Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/h3mTfGxxHEajbU6tbcCKh8lgXmA.roa
File: h3mTfGxxHEajbU6tbcCKh8lgXmA.roa (raw, json)
Hash identifier: zSmrXyYw7TPHmM8cyh6r+4u9GFJfgez24A1k0yEYsWo=
Subject key identifier: 87:79:93:7C:6C:71:1C:46:A3:6D:4E:AD:6D:C0:8A:87:C9:60:5E:60
Certificate issuer: /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial: 019044B85999370923A52E0167D1EE8CA039
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/h3mTfGxxHEajbU6tbcCKh8lgXmA.roa
Signing time: Sun 23 Jun 2024 10:50:50 +0000
ROA not before: Sun 23 Jun 2024 10:50:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14445
IP address blocks: 89.187.24.0/24 maxlen: 24
89.187.25.0/24 maxlen: 24
89.187.26.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Aug 2024 14:51:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:44:b8:59:99:37:09:23:a5:2e:01:67:d1:ee:8c:a0:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Validity
Not Before: Jun 23 10:50:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8779937c6c711c46a36d4ead6dc08a87c9605e60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:17:87:07:df:53:83:91:d8:5d:19:41:e0:29:
9a:ef:11:2a:0f:2a:cd:bc:49:dc:53:22:68:88:3f:
da:ee:17:c2:e6:73:79:17:bf:2e:15:d3:0e:6c:45:
50:ee:cd:f1:73:c2:e9:09:c6:13:82:94:8c:a4:d4:
be:84:29:7f:0d:75:15:91:90:b2:37:b6:39:52:1c:
a9:0a:0e:84:4f:70:ed:8e:f9:6c:db:d7:aa:1b:b8:
a5:ca:2d:99:2c:0e:e1:40:28:e4:8e:75:25:f6:d7:
e7:9c:03:9e:d9:c0:84:fd:e1:fa:24:3d:05:27:df:
cf:28:62:c4:ca:ef:f0:51:63:de:af:30:3c:85:6f:
cc:ea:e1:16:68:1a:3a:c0:79:48:88:16:cf:29:20:
19:1a:a0:b0:7a:49:96:f7:7b:ee:cf:5a:ce:ce:9e:
91:b6:24:35:33:a5:3c:d3:a2:c6:f6:a4:9c:0e:f9:
21:98:3b:54:1e:f0:6a:93:4d:17:3b:b0:7a:ad:9b:
b2:9d:bb:93:6c:5d:35:d4:bb:23:19:42:17:c3:3b:
72:e4:f5:ed:4d:56:3c:b1:04:33:31:a5:9f:b0:49:
01:bf:46:59:66:12:1a:6e:d5:47:8f:ea:d6:42:23:
1b:70:b3:4a:3b:5b:c0:25:04:2d:32:63:46:fa:86:
5c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:79:93:7C:6C:71:1C:46:A3:6D:4E:AD:6D:C0:8A:87:C9:60:5E:60
X509v3 Authority Key Identifier:
keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/h3mTfGxxHEajbU6tbcCKh8lgXmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.187.24.0-89.187.26.255
Signature Algorithm: sha256WithRSAEncryption
2b:35:a3:a6:c0:9d:79:85:43:fc:66:d5:04:87:31:0a:28:d0:
3f:9d:b8:6a:ed:f6:2f:01:d5:18:63:1f:81:ab:6f:1e:03:86:
e7:15:5c:10:e0:79:e7:9f:15:58:ce:da:91:ff:79:9d:7c:a7:
5c:a2:b5:f2:9a:aa:0f:4e:f6:10:ba:7e:64:f4:a2:be:75:82:
dc:11:2c:ec:5f:4e:af:a5:79:40:f0:98:59:ba:05:42:d8:55:
0f:44:e5:29:a1:d9:a4:fd:65:07:50:ed:2e:5e:77:5e:8d:e3:
36:e0:83:41:3b:78:65:17:67:36:dd:5f:39:34:3d:57:df:0e:
9a:cc:6a:66:2c:56:07:bb:ea:5c:8b:f3:ff:c5:3d:2e:00:84:
4d:c6:62:e6:39:50:ff:e0:ad:bd:b3:4b:00:6e:06:df:43:68:
af:2d:b8:f4:59:ca:fb:73:9e:11:a0:c3:0f:23:84:85:e2:e9:
b7:58:d0:7b:73:be:09:13:b2:8f:ee:f4:51:ac:08:ab:5c:ba:
45:96:87:e5:4f:c6:c4:cb:ed:44:2d:db:80:b8:0d:ac:5d:79:
ad:30:73:0f:d4:37:ef:48:16:73:71:3f:1b:82:1f:08:d7:8f:
ab:5b:14:b9:ef:6e:4e:d9:b4:21:b2:54:fe:db:4c:d1:1d:7e:
2b:ed:ec:52
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZBEuFmZNwkjpS4BZ9HujKA5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjQwNjIzMTA1MDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Nzc5OTM3YzZjNzExYzQ2YTM2ZDRlYWQ2ZGMwOGE4N2M5NjA1ZTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBeHB99Tg5HYXRlB4Cma7xEqDyrN
vEncUyJoiD/a7hfC5nN5F78uFdMObEVQ7s3xc8LpCcYTgpSMpNS+hCl/DXUVkZCy
N7Y5UhypCg6ET3Dtjvls29eqG7ilyi2ZLA7hQCjkjnUl9tfnnAOe2cCE/eH6JD0F
J9/PKGLEyu/wUWPerzA8hW/M6uEWaBo6wHlIiBbPKSAZGqCwekmW93vuz1rOzp6R
tiQ1M6U806LG9qScDvkhmDtUHvBqk00XO7B6rZuynbuTbF011LsjGUIXwzty5PXt
TVY8sQQzMaWfsEkBv0ZZZhIabtVHj+rWQiMbcLNKO1vAJQQtMmNG+oZcqwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFId5k3xscRxGo21OrW3AiofJYF5gMB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvaDNtVGZHeHhIRWFqYlU2dGJjQ0toOGxnWG1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANZuxgD
BABZuxowDQYJKoZIhvcNAQELBQADggEBACs1o6bAnXmFQ/xm1QSHMQoo0D+duGrt
9i8B1RhjH4Grbx4DhucVXBDgeeefFVjO2pH/eZ18p1yitfKaqg9O9hC6fmT0or51
gtwRLOxfTq+leUDwmFm6BULYVQ9E5Smh2aT9ZQdQ7S5ed16N4zbgg0E7eGUXZzbd
Xzk0PVffDprMamYsVge76lyL8//FPS4AhE3GYuY5UP/grb2zSwBuBt9DaK8tuPRZ
yvtznhGgww8jhIXi6bdY0HtzvgkTso/u9FGsCKtcukWWh+VPxsTL7UQt24C4Daxd
ea0wcw/UN+9IFnNxPxuCHwjXj6tbFLnvbk7ZtCGyVP7bTNEdfivt7FI=
-----END CERTIFICATE-----
Generated at Thu Aug 22 20:36:33 2024 by rpki-client on console-ams.rpki-client.org