Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/47accb-6f3c-4c6c-9fd0-585eb84558f9/1/l1iSAeybqwsD8OxSLLqqvEwIzvA.roa
File: l1iSAeybqwsD8OxSLLqqvEwIzvA.roa (raw, json)
Hash identifier: 1Y8qyuyq60Y9o8t16isDDUV9UQDWM4sDYeANrNgfU1k=
Subject key identifier: 97:58:92:01:EC:9B:AB:0B:03:F0:EC:52:2C:BA:AA:BC:4C:08:CE:F0
Certificate issuer: /CN=e8206aa3252e3ea8d684eaec7a2993513b5d2307
Certificate serial: 018CC49308A07CC1EC126602D60D491D55D2
Authority key identifier: E8:20:6A:A3:25:2E:3E:A8:D6:84:EA:EC:7A:29:93:51:3B:5D:23:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6CBqoyUuPqjWhOrseimTUTtdIwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/47accb-6f3c-4c6c-9fd0-585eb84558f9/1/l1iSAeybqwsD8OxSLLqqvEwIzvA.roa
Signing time: Mon 01 Jan 2024 10:30:19 +0000
ROA not before: Mon 01 Jan 2024 10:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208494
IP address blocks: 89.21.76.0/22 maxlen: 22
89.21.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jul 2024 08:22:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:08:a0:7c:c1:ec:12:66:02:d6:0d:49:1d:55:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8206aa3252e3ea8d684eaec7a2993513b5d2307
Validity
Not Before: Jan 1 10:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97589201ec9bab0b03f0ec522cbaaabc4c08cef0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:3b:fc:9d:ec:c3:99:b4:b2:6e:97:3c:74:bd:
9a:1d:8c:53:75:2a:36:d2:a6:68:e8:0e:31:15:4c:
d4:25:24:8a:90:a8:d9:b6:c3:ad:21:fd:84:c0:7d:
05:2f:cb:8a:6c:be:28:69:fc:ef:0f:9c:ed:ce:bb:
1a:c4:04:52:cd:d4:3f:f1:6e:b0:37:f2:42:b3:9b:
29:47:44:87:42:1e:e5:8d:31:9d:50:56:14:34:95:
41:07:c6:0b:8f:14:5d:fd:12:b6:80:c5:ed:ae:79:
ec:17:34:8a:e8:7d:5c:a0:03:9d:4f:13:ec:6b:19:
02:9e:a0:cc:17:03:97:68:7a:c7:77:99:25:98:cf:
cd:a7:ab:e8:9c:12:1d:74:68:26:47:06:a8:c1:a3:
e0:23:f8:3f:76:1a:ba:e9:9d:57:63:8b:da:12:ba:
e5:7a:35:26:9c:16:7a:f1:2f:6b:b0:03:95:53:e0:
a2:c2:f9:3e:12:37:52:51:6b:a6:29:1b:ff:40:e7:
6d:4b:b0:f4:39:dc:2e:5c:85:1b:4d:71:64:e3:84:
a6:c8:e0:8d:4d:c2:65:62:5b:f5:a7:f2:37:6d:67:
50:15:9c:ef:e0:b4:56:74:9d:7c:64:67:08:d4:2d:
aa:d2:49:6c:39:c7:5f:a6:62:13:0a:23:8f:97:53:
ea:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:58:92:01:EC:9B:AB:0B:03:F0:EC:52:2C:BA:AA:BC:4C:08:CE:F0
X509v3 Authority Key Identifier:
keyid:E8:20:6A:A3:25:2E:3E:A8:D6:84:EA:EC:7A:29:93:51:3B:5D:23:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6CBqoyUuPqjWhOrseimTUTtdIwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/47accb-6f3c-4c6c-9fd0-585eb84558f9/1/l1iSAeybqwsD8OxSLLqqvEwIzvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/47accb-6f3c-4c6c-9fd0-585eb84558f9/1/6CBqoyUuPqjWhOrseimTUTtdIwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.21.76.0/22
