Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/f0a67c-bd4f-4ddc-8c61-3fe7aea9e2e0/1/DU_cTTIAKeMVlGYql7NFi5N4kDU.roa
File: DU_cTTIAKeMVlGYql7NFi5N4kDU.roa (raw, json)
Hash identifier: wBSrqKqDDM0ApnKGbFY8leJmL/qvQbxhuLvmo3A/iDM=
Subject key identifier: 0D:4F:DC:4D:32:00:29:E3:15:94:66:2A:97:B3:45:8B:93:78:90:35
Certificate issuer: /CN=200b15e0783fe00f1b8a57bd14fdbd06924b8832
Certificate serial: 01856F42B0B9CAEBCE54BACC618550F5BF1D
Authority key identifier: 20:0B:15:E0:78:3F:E0:0F:1B:8A:57:BD:14:FD:BD:06:92:4B:88:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IAsV4Hg_4A8bile9FP29BpJLiDI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/f0a67c-bd4f-4ddc-8c61-3fe7aea9e2e0/1/DU_cTTIAKeMVlGYql7NFi5N4kDU.roa
Signing time: Sun 01 Jan 2023 21:35:19 +0000
ROA not before: Sun 01 Jan 2023 21:35:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60951
IP address blocks: 152.89.225.0/24 maxlen: 24
152.89.224.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:b0:b9:ca:eb:ce:54:ba:cc:61:85:50:f5:bf:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=200b15e0783fe00f1b8a57bd14fdbd06924b8832
Validity
Not Before: Jan 1 21:35:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d4fdc4d320029e31594662a97b3458b93789035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:10:3c:0c:4b:6b:b3:73:9e:f3:20:1f:ac:5d:
60:ac:4d:d8:39:6e:da:38:86:90:26:1c:63:17:5b:
8b:f7:fb:7a:2e:4f:6a:8e:00:0b:a2:2d:c4:95:a8:
cc:6d:93:fd:0a:09:4b:17:be:8d:28:52:f3:aa:c4:
d1:01:31:f9:38:bc:82:39:82:e7:c7:66:34:a0:ed:
78:c9:cb:6a:db:55:52:54:20:52:2d:28:e6:01:c3:
38:bf:59:83:a0:f2:b2:4f:3a:18:03:7e:2b:5f:a7:
00:a3:d9:17:0a:9c:eb:e8:de:7b:45:59:9e:ec:f2:
e4:8d:04:c3:9c:35:fa:11:91:8c:e4:ce:ae:10:29:
a7:7c:e2:cf:61:51:d6:82:7d:0f:ee:29:ed:28:d3:
3e:4c:5c:9c:e8:24:a6:ad:b1:c2:db:70:fc:bd:c3:
6f:ef:0d:34:1e:67:d3:d7:73:8d:50:2c:83:2a:61:
99:ad:6e:2a:98:9f:b7:ca:ef:78:bc:c5:af:af:01:
08:1c:8e:ab:f3:ea:c6:e4:66:1b:e2:8f:2f:0e:45:
b1:a1:17:89:8e:2c:0d:7a:38:11:d0:d0:65:f0:90:
15:f8:d7:4f:7d:40:d0:5e:09:47:99:90:c9:bf:33:
2a:d1:c5:36:43:db:c1:c2:f0:ce:ca:ab:b0:c1:17:
82:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:4F:DC:4D:32:00:29:E3:15:94:66:2A:97:B3:45:8B:93:78:90:35
X509v3 Authority Key Identifier:
keyid:20:0B:15:E0:78:3F:E0:0F:1B:8A:57:BD:14:FD:BD:06:92:4B:88:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IAsV4Hg_4A8bile9FP29BpJLiDI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/f0a67c-bd4f-4ddc-8c61-3fe7aea9e2e0/1/DU_cTTIAKeMVlGYql7NFi5N4kDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/f0a67c-bd4f-4ddc-8c61-3fe7aea9e2e0/1/IAsV4Hg_4A8bile9FP29BpJLiDI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.224.0/22
