Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/ff10a5-2fa3-4942-b2a9-bfe52b4af8b7/1/uA7yufnmL655OS8A7HyoM87eIQg.roa
File: uA7yufnmL655OS8A7HyoM87eIQg.roa (raw, json)
Hash identifier: ICXSw6Rjr3sW+jhHLbRBwN5088phIAgf6Xxz9+UYN0E=
Subject key identifier: B8:0E:F2:B9:F9:E6:2F:AE:79:39:2F:00:EC:7C:A8:33:CE:DE:21:08
Certificate issuer: /CN=cb608201f88aeae9486b9fa87189d796c54027dd
Certificate serial: 0191647656317DC824A84BDF86C94EF8452E
Authority key identifier: CB:60:82:01:F8:8A:EA:E9:48:6B:9F:A8:71:89:D7:96:C5:40:27:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y2CCAfiK6ulIa5-ocYnXlsVAJ90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/ff10a5-2fa3-4942-b2a9-bfe52b4af8b7/1/uA7yufnmL655OS8A7HyoM87eIQg.roa
Signing time: Sun 18 Aug 2024 07:49:22 +0000
ROA not before: Sun 18 Aug 2024 07:49:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201150
IP address blocks: 89.23.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 18 Aug 2024 13:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:64:76:56:31:7d:c8:24:a8:4b:df:86:c9:4e:f8:45:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb608201f88aeae9486b9fa87189d796c54027dd
Validity
Not Before: Aug 18 07:49:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b80ef2b9f9e62fae79392f00ec7ca833cede2108
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:13:49:ea:16:24:1e:ea:9b:b3:d3:31:b7:e0:
76:59:2e:53:42:f8:3d:62:cf:4c:e2:ad:2f:27:e9:
f5:d2:c2:a5:9e:01:35:90:c1:78:47:e3:80:64:78:
ba:9e:1e:f1:79:83:89:cd:ac:97:03:54:a9:b5:9f:
2a:1b:03:1f:17:cb:76:84:22:99:8b:a4:4c:30:f3:
78:5d:52:1e:09:a5:7a:13:1f:1e:f3:45:12:69:0e:
54:ff:80:95:8b:75:bc:6c:ec:09:e6:9a:12:f6:56:
29:97:ea:3b:cb:bd:1a:50:93:09:9e:cd:6f:61:0b:
cd:81:c3:38:18:3f:c3:35:24:03:77:13:92:e3:9e:
26:c3:e0:fd:01:1f:ba:39:ef:13:85:f5:11:62:38:
5f:85:ec:4f:32:f8:e0:fa:7a:9e:3b:8f:36:85:83:
d4:e3:dc:25:75:46:95:b8:b8:86:ed:6b:44:ae:0c:
c1:e7:11:4e:52:89:39:61:d9:ef:c8:4d:22:b2:a2:
04:f9:1b:43:2a:02:af:09:13:c9:ab:31:90:b9:51:
49:40:5e:57:22:d5:60:ea:55:34:d2:fb:4d:08:b5:
dc:82:06:52:ba:19:6f:c4:a7:93:a7:78:1b:37:22:
db:dd:9c:b9:cc:89:c9:d1:ec:60:af:6d:66:ed:1e:
a2:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:0E:F2:B9:F9:E6:2F:AE:79:39:2F:00:EC:7C:A8:33:CE:DE:21:08
X509v3 Authority Key Identifier:
keyid:CB:60:82:01:F8:8A:EA:E9:48:6B:9F:A8:71:89:D7:96:C5:40:27:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y2CCAfiK6ulIa5-ocYnXlsVAJ90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/ff10a5-2fa3-4942-b2a9-bfe52b4af8b7/1/uA7yufnmL655OS8A7HyoM87eIQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/ff10a5-2fa3-4942-b2a9-bfe52b4af8b7/1/y2CCAfiK6ulIa5-ocYnXlsVAJ90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.126.0/24
