Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/Tn-Ds3PfOZnKQfH4aCTaFslqE0M.roa
File: Tn-Ds3PfOZnKQfH4aCTaFslqE0M.roa (raw, json)
Hash identifier: IEC8syxSRx0xAV+V8Slp4SvEjSdOpoqHsi3Uu762JFo=
Subject key identifier: 4E:7F:83:B3:73:DF:39:99:CA:41:F1:F8:68:24:DA:16:C9:6A:13:43
Certificate issuer: /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial: 0187D8B1CBAC068788E51B2A0D5E41F93ADF
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/Tn-Ds3PfOZnKQfH4aCTaFslqE0M.roa
Signing time: Mon 01 May 2023 19:02:23 +0000
ROA not before: Mon 01 May 2023 19:02:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54339
IP address blocks: 89.187.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Jun 2023 19:52:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:d8:b1:cb:ac:06:87:88:e5:1b:2a:0d:5e:41:f9:3a:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Validity
Not Before: May 1 19:02:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e7f83b373df3999ca41f1f86824da16c96a1343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:86:12:bc:86:9b:69:43:d4:1d:51:46:80:cf:
4a:21:db:c7:86:b9:06:c7:3f:67:24:a5:9b:e4:98:
cb:5e:af:67:a5:b5:9f:19:9c:b8:45:e6:26:07:dd:
b8:64:85:6e:fd:ad:c0:1d:6a:ec:a9:87:11:59:b1:
55:2a:54:16:45:66:1e:84:ac:e6:e9:5a:fb:cf:ff:
1e:be:cf:6b:d4:61:ea:24:a6:39:96:e6:c5:2f:ea:
69:83:c7:8a:a9:31:b6:b2:80:3c:3c:c7:26:1f:9d:
d9:f4:72:28:b1:d1:6f:38:fd:ba:2a:d5:76:6c:1b:
d6:90:46:f5:9b:ae:9f:32:b0:94:26:ba:b3:6c:cd:
32:f1:60:3a:01:4d:da:9c:bc:27:1c:f9:a4:81:55:
bb:3d:23:8a:23:8e:7e:71:fa:50:28:96:40:8b:b3:
f8:01:48:5c:25:65:45:93:c3:bf:49:65:e5:8c:09:
da:db:68:8c:8c:e6:4b:92:6f:15:16:34:fd:10:18:
c3:59:cb:f3:e7:44:db:9c:d4:28:a5:66:0b:8d:ab:
a1:9b:35:d4:54:7f:b1:3e:1e:e7:35:ab:c6:df:c7:
94:e6:b2:a1:45:94:da:50:3b:f7:33:c0:db:1b:f5:
fb:4b:27:21:3e:df:59:9a:be:59:53:15:fb:89:68:
76:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:7F:83:B3:73:DF:39:99:CA:41:F1:F8:68:24:DA:16:C9:6A:13:43
X509v3 Authority Key Identifier:
keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/Tn-Ds3PfOZnKQfH4aCTaFslqE0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.187.21.0/24
Signature Algorithm: sha256WithRSAEncryption
dc:7f:86:8e:6c:73:9c:bf:24:ec:72:56:15:6e:c1:97:2d:e9:
f7:81:a9:78:db:bf:43:c6:08:0d:64:3c:79:a2:44:3b:91:9a:
5b:d1:d0:b6:4e:e4:9b:51:de:00:b7:d3:72:02:7f:57:92:77:
c5:8b:4d:18:9f:04:bd:d0:40:f5:7f:01:c6:ea:da:8a:80:f4:
16:d4:ac:e0:95:8a:27:31:9b:d0:78:a4:1f:95:12:1b:65:93:
a9:47:cb:f2:2b:32:66:a9:50:85:36:37:8a:7e:95:1d:59:a5:
b2:a2:de:05:81:30:ee:e8:57:ed:02:e1:84:0b:eb:89:7d:8e:
02:0e:f8:f3:f0:37:4a:a7:c5:93:0d:8c:bf:89:f8:10:ce:0c:
db:73:45:6c:64:34:6c:a8:4b:41:a0:cd:11:05:75:90:cd:a4:
37:09:16:c7:1d:45:95:60:f6:14:ea:74:2f:24:4f:d1:8d:3c:
d1:fc:4c:3c:e9:72:f1:6a:a9:04:dc:a5:2e:93:00:e3:44:79:
d2:56:19:1b:a6:0f:7d:a8:d9:12:b8:c8:45:62:96:db:d4:b9:
23:f6:80:58:17:4c:a8:c8:9c:e9:76:7b:f2:2e:9e:54:2b:db:
f9:dd:10:51:ef:25:36:f6:cf:ee:e1:84:7d:0c:34:47:37:4f:
f8:6a:ed:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfYscusBoeI5RsqDV5B+TrfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjMwNTAxMTkwMjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTdmODNiMzczZGYzOTk5Y2E0MWYxZjg2ODI0ZGExNmM5NmExMzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoYSvIabaUPUHVFGgM9KIdvHhrkG
xz9nJKWb5JjLXq9npbWfGZy4ReYmB924ZIVu/a3AHWrsqYcRWbFVKlQWRWYehKzm
6Vr7z/8evs9r1GHqJKY5lubFL+ppg8eKqTG2soA8PMcmH53Z9HIosdFvOP26KtV2
bBvWkEb1m66fMrCUJrqzbM0y8WA6AU3anLwnHPmkgVW7PSOKI45+cfpQKJZAi7P4
AUhcJWVFk8O/SWXljAna22iMjOZLkm8VFjT9EBjDWcvz50TbnNQopWYLjauhmzXU
VH+xPh7nNavG38eU5rKhRZTaUDv3M8DbG/X7SychPt9Zmr5ZUxX7iWh2rQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE5/g7Nz3zmZykHx+Ggk2hbJahNDMB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvVG4tRHMzUGZPWm5LUWZINGFDVGFGc2xxRTBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWbsVMA0G
CSqGSIb3DQEBCwUAA4IBAQDcf4aObHOcvyTsclYVbsGXLen3gal4279DxggNZDx5
okQ7kZpb0dC2TuSbUd4At9NyAn9XknfFi00YnwS90ED1fwHG6tqKgPQW1KzglYon
MZvQeKQflRIbZZOpR8vyKzJmqVCFNjeKfpUdWaWyot4FgTDu6FftAuGEC+uJfY4C
Dvjz8DdKp8WTDYy/ifgQzgzbc0VsZDRsqEtBoM0RBXWQzaQ3CRbHHUWVYPYU6nQv
JE/RjTzR/Ew86XLxaqkE3KUukwDjRHnSVhkbpg99qNkSuMhFYpbb1Lkj9oBYF0yo
yJzpdnvyLp5UK9v53RBR7yU29s/u4YR9DDRHN0/4au20
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:49 2024 by rpki-client on console-fra.rpki-client.org