Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/pgOpZUxpIQ2hZmUA6VygSSjIq6c.roa
File: pgOpZUxpIQ2hZmUA6VygSSjIq6c.roa (raw, json)
Hash identifier: U/50kfWqCnY1U/WKRcXAYKWqVIWAKEoM1w5P4DgHzxI=
Subject key identifier: A6:03:A9:65:4C:69:21:0D:A1:66:65:00:E9:5C:A0:49:28:C8:AB:A7
Certificate issuer: /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial: 018CE8B6C37FC087B0687E2D063D241D74A4
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/pgOpZUxpIQ2hZmUA6VygSSjIq6c.roa
Signing time: Mon 08 Jan 2024 10:55:40 +0000
ROA not before: Mon 08 Jan 2024 10:55:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 89.187.23.0/24 maxlen: 24
89.187.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 31 Oct 2024 21:05:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e8:b6:c3:7f:c0:87:b0:68:7e:2d:06:3d:24:1d:74:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Validity
Not Before: Jan 8 10:55:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a603a9654c69210da1666500e95ca04928c8aba7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d4:c4:1a:f7:c2:8c:0f:c4:4f:cd:33:19:d2:
58:ad:31:dd:ea:00:96:d9:0b:4f:fa:d7:e8:f9:43:
e3:8d:51:90:a1:2f:0d:a0:4c:0d:8f:fe:b4:f7:c8:
f5:b3:90:3e:42:7e:0b:5f:54:df:b9:af:32:29:44:
e5:ba:d8:6d:2c:8d:44:23:7a:44:6a:90:89:82:51:
42:09:e6:6c:a6:d1:89:9a:a6:36:7e:19:06:87:24:
11:aa:72:b4:a3:04:cf:e5:2c:33:41:d8:d2:f7:16:
e4:51:10:20:36:09:4d:b2:44:a6:65:15:56:b4:6d:
b7:4d:38:75:d5:e6:b0:6b:35:33:8c:e9:58:a1:9f:
a9:85:1d:f9:f3:57:d3:8d:21:d4:9c:be:5e:47:8d:
74:7d:3f:ec:5c:b1:16:be:64:40:03:6d:b5:81:02:
5d:0b:8e:b8:4d:86:8f:e6:d4:cb:c0:ea:1d:55:1f:
7b:f4:5e:d8:b0:72:4b:a7:06:c9:a1:3e:cd:f8:2b:
af:5a:28:af:41:08:29:ad:6b:62:33:1c:5a:b9:2b:
b9:56:e3:8f:a8:cd:06:3f:e1:3b:ed:24:ed:cc:98:
9c:56:9c:92:da:b6:7c:0e:d4:b7:6c:7b:0a:33:ab:
58:15:9c:7c:1a:c2:5d:e9:1b:77:a7:ce:c8:4f:dd:
a9:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:03:A9:65:4C:69:21:0D:A1:66:65:00:E9:5C:A0:49:28:C8:AB:A7
X509v3 Authority Key Identifier:
keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/pgOpZUxpIQ2hZmUA6VygSSjIq6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.187.23.0/24
89.187.31.0/24
Signature Algorithm: sha256WithRSAEncryption
46:45:e3:96:6c:c9:58:99:bd:cf:4e:22:82:5e:f0:1e:e5:60:
9c:6e:ec:7b:bc:93:28:f3:ff:49:97:3f:1f:1b:d7:a8:9e:83:
e7:a5:06:8d:3b:63:ce:0a:67:94:fd:3b:92:32:b4:7f:b9:31:
f1:db:a7:10:2a:c2:ec:7f:36:10:71:c8:9f:53:ca:aa:10:93:
d8:89:20:dc:94:9e:ec:22:95:15:e1:6b:4e:bf:c1:b0:28:19:
1d:54:36:c1:ac:3e:33:f6:11:53:07:94:8e:89:1b:2a:f9:36:
c3:ed:94:7b:66:f0:c8:33:42:b7:73:77:bc:9f:54:f9:a8:15:
df:72:b8:13:36:0a:5b:99:c5:f6:57:4a:16:79:d4:17:8c:03:
57:69:bb:4b:7e:13:42:9b:45:c5:3a:88:7d:4f:50:17:e2:a0:
b3:c6:17:35:4a:c2:80:26:bc:42:ba:f0:6d:39:99:96:5f:e5:
9c:45:76:e1:03:87:d3:51:a3:ad:19:46:6b:87:8d:1f:62:a9:
56:1e:b3:b8:d1:fc:a0:fd:86:b3:a9:b9:28:b8:38:f6:36:62:
8e:62:82:00:d9:48:f8:13:f2:1c:c7:05:f7:7f:34:5e:fa:a4:
34:f0:5f:23:f3:b9:1d:d3:65:d8:f0:32:38:c4:42:bc:62:2e:
d2:ec:c6:87
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzotsN/wIewaH4tBj0kHXSkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjQwMTA4MTA1NTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjAzYTk2NTRjNjkyMTBkYTE2NjY1MDBlOTVjYTA0OTI4YzhhYmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltTEGvfCjA/ET80zGdJYrTHd6gCW
2QtP+tfo+UPjjVGQoS8NoEwNj/6098j1s5A+Qn4LX1Tfua8yKUTluthtLI1EI3pE
apCJglFCCeZsptGJmqY2fhkGhyQRqnK0owTP5SwzQdjS9xbkURAgNglNskSmZRVW
tG23TTh11eawazUzjOlYoZ+phR3581fTjSHUnL5eR410fT/sXLEWvmRAA221gQJd
C464TYaP5tTLwOodVR979F7YsHJLpwbJoT7N+CuvWiivQQgprWtiMxxauSu5VuOP
qM0GP+E77STtzJicVpyS2rZ8DtS3bHsKM6tYFZx8GsJd6Rt3p87IT92pkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKYDqWVMaSENoWZlAOlcoEkoyKunMB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvcGdPcFpVeHBJUTJoWm1VQTZWeWdTU2pJcTZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWbsXAwQA
WbsfMA0GCSqGSIb3DQEBCwUAA4IBAQBGReOWbMlYmb3PTiKCXvAe5WCcbux7vJMo
8/9Jlz8fG9eonoPnpQaNO2POCmeU/TuSMrR/uTHx26cQKsLsfzYQccifU8qqEJPY
iSDclJ7sIpUV4WtOv8GwKBkdVDbBrD4z9hFTB5SOiRsq+TbD7ZR7ZvDIM0K3c3e8
n1T5qBXfcrgTNgpbmcX2V0oWedQXjANXabtLfhNCm0XFOoh9T1AX4qCzxhc1SsKA
JrxCuvBtOZmWX+WcRXbhA4fTUaOtGUZrh40fYqlWHrO40fyg/YazqbkouDj2NmKO
YoIA2Uj4E/IcxwX3fzRe+qQ08F8j87kd02XY8DI4xEK8Yi7S7MaH
-----END CERTIFICATE-----
Generated at Thu Oct 31 22:59:13 2024 by rpki-client on console-fra.rpki-client.org