Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/xmbTZvft5_bE4Dmm1uaFfIPx1ss.roa
File: xmbTZvft5_bE4Dmm1uaFfIPx1ss.roa (raw, json)
Hash identifier: dL1ZiTY+Uzii+2gaERhpAp2mnOaQoQpUwiP3Sl7jaFk=
Subject key identifier: C6:66:D3:66:F7:ED:E7:F6:C4:E0:39:A6:D6:E6:85:7C:83:F1:D6:CB
Certificate issuer: /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial: 0187DC053B0384ED423DD559E9A6FFB07345
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/xmbTZvft5_bE4Dmm1uaFfIPx1ss.roa
Signing time: Tue 02 May 2023 10:32:22 +0000
ROA not before: Tue 02 May 2023 10:32:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56913
IP address blocks: 89.187.16.0/24 maxlen: 24
89.187.20.0/24 maxlen: 24
89.187.28.0/24 maxlen: 24
89.187.30.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 May 2023 08:05:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:dc:05:3b:03:84:ed:42:3d:d5:59:e9:a6:ff:b0:73:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Validity
Not Before: May 2 10:32:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c666d366f7ede7f6c4e039a6d6e6857c83f1d6cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8d:c8:88:e6:37:3d:e8:60:e9:8e:15:91:7a:
7b:8a:36:17:7b:64:06:57:fe:3c:fe:89:8f:74:d6:
17:4f:a5:ab:65:4b:08:3e:94:ee:ab:23:07:cc:b4:
25:2b:29:8c:b2:58:a2:c1:d6:10:30:8f:a0:c9:ec:
fd:cb:3a:a0:3b:32:ac:20:0a:e3:37:72:1f:2e:6e:
97:4e:ce:c8:41:54:dd:2a:dc:56:07:41:b3:f9:b0:
96:6b:03:6e:3b:1c:7e:d2:4d:f8:6e:d2:fc:ac:a4:
13:d4:d6:92:99:ad:ea:22:be:a3:c0:65:e0:ba:40:
2f:ba:ee:ff:c0:20:93:22:c2:ab:04:b5:24:9c:17:
7e:bb:47:15:33:53:85:f6:fd:02:0d:b9:bc:bb:9d:
6f:39:2f:56:f7:75:a6:29:11:f9:be:24:45:e3:7a:
0b:b7:fc:cd:ad:5c:01:57:ff:43:25:db:37:dc:f5:
01:14:ff:ad:ef:b4:a9:24:5d:e7:f0:f1:2f:fa:99:
1b:ba:c8:89:ba:fa:a8:40:b8:54:10:1f:65:77:fa:
3c:d1:85:8e:33:f5:a3:63:fa:80:1a:71:db:dd:1a:
fb:44:29:b0:43:86:e6:86:d6:aa:8f:5f:aa:a9:40:
3e:b2:63:2d:8e:12:26:84:a0:3f:00:0d:4e:57:07:
98:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:66:D3:66:F7:ED:E7:F6:C4:E0:39:A6:D6:E6:85:7C:83:F1:D6:CB
X509v3 Authority Key Identifier:
keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/xmbTZvft5_bE4Dmm1uaFfIPx1ss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.187.16.0/24
89.187.20.0/24
89.187.28.0/24
89.187.30.0/24
Signature Algorithm: sha256WithRSAEncryption
33:fc:e8:40:b4:f3:fb:6b:26:b7:d7:39:58:8a:47:c1:dd:76:
b5:7c:54:32:97:91:8b:93:ff:a7:0c:9b:bf:c0:8e:03:64:60:
68:d4:12:a3:10:30:70:a3:d1:ff:a0:ee:26:81:c6:5b:c1:e9:
56:42:1f:33:45:cb:6b:a1:32:7c:a8:a9:6b:94:98:2e:66:96:
46:e8:06:bb:b2:06:29:4e:da:08:33:fb:ab:ad:0a:c4:21:04:
fc:37:65:13:32:74:18:5e:e5:bd:eb:31:ed:ec:e9:84:e9:fb:
48:67:26:9b:7b:12:02:b4:45:ab:db:34:39:b9:4c:a7:2c:62:
20:4c:a4:f8:a9:da:f1:62:c9:4a:f3:87:c8:7d:bd:bb:ed:24:
70:1e:75:8c:0a:43:fd:c9:33:78:d7:29:f3:77:e2:43:b6:77:
24:6c:ec:f3:e6:bc:cf:55:d8:47:95:86:90:14:eb:b1:4f:42:
7a:29:0e:e5:62:cf:97:b2:fc:cd:ab:f0:57:97:17:75:54:8b:
2d:7c:7b:95:a9:b8:fa:17:5d:b4:2c:0d:71:e5:42:28:b9:c9:
18:83:6c:94:22:41:db:70:d9:76:64:98:71:db:32:d0:c8:e8:
3c:e2:ce:a9:cd:83:34:e5:a0:80:be:91:e1:69:b7:47:2d:9c:
c1:3a:77:bd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYfcBTsDhO1CPdVZ6ab/sHNFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjMwNTAyMTAzMjIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjY2ZDM2NmY3ZWRlN2Y2YzRlMDM5YTZkNmU2ODU3YzgzZjFkNmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArY3IiOY3Pehg6Y4VkXp7ijYXe2QG
V/48/omPdNYXT6WrZUsIPpTuqyMHzLQlKymMsliiwdYQMI+gyez9yzqgOzKsIArj
N3IfLm6XTs7IQVTdKtxWB0Gz+bCWawNuOxx+0k34btL8rKQT1NaSma3qIr6jwGXg
ukAvuu7/wCCTIsKrBLUknBd+u0cVM1OF9v0CDbm8u51vOS9W93WmKRH5viRF43oL
t/zNrVwBV/9DJds33PUBFP+t77SpJF3n8PEv+pkbusiJuvqoQLhUEB9ld/o80YWO
M/WjY/qAGnHb3Rr7RCmwQ4bmhtaqj1+qqUA+smMtjhImhKA/AA1OVweYAwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMZm02b37ef2xOA5ptbmhXyD8dbLMB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEveG1iVFp2ZnQ1X2JFNERtbTF1YUZmSVB4MXNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWbsQAwQA
WbsUAwQAWbscAwQAWbseMA0GCSqGSIb3DQEBCwUAA4IBAQAz/OhAtPP7aya31zlY
ikfB3Xa1fFQyl5GLk/+nDJu/wI4DZGBo1BKjEDBwo9H/oO4mgcZbwelWQh8zRctr
oTJ8qKlrlJguZpZG6Aa7sgYpTtoIM/urrQrEIQT8N2UTMnQYXuW96zHt7OmE6ftI
ZyabexICtEWr2zQ5uUynLGIgTKT4qdrxYslK84fIfb277SRwHnWMCkP9yTN41ynz
d+JDtnckbOzz5rzPVdhHlYaQFOuxT0J6KQ7lYs+XsvzNq/BXlxd1VIstfHuVqbj6
F120LA1x5UIouckYg2yUIkHbcNl2ZJhx2zLQyOg84s6pzYM05aCAvpHhabdHLZzB
One9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:03 2024 by rpki-client on console-ams.rpki-client.org