Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/514a42-0be8-45e8-a7f0-55da8ec36014/1/Xrjrs78vieZnQFZmuWGHMNdOzPI.roa
File: Xrjrs78vieZnQFZmuWGHMNdOzPI.roa (raw, json)
Hash identifier: uI/Y9UABf9FQX32aEOlL9OZpo+laqp1XOAoAnFLF1/w=
Subject key identifier: 5E:B8:EB:B3:BF:2F:89:E6:67:40:56:66:B9:61:87:30:D7:4E:CC:F2
Certificate issuer: /CN=d0f6b8436f6634cd31d7097ce242a549935b18d7
Certificate serial: 0185715E5BFF247AF1A8573A0577CE6785DC
Authority key identifier: D0:F6:B8:43:6F:66:34:CD:31:D7:09:7C:E2:42:A5:49:93:5B:18:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Pa4Q29mNM0x1wl84kKlSZNbGNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/514a42-0be8-45e8-a7f0-55da8ec36014/1/Xrjrs78vieZnQFZmuWGHMNdOzPI.roa
Signing time: Mon 02 Jan 2023 07:24:47 +0000
ROA not before: Mon 02 Jan 2023 07:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59989
IP address blocks: 185.89.84.0/24 maxlen: 24
185.89.85.0/24 maxlen: 24
185.89.84.0/22 maxlen: 22
185.89.87.0/24 maxlen: 24
185.89.86.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:5b:ff:24:7a:f1:a8:57:3a:05:77:ce:67:85:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0f6b8436f6634cd31d7097ce242a549935b18d7
Validity
Not Before: Jan 2 07:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5eb8ebb3bf2f89e667405666b9618730d74eccf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:cd:19:ed:3f:c0:e6:8e:a5:f0:5d:d8:db:a8:
b8:0a:19:62:11:a1:7d:d7:7b:86:4b:b7:c5:35:f9:
c6:4d:50:b5:19:86:9c:d6:66:6d:a9:b3:c7:a2:8d:
e5:af:bc:81:a4:c0:09:87:49:22:67:d2:82:96:65:
d6:e5:3a:92:61:cc:34:90:c1:10:32:70:e7:b9:e4:
bf:e3:17:dc:44:02:01:83:1d:d9:fd:9c:f1:85:02:
40:99:49:3a:d7:11:08:2b:f8:88:08:bd:80:a0:97:
7e:04:82:51:ca:45:35:1e:eb:fa:78:ab:df:c8:65:
76:e5:21:c7:3a:e7:b9:7d:96:30:f5:3c:c1:e1:89:
42:33:12:85:fe:49:51:0c:41:21:6f:33:9d:4e:b1:
33:d6:40:39:e7:ec:43:a5:f5:84:a0:7b:f1:c0:32:
64:5b:41:0b:0b:f0:39:21:77:dc:2f:83:60:e3:e1:
ac:79:3b:ea:1e:20:72:41:e2:1b:91:37:55:a2:42:
79:75:eb:84:ce:c1:8f:2c:d9:90:bb:9e:f9:5b:f8:
88:da:46:8b:1f:ad:bf:7e:6c:e3:a8:27:bb:6d:57:
98:78:cf:a3:ce:ec:cd:79:83:21:7a:db:5d:7c:13:
1d:ec:2b:42:b6:41:03:25:c7:e7:56:ea:aa:f3:22:
9c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:B8:EB:B3:BF:2F:89:E6:67:40:56:66:B9:61:87:30:D7:4E:CC:F2
X509v3 Authority Key Identifier:
keyid:D0:F6:B8:43:6F:66:34:CD:31:D7:09:7C:E2:42:A5:49:93:5B:18:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Pa4Q29mNM0x1wl84kKlSZNbGNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/514a42-0be8-45e8-a7f0-55da8ec36014/1/Xrjrs78vieZnQFZmuWGHMNdOzPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/514a42-0be8-45e8-a7f0-55da8ec36014/1/0Pa4Q29mNM0x1wl84kKlSZNbGNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.84.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:b7:8f:fd:a4:b9:ab:ea:51:b9:85:59:98:bc:f1:82:4a:17:
