Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/198c6b-d715-47b6-86c0-4d22c6b5b1fe/1/kDFitnuBOzxX_EC_FkdQRG18iUg.roa
File: kDFitnuBOzxX_EC_FkdQRG18iUg.roa (raw, json)
Hash identifier: MshxfhL3ug7dAw7F3XMkWJxIu9B4R6S2vkobFImYdfQ=
Subject key identifier: 90:31:62:B6:7B:81:3B:3C:57:FC:40:BF:16:47:50:44:6D:7C:89:48
Certificate issuer: /CN=762656c5e66b82c04654be1a25629b1fd6a59456
Certificate serial: 018571957788C4628F47A22463974A3FB17A
Authority key identifier: 76:26:56:C5:E6:6B:82:C0:46:54:BE:1A:25:62:9B:1F:D6:A5:94:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/diZWxeZrgsBGVL4aJWKbH9allFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/198c6b-d715-47b6-86c0-4d22c6b5b1fe/1/kDFitnuBOzxX_EC_FkdQRG18iUg.roa
Signing time: Mon 02 Jan 2023 08:24:58 +0000
ROA not before: Mon 02 Jan 2023 08:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39520
IP address blocks: 89.255.208.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:77:88:c4:62:8f:47:a2:24:63:97:4a:3f:b1:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=762656c5e66b82c04654be1a25629b1fd6a59456
Validity
Not Before: Jan 2 08:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=903162b67b813b3c57fc40bf164750446d7c8948
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ad:98:01:25:07:a1:e5:7d:09:86:88:2b:8c:
22:81:82:b8:e6:23:40:0d:5b:a5:43:9f:6e:0b:76:
73:ac:b4:15:6d:2e:8a:e7:6b:3c:2b:d7:80:d4:98:
86:a4:77:8b:90:c5:21:ff:9f:bc:22:b9:70:6e:6f:
52:83:fe:70:02:c0:ec:67:63:ca:3f:1c:ba:8c:6c:
78:41:c9:1d:b0:d9:ff:41:6d:a7:7a:11:62:48:ab:
87:45:a2:6b:ef:be:d8:18:03:75:a3:46:eb:8c:21:
e2:5e:75:33:68:28:1b:72:64:1e:ef:20:28:d0:1e:
bf:91:0b:5d:dd:5e:e9:78:90:58:76:59:e4:0c:e8:
cf:05:62:3b:8f:7d:03:30:2b:8f:9e:b5:f4:12:48:
fa:35:fc:9f:32:ab:d7:d9:49:73:b1:13:f4:5a:72:
1b:d1:64:d2:c3:34:76:c5:53:b5:5c:0a:0f:a1:0c:
89:2f:0c:26:48:70:bc:22:b3:26:08:86:0f:c5:31:
24:f9:0c:10:27:3d:25:f0:bd:6a:62:a7:a8:d0:01:
83:9a:84:8f:74:22:bc:9c:59:92:c8:21:02:cc:29:
e2:9f:0f:ab:ec:00:18:19:19:f1:c8:a6:c6:c5:2b:
1c:88:36:61:18:67:41:81:09:db:11:93:3f:e1:8b:
6d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:31:62:B6:7B:81:3B:3C:57:FC:40:BF:16:47:50:44:6D:7C:89:48
X509v3 Authority Key Identifier:
keyid:76:26:56:C5:E6:6B:82:C0:46:54:BE:1A:25:62:9B:1F:D6:A5:94:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/diZWxeZrgsBGVL4aJWKbH9allFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/198c6b-d715-47b6-86c0-4d22c6b5b1fe/1/kDFitnuBOzxX_EC_FkdQRG18iUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/198c6b-d715-47b6-86c0-4d22c6b5b1fe/1/diZWxeZrgsBGVL4aJWKbH9allFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.255.208.0/22
