:3a:a8:2e:d7:91:36:c3:82:b5:8f:77:e0:0a:0e:
cb:4c:cb:1e:33:7f:ed:53:0b:89:d9:de:8a:95:f5:
9d:03:2f:d9:1b:16:79:db:e5:6a:3e:f3:14:0f:94:
34:c4:34:d0:17:a0:a1:b4:10:b1:c5:f5:55:ae:9a:
09:82:da:e8:ad:5e:58:d1:68:e1:0a:0c:25:40:fd:
d0:35:39:0a:a6:13:ca:d1:c5:35:8c:c1:7e:34:84:
32:3b:5f:0f:7c:e2:81:13:9a:c0:3e:e9:8f:13:29:
c6:6a:0c:17:a7:a5:4a:df:e6:df:ac:fc:ee:17:cb:
69:e4:50:51:ba:40:40:6d:7f:77:ec:8a:3b:88:95:
0e:1e:fe:7e:83:dd:56:38:25:30:4c:f8:cd:f0:6e:
9a:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:B4:33:72:9A:67:9B:3D:0E:A2:B0:B3:12:4D:BC:53:0E:F4:7D:10
X509v3 Authority Key Identifier:
keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/TLQzcppnmz0OorCzEk28Uw70fRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.187.6.0/24
89.187.8.0/24
89.187.17.0-89.187.19.255
Signature Algorithm: sha256WithRSAEncryption
44:05:35:6d:d9:c7:85:c0:87:45:08:7a:9e:ba:c0:0e:1f:4b:
64:67:28:91:e6:3c:d7:1c:ad:bb:39:77:80:a3:c9:10:52:9d:
f8:f0:8e:1c:e1:cc:16:7b:78:94:be:ff:44:b1:16:c1:55:b0:
bd:3e:b0:c0:32:04:a1:57:f1:a8:d2:be:9a:2a:59:60:91:9b:
dd:f9:04:ba:92:de:b1:bc:7b:79:79:e8:60:a2:37:b4:b2:85:
33:d9:e3:dd:9d:18:9a:4b:18:6a:44:f7:5c:f8:85:20:70:be:
a7:4f:f4:6f:1f:a2:e0:43:62:9b:f0:f4:9d:e0:be:b0:b0:99:
95:6b:61:55:8a:5e:ad:e0:3c:4e:b8:5e:8c:e5:d6:e1:0a:da:
03:e9:bd:5e:6a:e7:15:f9:a6:c9:ff:52:c9:c5:66:fd:d3:46:
b0:77:65:70:41:b4:dc:11:d7:a9:b0:2a:f2:67:b6:b6:e1:25:
a4:05:c5:37:20:b1:54:8a:d3:97:e5:15:68:e5:69:d2:c1:1e:
b3:6b:16:06:63:50:0a:20:df:d4:6a:89:8b:34:39:0c:1e:13:
a7:e1:ed:d9:4a:d2:22:87:ac:3b:46:44:59:6a:6c:49:72:18:
c8:09:53:29:c3:ec:ba:f1:b2:c8:68:89:96:2a:ba:7d:1c:31:
ee:5c:7c:86
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYfbMb9VuWIpZnxGhFcG3Db7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjMwNTAyMDY0MTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2I0MzM3MjlhNjc5YjNkMGVhMmIwYjMxMjRkYmM1MzBlZjQ3ZDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleqqBvbPuxmdUBqV4dnVAGIZopgn
/oUqPqhwlZKd+W3CMAUJOrJ2QkAGHW96QBUTuF7FmZUvORhKPpasyd0DydqRO8Ui
zOlKYz0KIrJdkKTgU7QlhDTD7ASNB+7hOTItIV6GW21eetHnOqgu15E2w4K1j3fg
Cg7LTMseM3/tUwuJ2d6KlfWdAy/ZGxZ52+VqPvMUD5Q0xDTQF6ChtBCxxfVVrpoJ
gtrorV5Y0WjhCgwlQP3QNTkKphPK0cU1jMF+NIQyO18PfOKBE5rAPumPEynGagwX
p6VK3+bfrPzuF8tp5FBRukBAbX937Io7iJUOHv5+g91WOCUwTPjN8G6abQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEy0M3KaZ5s9DqKwsxJNvFMO9H0QMB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvVExRemNwcG5tejBPb3JDekVrMjhVdzcwZlJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAWbsGAwQA
WbsIMAwDBABZuxEDBAJZuxAwDQYJKoZIhvcNAQELBQADggEBAEQFNW3Zx4XAh0UI
ep66wA4fS2RnKJHmPNccrbs5d4CjyRBSnfjwjhzhzBZ7eJS+/0SxFsFVsL0+sMAy
BKFX8ajSvpoqWWCRm935BLqS3rG8e3l56GCiN7SyhTPZ492dGJpLGGpE91z4hSBw
vqdP9G8fouBDYpvw9J3gvrCwmZVrYVWKXq3gPE64Xozl1uEK2gPpvV5q5xX5psn/
UsnFZv3TRrB3ZXBBtNwR16mwKvJntrbhJaQFxTcgsVSK05flFWjladLBHrNrFgZj
UAog39RqiYs0OQweE6fh7dlK0iKHrDtGRFlqbElyGMgJUynD7LrxsshoiZYqun0c
Me5cfIY=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:51 2023 by rpki-client on console-ams.rpki-client.org