58:54:48:18:05:ef:b4:be:bf:43:0f:d6:1b:6d:c1:51:cb:de:
dd:cd:4c:03:46:36:51:2b:6d:0e:47:28:e3:7a:c1:61:4c:21:
f8:87:a4:46:28:75:06:ec:ab:4e:8a:df:77:ad:38:5d:bf:7a:
ce:f1:bb:2e:a1:1d:e6:1a:22:d4:92:14:7f:41:0c:fb:c3:d6:
11:8c:64:fd:54:fb:50:b6:1b:70:31:07:76:84:95:d6:2c:c1:
6f:3d:2b:fa:ee:14:c4:27:fe:55:54:76:7d:6e:03:63:c5:bd:
54:aa:7e:82:fa:a8:1b:54:10:71:3f:16:ff:b8:02:15:3f:e0:
7e:45:bf:ba:5f:70:aa:50:53:ec:e4:4b:c7:6d:9f:d4:84:78:
bb:c1:fa:c9:0f:ad:a9:f8:32:41:b6:8b:3d:ac:df:bc:b4:90:
0c:96:dd:3f:35:e6:a4:71:2e:10:78:c0:a6:62:ca:cf:d3:cb:
ca:6b:3d:bf:52:75:e2:a0:96:62:fd:80:23:80:91:1e:37:46:
8b:92:33:14:18:21:e0:91:4f:11:40:cf:de:5d:88:6b:4a:6e:
67:8b:26:40:f5:b8:3e:c1:b5:a2:e7:7a:31:5c:30:18:07:f8:
13:53:3b:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxXlv/JHrxqFc6BXfOZ4XcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwZjZiODQzNmY2NjM0Y2QzMWQ3MDk3Y2UyNDJhNTQ5OTM1
YjE4ZDcwHhcNMjMwMTAyMDcyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWI4ZWJiM2JmMmY4OWU2Njc0MDU2NjZiOTYxODczMGQ3NGVjY2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg80Z7T/A5o6l8F3Y26i4ChliEaF9
13uGS7fFNfnGTVC1GYac1mZtqbPHoo3lr7yBpMAJh0kiZ9KClmXW5TqSYcw0kMEQ
MnDnueS/4xfcRAIBgx3Z/ZzxhQJAmUk61xEIK/iICL2AoJd+BIJRykU1Huv6eKvf
yGV25SHHOue5fZYw9TzB4YlCMxKF/klRDEEhbzOdTrEz1kA55+xDpfWEoHvxwDJk
W0ELC/A5IXfcL4Ng4+GseTvqHiByQeIbkTdVokJ5deuEzsGPLNmQu575W/iI2kaL
H62/fmzjqCe7bVeYeM+jzuzNeYMhettdfBMd7CtCtkEDJcfnVuqq8yKcIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF6467O/L4nmZ0BWZrlhhzDXTszyMB8GA1UdIwQY
MBaAFND2uENvZjTNMdcJfOJCpUmTWxjXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFBhNFEyOW1OTTB4MXdsODRrS2xTWk5iR05jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC81MTRhNDItMGJlOC00NWU4LWE3ZjAt
NTVkYThlYzM2MDE0LzEvWHJqcnM3OHZpZVpuUUZabXVXR0hNTmRPelBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC81MTRhNDItMGJlOC00NWU4LWE3ZjAtNTVkYThlYzM2MDE0
LzEvMFBhNFEyOW1OTTB4MXdsODRrS2xTWk5iR05jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVlUMA0G
CSqGSIb3DQEBCwUAA4IBAQCit4/9pLmr6lG5hVmYvPGCShdYVEgYBe+0vr9DD9Yb
bcFRy97dzUwDRjZRK20ORyjjesFhTCH4h6RGKHUG7KtOit93rThdv3rO8bsuoR3m
GiLUkhR/QQz7w9YRjGT9VPtQthtwMQd2hJXWLMFvPSv67hTEJ/5VVHZ9bgNjxb1U
qn6C+qgbVBBxPxb/uAIVP+B+Rb+6X3CqUFPs5EvHbZ/UhHi7wfrJD62p+DJBtos9
rN+8tJAMlt0/NeakcS4QeMCmYsrP08vKaz2/UnXioJZi/YAjgJEeN0aLkjMUGCHg
kU8RQM/eXYhrSm5niyZA9bg+wbWi53oxXDAYB/gTUztL
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:22 2024 by rpki-client on console-ams.rpki-client.org