Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/emPz4KnPloBmt2wenQQHo9mQXKU.roa
File: emPz4KnPloBmt2wenQQHo9mQXKU.roa (raw, json)
Hash identifier: xSdJLc+pwklWuiICTPOLdGJ8DCaS9p7TtMYZayDXEK4=
Subject key identifier: 7A:63:F3:E0:A9:CF:96:80:66:B7:6C:1E:9D:04:07:A3:D9:90:5C:A5
Certificate issuer: /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial: 0191AD44A515005C01CF0552B32874E7977F
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/emPz4KnPloBmt2wenQQHo9mQXKU.roa
Signing time: Sun 01 Sep 2024 11:07:22 +0000
ROA not before: Sun 01 Sep 2024 11:07:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.187.24.0/24 maxlen: 24
89.187.25.0/24 maxlen: 24
89.187.26.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Sep 2024 09:39:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ad:44:a5:15:00:5c:01:cf:05:52:b3:28:74:e7:97:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Validity
Not Before: Sep 1 11:07:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a63f3e0a9cf968066b76c1e9d0407a3d9905ca5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:43:5c:5b:d0:18:48:7e:16:e0:82:50:4b:23:
68:e5:76:db:2f:ba:bf:64:b0:c8:f4:0c:45:20:bd:
cb:d1:e1:7c:90:e2:67:31:89:b7:c5:47:03:c4:e9:
9e:ea:fa:17:9e:2e:fe:16:41:a0:10:7b:50:87:33:
06:bf:7f:29:07:4c:f0:fa:45:d4:f2:a9:0d:5f:f4:
cc:91:36:c1:84:2c:8c:d1:8f:f2:ca:74:0d:e9:79:
ed:b2:ec:94:c3:5b:29:c2:6c:0d:da:e0:92:b4:3d:
60:84:d5:f6:78:37:4a:3f:4a:14:6c:3d:75:3d:7a:
f4:39:20:46:a3:1f:2c:33:55:2a:7e:fa:01:5e:ae:
10:19:bf:85:54:4a:ac:a9:84:6a:32:d0:02:70:b5:
c9:b2:2e:6b:a1:48:fb:22:36:14:90:95:cb:f7:f6:
64:ae:02:df:b3:80:b8:04:ba:db:35:9c:14:a8:6c:
19:78:86:3d:96:9b:d0:24:00:fb:84:c2:7f:63:fe:
48:b2:6b:00:b9:8f:19:75:47:c4:77:f5:3a:bf:d8:
34:5c:a6:d8:bb:2c:87:6a:08:6f:b6:c0:c7:99:4e:
f1:98:fe:35:68:df:78:c0:32:56:71:cf:48:bf:a2:
fd:a7:8d:94:a0:a2:6c:99:ba:25:24:59:6d:6b:0e:
94:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:63:F3:E0:A9:CF:96:80:66:B7:6C:1E:9D:04:07:A3:D9:90:5C:A5
X509v3 Authority Key Identifier:
keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/emPz4KnPloBmt2wenQQHo9mQXKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.187.24.0-89.187.26.255
Signature Algorithm: sha256WithRSAEncryption
33:1b:3a:73:89:d8:8e:01:b4:3c:c6:54:a0:60:13:11:2c:e3:
6a:e1:9e:bc:c3:e7:93:4b:2c:3d:93:a0:d0:f7:25:46:4d:ba:
65:05:3d:e2:12:86:44:79:f2:37:cd:b7:fd:e4:5d:c5:e3:43:
8d:cb:81:ae:e4:d0:48:3f:fa:59:6b:e3:69:cb:22:6e:74:16:
61:c2:b9:cc:af:f4:9b:ef:31:58:44:f2:ab:89:33:d1:a7:96:
3f:df:f2:5d:2f:dd:94:77:63:a5:82:76:26:eb:4a:92:a8:44:
c3:02:3f:dc:0b:7a:36:fe:32:bf:70:04:b8:14:bf:94:19:3c:
97:f8:3b:80:8c:48:09:42:51:0b:bf:94:cd:96:1d:1b:c0:6a:
59:dd:47:34:37:da:d3:de:8b:91:36:0c:6c:ef:e9:9c:ed:67:
a0:e6:f5:7d:8c:2e:2b:3a:03:5e:c8:aa:4e:83:eb:a9:12:4e:
6b:36:5e:ce:ae:85:62:a7:21:aa:73:99:e3:79:12:bc:f5:48:
ca:4f:ec:20:95:86:4b:02:88:06:68:72:fe:16:a1:cf:05:05:
dc:d0:9d:10:8b:86:2b:a5:2a:81:80:48:d9:2b:cf:57:c3:c7:
88:7d:c2:48:fd:90:f1:13:ef:de:37:14:39:fe:b5:3e:c3:31:
e3:25:0a:e8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZGtRKUVAFwBzwVSsyh055d/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjQwOTAxMTEwNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTYzZjNlMGE5Y2Y5NjgwNjZiNzZjMWU5ZDA0MDdhM2Q5OTA1Y2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0NcW9AYSH4W4IJQSyNo5XbbL7q/
ZLDI9AxFIL3L0eF8kOJnMYm3xUcDxOme6voXni7+FkGgEHtQhzMGv38pB0zw+kXU
8qkNX/TMkTbBhCyM0Y/yynQN6XntsuyUw1spwmwN2uCStD1ghNX2eDdKP0oUbD11
PXr0OSBGox8sM1UqfvoBXq4QGb+FVEqsqYRqMtACcLXJsi5roUj7IjYUkJXL9/Zk
rgLfs4C4BLrbNZwUqGwZeIY9lpvQJAD7hMJ/Y/5IsmsAuY8ZdUfEd/U6v9g0XKbY
uyyHaghvtsDHmU7xmP41aN94wDJWcc9Iv6L9p42UoKJsmbolJFltaw6U6QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHpj8+Cpz5aAZrdsHp0EB6PZkFylMB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvZW1QejRLblBsb0JtdDJ3ZW5RUUhvOW1RWEtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANZuxgD
BABZuxowDQYJKoZIhvcNAQELBQADggEBADMbOnOJ2I4BtDzGVKBgExEs42rhnrzD
55NLLD2ToND3JUZNumUFPeIShkR58jfNt/3kXcXjQ43Lga7k0Eg/+llr42nLIm50
FmHCucyv9JvvMVhE8quJM9Gnlj/f8l0v3ZR3Y6WCdibrSpKoRMMCP9wLejb+Mr9w
BLgUv5QZPJf4O4CMSAlCUQu/lM2WHRvAalndRzQ32tPei5E2DGzv6ZztZ6Dm9X2M
Lis6A17Iqk6D66kSTms2Xs6uhWKnIapzmeN5Erz1SMpP7CCVhksCiAZocv4Woc8F
BdzQnRCLhiulKoGASNkrz1fDx4h9wkj9kPET7943FDn+tT7DMeMlCug=
-----END CERTIFICATE-----
Generated at Wed Sep 4 12:08:43 2024 by rpki-client on console-fra.rpki-client.org