Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/gBlzHwKOpRF2eO7Kn-334tWv-js.roa
File: gBlzHwKOpRF2eO7Kn-334tWv-js.roa (raw, json)
Hash identifier: udayikZE9+fcb3ipRKEHCp/nAemB9+RWG044LvjQRzE=
Subject key identifier: 80:19:73:1F:02:8E:A5:11:76:78:EE:CA:9F:ED:F7:E2:D5:AF:FA:3B
Certificate issuer: /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial: 0187AA5E55253CC0F87C1D12C10E73B7BD5D
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/gBlzHwKOpRF2eO7Kn-334tWv-js.roa
Signing time: Sat 22 Apr 2023 19:08:41 +0000
ROA not before: Sat 22 Apr 2023 19:08:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39810
IP address blocks: 89.187.0.0/23 maxlen: 24
89.187.4.0/24 maxlen: 24
89.187.2.0/24 maxlen: 24
89.187.3.0/24 maxlen: 24
2a10:e400::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 04 Sep 2023 15:28:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:aa:5e:55:25:3c:c0:f8:7c:1d:12:c1:0e:73:b7:bd:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Validity
Not Before: Apr 22 19:08:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8019731f028ea5117678eeca9fedf7e2d5affa3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ac:c1:50:82:9e:b8:68:3a:4b:29:b7:30:26:
05:c8:d6:2e:8b:92:39:f7:88:1e:28:30:d6:07:5c:
73:39:1d:87:6a:75:4f:73:76:38:d0:d1:34:d2:e0:
59:70:35:1b:ae:5b:12:e8:fe:8d:c3:ed:0c:14:96:
7a:f6:49:26:c4:2b:5f:0e:25:ba:d2:e1:33:7f:f1:
a2:58:76:a3:e8:47:aa:4c:ea:c3:9a:9d:87:81:cd:
0c:3d:5c:fc:de:5c:5f:ae:d3:4f:de:0c:11:43:59:
56:b6:11:db:40:05:c4:80:94:14:3e:23:c9:5f:13:
40:13:80:a7:69:ec:3a:7b:16:a4:ea:86:90:32:e7:
09:e4:69:89:b5:83:d8:ce:82:e8:f4:57:f2:ef:8f:
33:db:8e:b9:c3:11:72:01:43:c9:a2:25:c2:97:6e:
57:35:2c:22:f2:55:1c:0a:b9:0e:af:be:29:a7:f0:
d3:e6:53:34:ae:ef:da:86:15:fe:aa:27:63:95:a9:
28:83:34:01:c7:59:7a:2a:b3:60:ca:95:d4:01:e2:
86:42:3c:e3:91:e3:f8:fb:3f:6f:90:fb:32:a9:2a:
b3:01:76:77:e5:ed:3b:29:e8:5b:a9:73:4e:80:9e:
ea:a7:8b:6f:b7:c4:78:bb:7d:da:be:3e:c5:86:3a:
48:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:19:73:1F:02:8E:A5:11:76:78:EE:CA:9F:ED:F7:E2:D5:AF:FA:3B
X509v3 Authority Key Identifier:
keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/gBlzHwKOpRF2eO7Kn-334tWv-js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.187.0.0-89.187.4.255
IPv6:
2a10:e400::/29
Signature Algorithm: sha256WithRSAEncryption
03:d9:75:0d:d3:7a:f7:40:0d:ae:2e:13:68:a1:f1:35:66:31:
6a:04:75:94:f5:ce:51:54:39:45:1f:4d:d1:3f:01:15:9f:3a:
17:bc:b0:9e:2b:07:d0:6e:51:2c:10:d1:ec:fc:a4:56:2b:2c:
b7:f6:e6:d5:0f:86:d3:b8:cb:ce:04:45:62:34:8c:c3:bf:8d:
18:24:88:a9:61:85:ff:4b:8d:dd:31:08:9e:21:ff:46:e5:90:
ef:c0:90:a3:92:dc:38:83:ba:df:65:22:a5:e8:6e:ae:7e:0b:
a1:47:6a:53:73:a4:ab:e6:99:ab:69:a4:3d:3b:73:08:0f:ec:
df:59:0f:7b:b4:99:31:ed:99:0f:e2:6f:46:69:4a:8a:1e:4b:
e7:5d:fc:4f:59:d1:6f:2a:ec:a5:70:4d:45:49:b8:e0:dc:5e:
ae:96:7d:18:b5:e6:04:75:0c:aa:20:4c:a4:f8:1c:14:69:dc:
ff:18:96:7a:4f:66:04:c2:17:6c:5f:94:6d:8c:d1:57:ac:54:
c4:76:9e:4a:30:6d:f1:92:ec:1c:dc:6f:b2:96:02:52:d9:6d:
f9:75:eb:ea:50:30:eb:1d:b4:10:3c:25:42:9e:1e:95:fa:55:
d0:30:5d:5a:e8:5c:74:50:e1:f9:c5:8a:e6:45:ee:b9:70:54:
de:36:88:48
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYeqXlUlPMD4fB0SwQ5zt71dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjMwNDIyMTkwODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDE5NzMxZjAyOGVhNTExNzY3OGVlY2E5ZmVkZjdlMmQ1YWZmYTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKzBUIKeuGg6Sym3MCYFyNYui5I5
94geKDDWB1xzOR2HanVPc3Y40NE00uBZcDUbrlsS6P6Nw+0MFJZ69kkmxCtfDiW6
0uEzf/GiWHaj6EeqTOrDmp2Hgc0MPVz83lxfrtNP3gwRQ1lWthHbQAXEgJQUPiPJ
XxNAE4Cnaew6exak6oaQMucJ5GmJtYPYzoLo9Ffy748z2465wxFyAUPJoiXCl25X
NSwi8lUcCrkOr74pp/DT5lM0ru/ahhX+qidjlakogzQBx1l6KrNgypXUAeKGQjzj
keP4+z9vkPsyqSqzAXZ35e07KehbqXNOgJ7qp4tvt8R4u33avj7FhjpIUQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFIAZcx8CjqURdnjuyp/t9+LVr/o7MB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvZ0Jsekh3S09wUkYyZU83S24tMzM0dFd2LWpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDATBAIAATANMAsDAwBZuwME
AFm7BDANBAIAAjAHAwUDKhDkADANBgkqhkiG9w0BAQsFAAOCAQEAA9l1DdN690AN
ri4TaKHxNWYxagR1lPXOUVQ5RR9N0T8BFZ86F7ywnisH0G5RLBDR7PykVisst/bm
1Q+G07jLzgRFYjSMw7+NGCSIqWGF/0uN3TEIniH/RuWQ78CQo5LcOIO632Uipehu
rn4LoUdqU3Okq+aZq2mkPTtzCA/s31kPe7SZMe2ZD+JvRmlKih5L5138T1nRbyrs
pXBNRUm44NxerpZ9GLXmBHUMqiBMpPgcFGnc/xiWek9mBMIXbF+UbYzRV6xUxHae
SjBt8ZLsHNxvspYCUtlt+XXr6lAw6x20EDwlQp4elfpV0DBdWuhcdFDh+cWK5kXu
uXBU3jaISA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:49 2024 by rpki-client on console-fra.rpki-client.org