Signature Algorithm: sha256WithRSAEncryption
10:43:e3:f6:10:fd:ee:ef:05:82:cd:02:9e:80:8c:e0:bc:9b:
24:ce:de:2c:db:c2:f3:75:ca:45:62:12:f6:25:f1:91:f5:1e:
41:5c:39:54:97:e9:fd:dd:5d:4d:b0:a0:8e:2d:79:c8:53:6c:
d5:91:c8:56:15:ac:f6:ee:24:c3:7d:e5:f3:37:ad:ce:5b:1d:
55:c7:12:a8:0f:c7:7a:6d:2c:9f:79:b2:85:48:fd:a9:d1:72:
f4:c2:05:27:8e:5f:08:7b:5c:7c:c7:3a:03:ba:19:5c:6c:08:
8b:14:6f:40:5f:86:3b:9e:c2:83:5f:5e:9b:c2:0e:63:4e:15:
dc:36:fa:e7:f2:d8:a9:b6:b0:46:7c:2f:e2:ba:e3:82:fe:e1:
cb:bf:8f:6a:52:26:50:fa:b3:40:65:eb:e8:9b:cf:6f:8d:cc:
d6:84:a9:2a:12:3b:f4:64:c9:77:aa:bd:50:ee:a7:17:1f:93:
1f:9c:c2:40:e2:66:cd:ec:b1:c4:e7:85:71:ae:85:58:44:c1:
9a:b6:cf:88:77:e2:d4:a1:13:f1:66:36:ab:00:83:f0:49:30:
3d:9f:7e:0b:4f:d9:a3:9a:c0:6d:c7:26:6e:fe:42:1e:de:95:
e6:13:61:3a:0d:db:c6:43:79:ec:41:3e:af:76:30:fd:fa:5c:
46:2f:98:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFkdlYxfcgkqEvfhslO+EUuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNjA4MjAxZjg4YWVhZTk0ODZiOWZhODcxODlkNzk2YzU0
MDI3ZGQwHhcNMjQwODE4MDc0OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODBlZjJiOWY5ZTYyZmFlNzkzOTJmMDBlYzdjYTgzM2NlZGUyMTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxNJ6hYkHuqbs9Mxt+B2WS5TQvg9
Ys9M4q0vJ+n10sKlngE1kMF4R+OAZHi6nh7xeYOJzayXA1SptZ8qGwMfF8t2hCKZ
i6RMMPN4XVIeCaV6Ex8e80USaQ5U/4CVi3W8bOwJ5poS9lYpl+o7y70aUJMJns1v
YQvNgcM4GD/DNSQDdxOS454mw+D9AR+6Oe8ThfURYjhfhexPMvjg+nqeO482hYPU
49wldUaVuLiG7WtErgzB5xFOUok5YdnvyE0isqIE+RtDKgKvCRPJqzGQuVFJQF5X
ItVg6lU00vtNCLXcggZSuhlvxKeTp3gbNyLb3Zy5zInJ0exgr21m7R6iJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLgO8rn55i+ueTkvAOx8qDPO3iEIMB8GA1UdIwQY
MBaAFMtgggH4iurpSGufqHGJ15bFQCfdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTJDQ0FmaUs2dWxJYTUtb2NZblhsc1ZBSjkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mZjEwYTUtMmZhMy00OTQyLWIyYTkt
YmZlNTJiNGFmOGI3LzEvdUE3eXVmbm1MNjU1T1M4QTdIeW9NODdlSVFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mZjEwYTUtMmZhMy00OTQyLWIyYTktYmZlNTJiNGFmOGI3
LzEveTJDQ0FmaUs2dWxJYTUtb2NZblhsc1ZBSjkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRd+MA0G
CSqGSIb3DQEBCwUAA4IBAQAQQ+P2EP3u7wWCzQKegIzgvJskzt4s28LzdcpFYhL2
JfGR9R5BXDlUl+n93V1NsKCOLXnIU2zVkchWFaz27iTDfeXzN63OWx1VxxKoD8d6
bSyfebKFSP2p0XL0wgUnjl8Ie1x8xzoDuhlcbAiLFG9AX4Y7nsKDX16bwg5jThXc
Nvrn8tiptrBGfC/iuuOC/uHLv49qUiZQ+rNAZevom89vjczWhKkqEjv0ZMl3qr1Q
7qcXH5MfnMJA4mbN7LHE54VxroVYRMGats+Id+LUoRPxZjarAIPwSTA9n34LT9mj
msBtxyZu/kIe3pXmE2E6DdvGQ3nsQT6vdjD9+lxGL5jB
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:34 2025 by rpki-client