Signature Algorithm: sha256WithRSAEncryption
54:18:f7:bf:49:de:90:a1:55:31:5f:a7:7f:1d:67:33:b8:9a:
50:5c:e4:28:3f:38:e8:34:47:d2:09:cc:86:de:d2:1a:89:ad:
d0:61:fb:cf:3f:8f:22:e4:2b:eb:3f:83:01:83:2f:25:59:80:
e7:54:23:aa:1d:ee:ed:51:68:76:f7:b7:e8:38:f5:36:be:5a:
7f:f4:7d:5d:80:92:d5:0f:1f:8b:f4:f2:6d:35:90:73:fc:2e:
d3:e1:5b:f4:cc:4e:93:aa:e8:ea:db:a1:c2:77:7b:8a:17:1a:
dc:ab:73:2a:69:4b:06:27:cd:54:44:46:61:cf:5a:a0:bc:68:
ae:26:8d:e6:6a:f0:e3:3f:cc:bf:1b:cc:95:61:e1:36:a5:5a:
7c:30:ba:bf:38:17:73:b6:7e:7a:87:ff:df:a0:6d:25:11:e8:
ab:48:44:a8:06:2b:8c:7d:83:b8:4d:95:ed:12:38:70:d2:04:
b5:20:c8:b0:8e:75:59:80:c4:75:fb:e8:f6:aa:98:d0:89:76:
dc:11:ba:3e:e0:d9:a7:9d:4f:0f:13:80:a5:19:85:43:c9:c2:
16:81:82:05:dc:a2:7f:91:c1:f4:6c:7f:e8:98:3e:2a:01:a4:
e3:32:48:51:10:c0:a5:a5:bf:d1:4e:f8:07:08:bd:25:6b:42:
dd:09:c8:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxlXeIxGKPR6IkY5dKP7F6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2MjY1NmM1ZTY2YjgyYzA0NjU0YmUxYTI1NjI5YjFmZDZh
NTk0NTYwHhcNMjMwMTAyMDgyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDMxNjJiNjdiODEzYjNjNTdmYzQwYmYxNjQ3NTA0NDZkN2M4OTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtK2YASUHoeV9CYaIK4wigYK45iNA
DVulQ59uC3ZzrLQVbS6K52s8K9eA1JiGpHeLkMUh/5+8Irlwbm9Sg/5wAsDsZ2PK
Pxy6jGx4QckdsNn/QW2nehFiSKuHRaJr777YGAN1o0brjCHiXnUzaCgbcmQe7yAo
0B6/kQtd3V7peJBYdlnkDOjPBWI7j30DMCuPnrX0Ekj6NfyfMqvX2UlzsRP0WnIb
0WTSwzR2xVO1XAoPoQyJLwwmSHC8IrMmCIYPxTEk+QwQJz0l8L1qYqeo0AGDmoSP
dCK8nFmSyCECzCninw+r7AAYGRnxyKbGxSsciDZhGGdBgQnbEZM/4YttyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJAxYrZ7gTs8V/xAvxZHUERtfIlIMB8GA1UdIwQY
MBaAFHYmVsXma4LARlS+GiVimx/WpZRWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGlaV3hlWnJnc0JHVkw0YUpXS2JIOWFsbEZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8xOThjNmItZDcxNS00N2I2LTg2YzAt
NGQyMmM2YjViMWZlLzEva0RGaXRudUJPenhYX0VDX0ZrZFFSRzE4aVVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8xOThjNmItZDcxNS00N2I2LTg2YzAtNGQyMmM2YjViMWZl
LzEvZGlaV3hlWnJnc0JHVkw0YUpXS2JIOWFsbEZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWf/QMA0G
CSqGSIb3DQEBCwUAA4IBAQBUGPe/Sd6QoVUxX6d/HWczuJpQXOQoPzjoNEfSCcyG
3tIaia3QYfvPP48i5CvrP4MBgy8lWYDnVCOqHe7tUWh297foOPU2vlp/9H1dgJLV
Dx+L9PJtNZBz/C7T4Vv0zE6Tqujq26HCd3uKFxrcq3MqaUsGJ81UREZhz1qgvGiu
Jo3mavDjP8y/G8yVYeE2pVp8MLq/OBdztn56h//foG0lEeirSESoBiuMfYO4TZXt
Ejhw0gS1IMiwjnVZgMR1++j2qpjQiXbcEbo+4NmnnU8PE4ClGYVDycIWgYIF3KJ/
kcH0bH/omD4qAaTjMkhREMClpb/RTvgHCL0la0LdCcgD
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:27 2024 by rpki-client on console-fra.rpki-client.org