89.21.95.0/24
Signature Algorithm: sha256WithRSAEncryption
d6:49:57:4e:ab:7f:c9:07:81:ff:6a:25:e4:eb:99:e0:77:57:
84:62:6d:4a:55:26:1a:55:6b:66:b6:17:f6:15:12:2a:bd:a5:
79:24:c8:05:87:59:33:a7:4d:81:4d:ad:e3:a7:21:d7:6c:3a:
ec:9d:bb:49:e3:87:34:9b:cb:b3:da:98:e4:5d:c4:87:c0:e0:
4a:31:ab:71:07:ab:19:43:eb:55:70:75:47:df:00:4d:93:f5:
d0:6f:0c:9c:dd:c1:4a:fe:6a:c7:f6:96:60:9e:1e:63:40:89:
8e:96:d0:4a:a9:60:c0:ae:85:17:a6:11:45:fa:66:91:a3:64:
21:b6:57:92:3f:89:98:bd:11:9a:47:00:25:c6:c5:87:5b:12:
3c:4c:30:08:7e:77:02:6c:67:ec:fd:46:cf:50:e4:7e:e0:18:
85:7a:a7:36:fd:52:f0:ea:49:c6:58:e8:e3:6d:0c:94:90:83:
23:cd:2c:43:d1:8d:24:1c:5b:16:53:91:80:77:de:d9:cf:82:
f6:a3:6c:fe:48:97:04:13:d4:ac:a3:c6:3a:34:87:07:92:08:
52:08:ea:9d:5d:4f:92:f6:8d:ca:86:55:b6:41:69:a3:78:bb:
6a:e0:98:54:5d:19:29:b9:02:c5:5d:3c:73:43:65:1a:10:57:
8b:f2:8b:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEkwigfMHsEmYC1g1JHVXSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MjA2YWEzMjUyZTNlYThkNjg0ZWFlYzdhMjk5MzUxM2I1
ZDIzMDcwHhcNMjQwMTAxMTAzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzU4OTIwMWVjOWJhYjBiMDNmMGVjNTIyY2JhYWFiYzRjMDhjZWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Tv8nezDmbSybpc8dL2aHYxTdSo2
0qZo6A4xFUzUJSSKkKjZtsOtIf2EwH0FL8uKbL4oafzvD5ztzrsaxARSzdQ/8W6w
N/JCs5spR0SHQh7ljTGdUFYUNJVBB8YLjxRd/RK2gMXtrnnsFzSK6H1coAOdTxPs
axkCnqDMFwOXaHrHd5klmM/Np6vonBIddGgmRwaowaPgI/g/dhq66Z1XY4vaErrl
ejUmnBZ68S9rsAOVU+Ciwvk+EjdSUWumKRv/QOdtS7D0OdwuXIUbTXFk44SmyOCN
TcJlYlv1p/I3bWdQFZzv4LRWdJ18ZGcI1C2q0klsOcdfpmITCiOPl1PqjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJdYkgHsm6sLA/DsUiy6qrxMCM7wMB8GA1UdIwQY
MBaAFOggaqMlLj6o1oTq7Hopk1E7XSMHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkNCcW95VXVQcWpXaE9yc2VpbVRVVHRkSXdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80N2FjY2ItNmYzYy00YzZjLTlmZDAt
NTg1ZWI4NDU1OGY5LzEvbDFpU0FleWJxd3NEOE94U0xMcXF2RXdJenZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80N2FjY2ItNmYzYy00YzZjLTlmZDAtNTg1ZWI4NDU1OGY5
LzEvNkNCcW95VXVQcWpXaE9yc2VpbVRVVHRkSXdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWRVMAwQA
WRVfMA0GCSqGSIb3DQEBCwUAA4IBAQDWSVdOq3/JB4H/aiXk65ngd1eEYm1KVSYa
VWtmthf2FRIqvaV5JMgFh1kzp02BTa3jpyHXbDrsnbtJ44c0m8uz2pjkXcSHwOBK
MatxB6sZQ+tVcHVH3wBNk/XQbwyc3cFK/mrH9pZgnh5jQImOltBKqWDAroUXphFF
+maRo2QhtleSP4mYvRGaRwAlxsWHWxI8TDAIfncCbGfs/UbPUOR+4BiFeqc2/VLw
6knGWOjjbQyUkIMjzSxD0Y0kHFsWU5GAd97Zz4L2o2z+SJcEE9Sso8Y6NIcHkghS
COqdXU+S9o3KhlW2QWmjeLtq4JhUXRkpuQLFXTxzQ2UaEFeL8ouj
-----END CERTIFICATE-----
Generated at Thu Jul 11 10:27:33 2024 by rpki-client on console-fra.rpki-client.org