Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/aBsfDLzA_J6lKswYFB6-SKOna6A.roa
File: aBsfDLzA_J6lKswYFB6-SKOna6A.roa (raw, json)
Hash identifier: LNYyAR2c6NImFAXMvaqALQO4dvZ/8youp5j311YVMEQ=
Subject key identifier: 68:1B:1F:0C:BC:C0:FC:9E:A5:2A:CC:18:14:1E:BE:48:A3:A7:6B:A0
Certificate issuer: /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial: 01877CB9748944D06141A6220DB40B635F88
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/aBsfDLzA_J6lKswYFB6-SKOna6A.roa
Signing time: Thu 13 Apr 2023 22:25:41 +0000
ROA not before: Thu 13 Apr 2023 22:25:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39810
IP address blocks: 89.187.0.0/23 maxlen: 24
89.187.2.0/24 maxlen: 24
89.187.3.0/24 maxlen: 24
2a10:e400::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 13 Apr 2023 22:41:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7c:b9:74:89:44:d0:61:41:a6:22:0d:b4:0b:63:5f:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Validity
Not Before: Apr 13 22:25:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=681b1f0cbcc0fc9ea52acc18141ebe48a3a76ba0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a4:5b:14:70:3c:f2:50:7b:55:ab:6a:f4:76:
85:16:25:c0:b5:4b:4e:03:02:d3:5f:ca:f4:d4:f6:
86:72:5c:a8:e0:5b:d8:5f:8f:69:c3:d3:2d:e4:d0:
2a:01:43:b5:93:5c:e3:16:e7:5a:01:98:95:59:20:
c3:59:2c:03:d0:32:59:99:88:ed:5e:9a:4a:96:5a:
8c:0d:bd:5f:9d:56:41:81:e3:9b:13:f3:50:e9:67:
77:83:0a:2f:64:39:67:16:29:a7:00:83:ef:af:ba:
73:f8:e4:c9:fe:98:fb:1f:f4:7e:e8:af:e4:08:36:
d6:b8:47:ce:9a:54:0c:ef:87:97:30:18:5e:a4:98:
2b:50:0e:b7:9a:10:ee:84:c7:a6:d3:42:50:35:ae:
2b:24:2f:f9:41:41:d7:74:52:88:8d:30:9a:7a:c2:
19:c7:47:12:d1:8f:1a:fc:29:ed:71:9a:5c:88:82:
39:f9:f4:a6:8a:c1:69:84:25:78:de:c1:96:e5:fb:
65:0a:08:fd:c9:e1:c7:98:ae:d3:48:2c:98:5b:bd:
01:38:03:d2:d0:9c:ee:aa:77:86:ee:00:04:b4:9a:
8f:fa:bb:54:8e:b9:38:48:b0:0f:4a:cd:7c:25:16:
cb:ce:5c:27:57:83:b2:33:89:96:b3:d3:08:df:92:
fa:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:1B:1F:0C:BC:C0:FC:9E:A5:2A:CC:18:14:1E:BE:48:A3:A7:6B:A0
X509v3 Authority Key Identifier:
keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/aBsfDLzA_J6lKswYFB6-SKOna6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.187.0.0/22
IPv6:
2a10:e400::/29
Signature Algorithm: sha256WithRSAEncryption
2b:bf:08:de:58:3e:69:33:1a:69:32:d1:f4:e7:e7:0a:4e:de:
fc:9e:df:32:65:c1:ec:af:d1:d7:18:13:63:e4:5c:5c:fd:40:
7d:aa:c0:5a:a2:f0:dd:f5:28:d9:c2:52:c4:1a:61:cc:9a:e6:
2f:30:2e:f2:2c:9a:31:e0:12:dd:4b:a2:85:e3:5d:9b:cd:79:
0a:f7:60:bc:ba:32:4a:e3:67:ed:42:d6:49:a3:ca:ad:47:c9:
34:ea:d2:00:58:ef:b2:28:14:8c:16:c0:da:7a:b8:3a:93:cd:
d3:84:63:63:ea:fa:fb:32:12:ff:00:be:d1:42:ed:b0:3b:08:
2b:97:c8:08:c9:77:4f:ea:f5:0d:9c:ee:34:45:e4:93:6b:f0:
f8:b9:7d:3c:46:f0:3e:36:6b:6f:8e:95:6e:40:b8:be:a0:82:
bd:1e:40:6f:a0:7b:f9:dd:56:6c:d6:da:57:69:10:69:3d:0f:
b5:a2:8f:77:0f:c6:e9:ec:51:6e:48:5d:03:bb:f8:7b:8d:47:
f0:0d:af:13:12:d5:93:2f:a6:84:78:14:76:3b:01:3e:e2:c4:
ed:03:4b:42:4f:c2:5a:f4:c0:bf:95:3e:a4:d1:b3:0e:97:d1:
a9:eb:f8:ae:9d:82:aa:da:af:51:79:de:b8:2e:ae:29:16:46:
80:0e:c2:10
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYd8uXSJRNBhQaYiDbQLY1+IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjMwNDEzMjIyNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODFiMWYwY2JjYzBmYzllYTUyYWNjMTgxNDFlYmU0OGEzYTc2YmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6RbFHA88lB7Vatq9HaFFiXAtUtO
AwLTX8r01PaGclyo4FvYX49pw9Mt5NAqAUO1k1zjFudaAZiVWSDDWSwD0DJZmYjt
XppKllqMDb1fnVZBgeObE/NQ6Wd3gwovZDlnFimnAIPvr7pz+OTJ/pj7H/R+6K/k
CDbWuEfOmlQM74eXMBhepJgrUA63mhDuhMem00JQNa4rJC/5QUHXdFKIjTCaesIZ
x0cS0Y8a/CntcZpciII5+fSmisFphCV43sGW5ftlCgj9yeHHmK7TSCyYW70BOAPS
0JzuqneG7gAEtJqP+rtUjrk4SLAPSs18JRbLzlwnV4OyM4mWs9MI35L6LQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGgbHwy8wPyepSrMGBQevkijp2ugMB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvYUJzZkRMekFfSjZsS3N3WUZCNi1TS09uYTZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCWbsAMA0E
AgACMAcDBQMqEOQAMA0GCSqGSIb3DQEBCwUAA4IBAQArvwjeWD5pMxppMtH05+cK
Tt78nt8yZcHsr9HXGBNj5Fxc/UB9qsBaovDd9SjZwlLEGmHMmuYvMC7yLJox4BLd
S6KF412bzXkK92C8ujJK42ftQtZJo8qtR8k06tIAWO+yKBSMFsDaerg6k83ThGNj
6vr7MhL/AL7RQu2wOwgrl8gIyXdP6vUNnO40ReSTa/D4uX08RvA+NmtvjpVuQLi+
oIK9HkBvoHv53VZs1tpXaRBpPQ+1oo93D8bp7FFuSF0Du/h7jUfwDa8TEtWTL6aE
eBR2OwE+4sTtA0tCT8Ja9MC/lT6k0bMOl9Gp6/iunYKq2q9Red64Lq4pFkaADsIQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:49 2024 by rpki-client on console-fra.rpki-client.org