Signature Algorithm: sha256WithRSAEncryption
61:3e:a6:33:21:ae:6d:de:f1:0c:f3:88:44:8c:96:76:e0:49:
15:2e:c8:2d:53:af:7c:54:ed:8d:60:e0:ee:e3:1f:74:c3:5c:
aa:93:97:3d:9c:75:e3:2c:9f:37:38:86:a8:08:ef:bd:b6:f3:
01:f5:27:88:d5:5c:87:3d:3a:05:2a:42:32:a1:2a:94:6e:bf:
11:c3:57:41:81:7b:d8:e3:75:ff:14:e3:46:ae:0c:e5:50:39:
11:35:c1:25:e1:85:9e:54:71:35:39:2a:87:d9:93:d4:cb:c0:
14:17:04:8a:0e:d0:7b:da:d3:df:71:d0:fd:d7:b3:7b:c6:5d:
22:66:5c:64:a4:af:77:73:ee:61:ba:5d:9f:3b:b3:a3:37:87:
e5:9d:07:6b:b6:fc:0d:74:b1:cb:99:ac:21:09:c2:97:ae:f2:
a9:98:e3:e7:f8:42:64:95:e2:e2:3b:5a:42:10:14:ee:c1:d3:
56:9d:60:4e:91:9b:02:d2:0e:87:56:82:eb:9a:ac:1f:02:55:
1f:0c:64:56:48:b5:01:e8:af:87:19:62:26:43:2d:cc:40:ff:
47:f7:6c:f8:ab:73:9a:ce:1a:64:82:25:1b:30:7e:8c:2d:26:
80:ca:9d:0d:c3:a3:aa:84:7c:3b:57:ff:c6:85:58:7a:9c:b2:
60:c5:a3:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQrC5yuvOVLrMYYVQ9b8dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMGIxNWUwNzgzZmUwMGYxYjhhNTdiZDE0ZmRiZDA2OTI0
Yjg4MzIwHhcNMjMwMTAxMjEzNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDRmZGM0ZDMyMDAyOWUzMTU5NDY2MmE5N2IzNDU4YjkzNzg5MDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRA8DEtrs3Oe8yAfrF1grE3YOW7a
OIaQJhxjF1uL9/t6Lk9qjgALoi3ElajMbZP9CglLF76NKFLzqsTRATH5OLyCOYLn
x2Y0oO14yctq21VSVCBSLSjmAcM4v1mDoPKyTzoYA34rX6cAo9kXCpzr6N57RVme
7PLkjQTDnDX6EZGM5M6uECmnfOLPYVHWgn0P7intKNM+TFyc6CSmrbHC23D8vcNv
7w00HmfT13ONUCyDKmGZrW4qmJ+3yu94vMWvrwEIHI6r8+rG5GYb4o8vDkWxoReJ
jiwNejgR0NBl8JAV+NdPfUDQXglHmZDJvzMq0cU2Q9vBwvDOyquwwReCNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA1P3E0yACnjFZRmKpezRYuTeJA1MB8GA1UdIwQY
MBaAFCALFeB4P+APG4pXvRT9vQaSS4gyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUFzVjRIZ180QThiaWxlOUZQMjlCcEpMaURJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9mMGE2N2MtYmQ0Zi00ZGRjLThjNjEt
M2ZlN2FlYTllMmUwLzEvRFVfY1RUSUFLZU1WbEdZcWw3TkZpNU40a0RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9mMGE2N2MtYmQ0Zi00ZGRjLThjNjEtM2ZlN2FlYTllMmUw
LzEvSUFzVjRIZ180QThiaWxlOUZQMjlCcEpMaURJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmFngMA0G
CSqGSIb3DQEBCwUAA4IBAQBhPqYzIa5t3vEM84hEjJZ24EkVLsgtU698VO2NYODu
4x90w1yqk5c9nHXjLJ83OIaoCO+9tvMB9SeI1VyHPToFKkIyoSqUbr8Rw1dBgXvY
43X/FONGrgzlUDkRNcEl4YWeVHE1OSqH2ZPUy8AUFwSKDtB72tPfcdD917N7xl0i
ZlxkpK93c+5hul2fO7OjN4flnQdrtvwNdLHLmawhCcKXrvKpmOPn+EJkleLiO1pC
EBTuwdNWnWBOkZsC0g6HVoLrmqwfAlUfDGRWSLUB6K+HGWImQy3MQP9H92z4q3Oa
zhpkgiUbMH6MLSaAyp0Nw6OqhHw7V//GhVh6nLJgxaOA
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:20 2024 by rpki-client on console-ams.rpki-client.org