Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/cqIFYsMVMaOSWbrVzSinD4lgtKo.roa
File: cqIFYsMVMaOSWbrVzSinD4lgtKo.roa (raw, json)
Hash identifier: LEeBD9VwujS3pfms7keUsRXOOtgRGZulDJ4ZKjx/OWQ=
Subject key identifier: 72:A2:05:62:C3:15:31:A3:92:59:BA:D5:CD:28:A7:0F:89:60:B4:AA
Certificate issuer: /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial: 0187BA7AC8581D422BDC3D5D218FF9415977
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/cqIFYsMVMaOSWbrVzSinD4lgtKo.roa
Signing time: Tue 25 Apr 2023 22:13:41 +0000
ROA not before: Tue 25 Apr 2023 22:13:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 89.187.14.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ba:7a:c8:58:1d:42:2b:dc:3d:5d:21:8f:f9:41:59:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Validity
Not Before: Apr 25 22:13:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72a20562c31531a39259bad5cd28a70f8960b4aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:46:1a:60:4e:fb:1d:06:29:28:46:79:07:12:
f4:2d:ae:f9:bb:84:56:c6:e7:26:b1:6f:59:bb:9c:
1d:62:18:cb:c3:07:2c:90:47:30:ce:73:eb:0f:73:
b6:e7:7f:82:ac:5d:46:c6:dc:e6:14:8f:1b:5d:4b:
a6:8d:07:41:eb:5f:b8:30:ae:1d:af:58:7f:3b:96:
fa:64:7f:60:73:dc:58:7a:88:70:6f:e3:ce:59:3e:
f1:d3:00:77:1a:81:7a:f6:83:8b:08:95:b3:36:13:
b6:62:c2:df:1c:48:dc:7d:47:62:2a:4f:be:80:08:
71:39:dc:8e:ca:bc:ce:7d:78:00:aa:34:d5:89:04:
43:d6:0e:60:f7:ea:dc:58:2c:b3:7f:3f:3f:66:9a:
3e:8b:52:3d:2e:0c:96:9b:3c:b7:c2:d3:5e:34:49:
cb:9b:17:a1:e7:02:37:d9:17:75:d8:62:e8:2a:68:
1e:f5:d7:fb:fd:9d:dc:c7:5f:e5:54:3b:0c:bd:36:
34:cf:ec:c8:bb:af:9b:59:25:a4:94:6a:44:a0:ec:
f9:4f:b1:7c:b9:31:32:a3:b6:bd:ad:cb:b6:13:ce:
a6:e6:9e:3a:a7:26:ce:39:b3:96:30:a7:06:4d:60:
18:84:c5:fd:6a:59:47:2d:a3:67:ec:fe:10:b2:f2:
13:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:A2:05:62:C3:15:31:A3:92:59:BA:D5:CD:28:A7:0F:89:60:B4:AA
X509v3 Authority Key Identifier:
keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/cqIFYsMVMaOSWbrVzSinD4lgtKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.187.14.0/24
Signature Algorithm: sha256WithRSAEncryption
64:23:b0:d6:7c:34:4d:f6:e4:fa:e4:7d:9a:7d:75:5c:71:7b:
0a:20:fb:61:97:52:cc:88:09:c8:80:c7:8a:10:dd:b3:54:8b:
ab:c2:4e:64:16:31:6c:2b:a9:c3:02:c8:93:70:f8:73:93:6b:
02:39:42:2c:46:7c:41:46:de:05:43:ba:db:ea:de:07:60:8d:
8f:2e:65:ae:26:e0:be:a7:b7:a1:72:4b:29:83:b8:8c:b0:f4:
14:37:72:ab:ab:3e:5a:af:d1:27:ff:fb:9e:88:e8:5e:09:ca:
7f:d8:c4:93:b5:13:68:29:6e:d9:d3:d8:a3:cb:7b:95:b8:38:
fe:cb:12:e1:dd:5e:f9:27:34:9a:d4:d1:72:f1:b8:8c:6e:89:
41:55:56:5b:2f:13:4d:16:19:a7:59:b2:99:d0:74:8e:3c:e9:
e3:b7:29:ef:31:2e:29:85:d2:51:2e:35:b7:14:91:51:34:0b:
21:fe:c5:e0:11:d2:34:fd:b4:60:4c:d2:b2:7d:fa:64:9f:7b:
1b:50:80:57:ac:93:50:e5:b7:a7:fe:11:e5:78:0d:38:5f:ea:
ef:63:01:f3:25:10:b6:fc:f3:2a:db:57:4b:ee:c4:14:1a:21:
96:14:b5:7e:8c:ed:39:d8:44:1a:8f:6f:23:d2:78:bd:7c:b4:
24:37:58:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe6eshYHUIr3D1dIY/5QVl3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjMwNDI1MjIxMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmEyMDU2MmMzMTUzMWEzOTI1OWJhZDVjZDI4YTcwZjg5NjBiNGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEYaYE77HQYpKEZ5BxL0La75u4RW
xucmsW9Zu5wdYhjLwwcskEcwznPrD3O253+CrF1GxtzmFI8bXUumjQdB61+4MK4d
r1h/O5b6ZH9gc9xYeohwb+POWT7x0wB3GoF69oOLCJWzNhO2YsLfHEjcfUdiKk++
gAhxOdyOyrzOfXgAqjTViQRD1g5g9+rcWCyzfz8/Zpo+i1I9LgyWmzy3wtNeNEnL
mxeh5wI32Rd12GLoKmge9df7/Z3cx1/lVDsMvTY0z+zIu6+bWSWklGpEoOz5T7F8
uTEyo7a9rcu2E86m5p46pybOObOWMKcGTWAYhMX9allHLaNn7P4QsvIT8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHKiBWLDFTGjklm61c0opw+JYLSqMB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvY3FJRllzTVZNYU9TV2JyVnpTaW5ENGxndEtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWbsOMA0G
CSqGSIb3DQEBCwUAA4IBAQBkI7DWfDRN9uT65H2afXVccXsKIPthl1LMiAnIgMeK
EN2zVIurwk5kFjFsK6nDAsiTcPhzk2sCOUIsRnxBRt4FQ7rb6t4HYI2PLmWuJuC+
p7ehckspg7iMsPQUN3Krqz5ar9En//ueiOheCcp/2MSTtRNoKW7Z09ijy3uVuDj+
yxLh3V75JzSa1NFy8biMbolBVVZbLxNNFhmnWbKZ0HSOPOnjtynvMS4phdJRLjW3
FJFRNAsh/sXgEdI0/bRgTNKyffpkn3sbUIBXrJNQ5ben/hHleA04X+rvYwHzJRC2
/PMq21dL7sQUGiGWFLV+jO052EQaj28j0ni9fLQkN1gB
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:15 2023 by rpki-client on console-fra.rpki-client.org