Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/YK8XQ-eyy9nLpuaOGHjWYXYDoUI.roa
File: YK8XQ-eyy9nLpuaOGHjWYXYDoUI.roa (raw, json)
Hash identifier: A6ulIEB13j7jcXCBJsts/dL1pfrLWEY83Cvekh86LZk=
Subject key identifier: 60:AF:17:43:E7:B2:CB:D9:CB:A6:E6:8E:18:78:D6:61:76:03:A1:42
Certificate issuer: /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial: 0191C2C8747A252336F435682314622D502E
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/YK8XQ-eyy9nLpuaOGHjWYXYDoUI.roa
Signing time: Thu 05 Sep 2024 15:23:22 +0000
ROA not before: Thu 05 Sep 2024 15:23:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.187.20.0/24 maxlen: 24
89.187.24.0/24 maxlen: 24
89.187.26.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Sep 2024 18:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c2:c8:74:7a:25:23:36:f4:35:68:23:14:62:2d:50:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Validity
Not Before: Sep 5 15:23:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60af1743e7b2cbd9cba6e68e1878d6617603a142
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3a:0a:42:dd:74:44:42:4a:ea:ed:9d:61:c0:
70:7d:d2:42:cc:eb:a9:2d:62:62:06:fe:5d:3f:19:
45:7c:85:b8:7c:09:29:05:0c:81:7b:66:3f:c6:66:
64:0d:8c:17:e4:fe:80:2b:74:ef:85:23:2e:e4:2f:
5c:02:e0:84:00:a0:65:0f:21:84:91:b0:9b:36:50:
56:5f:ec:6f:d8:fd:fe:7e:fb:7c:c3:15:12:f8:c0:
84:49:33:8f:a7:ca:67:09:2d:50:a0:a4:39:49:ef:
54:6d:1b:7a:16:56:66:24:87:4c:ec:ad:4d:88:8d:
7c:dc:b5:10:63:b2:71:0a:d1:79:31:8b:8d:a8:7c:
37:9e:bd:2f:19:e1:a6:a3:32:53:08:71:cf:fa:83:
7d:06:ce:47:22:56:ac:17:d6:a2:f0:97:48:6e:3e:
b5:23:35:ef:fb:c3:95:6a:29:27:3b:cd:04:40:0d:
7b:91:29:60:af:09:05:c8:5d:31:95:8c:36:fb:b3:
8f:14:6d:a2:65:5d:1e:48:84:28:68:71:3e:e8:9d:
2f:6d:2d:1b:19:fb:94:9a:0c:a8:97:ab:0a:07:4b:
f6:16:60:23:32:15:ca:cc:3a:22:c1:d9:0e:2d:8c:
5e:4d:54:d3:98:65:f0:12:23:66:8e:b2:67:27:41:
a2:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:AF:17:43:E7:B2:CB:D9:CB:A6:E6:8E:18:78:D6:61:76:03:A1:42
X509v3 Authority Key Identifier:
keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/YK8XQ-eyy9nLpuaOGHjWYXYDoUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.187.20.0/24
89.187.24.0/24
89.187.26.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:37:fd:63:7c:cd:69:31:1f:68:7b:43:04:e7:de:bb:b9:14:
e3:8d:cc:33:89:4e:fd:10:5d:0f:aa:42:80:28:b7:5f:84:e8:
c4:64:59:d2:dc:b5:71:c1:ad:2f:ab:e7:b1:62:f2:ca:a9:f1:
34:7a:a0:38:60:0e:6a:d2:2d:e9:0a:6d:7e:26:29:d3:b5:d4:
3d:92:3f:76:50:5f:1c:11:57:7e:2f:13:86:8c:e4:e4:27:02:
ad:28:e8:1b:ee:94:80:57:d9:aa:bd:dd:b2:3a:21:06:2f:ea:
6c:af:c9:55:c2:bb:f0:1f:7e:0d:ec:67:10:34:aa:17:da:90:
f5:97:40:98:73:3a:48:65:81:ce:8c:23:33:d5:8e:6b:45:c0:
2a:b1:b9:00:ed:cf:41:99:e6:62:8c:bf:58:0f:e7:84:6f:65:
93:d8:24:28:73:18:6f:74:1a:f8:7b:cb:53:17:ec:6b:c7:5f:
3a:9f:1f:0d:38:a2:00:18:f0:7d:a0:0a:94:21:99:83:32:6a:
12:b4:7f:57:51:fb:d5:c9:ae:e7:c9:5a:cc:23:7c:15:4b:b3:
fe:dc:fa:05:f4:b5:cd:7a:33:a6:47:bb:34:06:3a:55:0d:71:
66:4d:9f:5f:04:00:e1:c3:b0:77:43:e2:3e:dd:56:2d:63:62:
e3:88:90:e0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZHCyHR6JSM29DVoIxRiLVAuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjQwOTA1MTUyMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGFmMTc0M2U3YjJjYmQ5Y2JhNmU2OGUxODc4ZDY2MTc2MDNhMTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzoKQt10REJK6u2dYcBwfdJCzOup
LWJiBv5dPxlFfIW4fAkpBQyBe2Y/xmZkDYwX5P6AK3TvhSMu5C9cAuCEAKBlDyGE
kbCbNlBWX+xv2P3+fvt8wxUS+MCESTOPp8pnCS1QoKQ5Se9UbRt6FlZmJIdM7K1N
iI183LUQY7JxCtF5MYuNqHw3nr0vGeGmozJTCHHP+oN9Bs5HIlasF9ai8JdIbj61
IzXv+8OVaiknO80EQA17kSlgrwkFyF0xlYw2+7OPFG2iZV0eSIQoaHE+6J0vbS0b
GfuUmgyol6sKB0v2FmAjMhXKzDoiwdkOLYxeTVTTmGXwEiNmjrJnJ0GiJQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGCvF0PnssvZy6bmjhh41mF2A6FCMB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvWUs4WFEtZXl5OW5McHVhT0dIaldZWFlEb1VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWbsUAwQA
WbsYAwQAWbsaMA0GCSqGSIb3DQEBCwUAA4IBAQC2N/1jfM1pMR9oe0ME5967uRTj
jcwziU79EF0PqkKAKLdfhOjEZFnS3LVxwa0vq+exYvLKqfE0eqA4YA5q0i3pCm1+
JinTtdQ9kj92UF8cEVd+LxOGjOTkJwKtKOgb7pSAV9mqvd2yOiEGL+psr8lVwrvw
H34N7GcQNKoX2pD1l0CYczpIZYHOjCMz1Y5rRcAqsbkA7c9BmeZijL9YD+eEb2WT
2CQocxhvdBr4e8tTF+xrx186nx8NOKIAGPB9oAqUIZmDMmoStH9XUfvVya7nyVrM
I3wVS7P+3PoF9LXNejOmR7s0BjpVDXFmTZ9fBADhw7B3Q+I+3VYtY2LjiJDg
-----END CERTIFICATE-----
Generated at Tue Sep 10 20:38:13 2024 by rpki-client on console-ams.rpki-client.org