Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/83eb09-3a14-455b-8895-ba0a76f43704/1/poNUStZ_asts5hlmcGGQEdS93oM.roa
File: poNUStZ_asts5hlmcGGQEdS93oM.roa (raw, json)
Hash identifier: ++3rYK+V836B4IJdWXwO9uklptrkDSwugH78wLFGXPE=
Subject key identifier: A6:83:54:4A:D6:7F:6A:CB:6C:E6:19:66:70:61:90:11:D4:BD:DE:83
Certificate issuer: /CN=052005bb6c3d6865b89c10f33b0b994b74af963b
Certificate serial: 01857230E03977275243A830BE78F6DA0902
Authority key identifier: 05:20:05:BB:6C:3D:68:65:B8:9C:10:F3:3B:0B:99:4B:74:AF:96:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BSAFu2w9aGW4nBDzOwuZS3Svljs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/83eb09-3a14-455b-8895-ba0a76f43704/1/poNUStZ_asts5hlmcGGQEdS93oM.roa
Signing time: Mon 02 Jan 2023 11:14:43 +0000
ROA not before: Mon 02 Jan 2023 11:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198089
IP address blocks: 185.98.124.0/24 maxlen: 24
185.98.124.0/23 maxlen: 24
185.98.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 17 Aug 2023 14:44:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:30:e0:39:77:27:52:43:a8:30:be:78:f6:da:09:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=052005bb6c3d6865b89c10f33b0b994b74af963b
Validity
Not Before: Jan 2 11:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a683544ad67f6acb6ce6196670619011d4bdde83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:c4:4c:f5:07:1e:d3:63:a4:c9:c8:c7:56:b1:
f7:fb:b0:c7:b7:b1:3c:57:e9:1d:03:67:11:60:16:
7c:2f:d0:97:7a:c8:01:71:0f:e8:ee:cd:ce:7e:b9:
7d:b7:42:f8:23:a2:c1:fb:1a:98:8a:af:9b:19:6b:
41:68:8c:3a:c8:23:73:be:34:a8:be:1c:e3:76:ed:
c5:96:3e:a7:16:81:19:9f:ed:07:8b:9f:ae:e4:35:
04:61:49:27:86:0e:cf:0e:19:0d:c3:f7:da:70:f4:
da:23:c6:a1:52:5c:c0:7c:2f:73:fa:75:b6:91:1f:
e5:6e:51:f9:d2:01:c6:bd:33:71:c6:1e:58:bd:6b:
aa:2d:73:44:93:e7:c2:30:e4:4f:59:e9:d4:9a:fd:
e1:06:5a:71:f5:5f:34:dd:bb:6f:a7:0d:a5:99:16:
76:ae:6e:01:b7:3a:18:15:ea:fa:5c:78:08:1b:69:
54:cb:d9:8e:3e:99:3c:e2:c8:6a:e6:d7:12:c8:b1:
f8:ce:1a:cd:c4:b2:86:61:c8:fb:ca:40:99:6d:7a:
bf:a7:f6:d8:f8:d0:e4:4e:18:a8:f1:de:b7:de:5f:
52:16:0d:f4:74:0f:cb:57:64:f8:28:45:5b:dc:93:
e1:2c:11:38:dd:b2:93:34:5b:34:15:a7:24:18:5d:
c6:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:83:54:4A:D6:7F:6A:CB:6C:E6:19:66:70:61:90:11:D4:BD:DE:83
X509v3 Authority Key Identifier:
keyid:05:20:05:BB:6C:3D:68:65:B8:9C:10:F3:3B:0B:99:4B:74:AF:96:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BSAFu2w9aGW4nBDzOwuZS3Svljs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/83eb09-3a14-455b-8895-ba0a76f43704/1/poNUStZ_asts5hlmcGGQEdS93oM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/83eb09-3a14-455b-8895-ba0a76f43704/1/BSAFu2w9aGW4nBDzOwuZS3Svljs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.124.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:e5:02:cf:56:5c:1a:10:f0:5f:9a:9d:39:9c:2b:53:73:64:
13:df:b2:ac:60:59:09:21:71:02:1d:70:86:d2:64:49:55:26:
6f:93:e3:47:e2:99:b2:d0:99:8f:55:10:c3:37:7a:e5:ac:c9:
07:d1:14:5a:f5:ad:80:53:c0:b5:02:0d:c6:b1:6c:e9:68:15:
00:5a:b5:4f:f1:a3:c2:44:f5:ce:6b:a7:fc:73:10:a6:c1:b4:
6b:3a:4e:c8:c1:b1:f6:84:a6:ad:86:c4:4e:10:b9:3b:ca:0e:
8c:22:9b:c6:57:54:c1:83:05:2d:de:82:36:03:48:56:15:67:
c4:83:3d:26:0e:cd:a5:87:fd:ec:2d:05:96:01:ff:db:08:29:
7b:2a:54:3b:0a:c5:ef:69:da:e3:67:72:8c:2e:ad:b5:72:99:
88:eb:2a:69:1f:82:21:ee:b6:0f:e6:c9:4d:73:9d:7f:07:73:
61:3f:1c:ca:c3:aa:e1:f1:da:d1:3c:fb:d1:8a:83:b8:9d:4b:
33:e5:8c:33:4a:42:22:b7:2b:cc:cf:ae:cd:35:c6:80:8d:a0:
e2:82:50:49:5b:af:14:b2:47:59:75:6e:5a:66:fc:b3:89:37:
90:5c:13:e3:ee:b1:d0:f7:87:76:f8:7b:42:b9:81:c8:37:2f:
7f:72:dd:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyMOA5dydSQ6gwvnj22gkCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MjAwNWJiNmMzZDY4NjViODljMTBmMzNiMGI5OTRiNzRh
Zjk2M2IwHhcNMjMwMTAyMTExNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjgzNTQ0YWQ2N2Y2YWNiNmNlNjE5NjY3MDYxOTAxMWQ0YmRkZTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMRM9Qce02OkycjHVrH3+7DHt7E8
V+kdA2cRYBZ8L9CXesgBcQ/o7s3Ofrl9t0L4I6LB+xqYiq+bGWtBaIw6yCNzvjSo
vhzjdu3Flj6nFoEZn+0Hi5+u5DUEYUknhg7PDhkNw/facPTaI8ahUlzAfC9z+nW2
kR/lblH50gHGvTNxxh5YvWuqLXNEk+fCMORPWenUmv3hBlpx9V803btvpw2lmRZ2
rm4BtzoYFer6XHgIG2lUy9mOPpk84shq5tcSyLH4zhrNxLKGYcj7ykCZbXq/p/bY
+NDkThio8d633l9SFg30dA/LV2T4KEVb3JPhLBE43bKTNFs0FackGF3GeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKaDVErWf2rLbOYZZnBhkBHUvd6DMB8GA1UdIwQY
MBaAFAUgBbtsPWhluJwQ8zsLmUt0r5Y7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlNBRnUydzlhR1c0bkJEek93dVpTM1N2bGpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi84M2ViMDktM2ExNC00NTViLTg4OTUt
YmEwYTc2ZjQzNzA0LzEvcG9OVVN0Wl9hc3RzNWhsbWNHR1FFZFM5M29NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi84M2ViMDktM2ExNC00NTViLTg4OTUtYmEwYTc2ZjQzNzA0
LzEvQlNBRnUydzlhR1c0bkJEek93dVpTM1N2bGpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuWJ8MA0G
CSqGSIb3DQEBCwUAA4IBAQCa5QLPVlwaEPBfmp05nCtTc2QT37KsYFkJIXECHXCG
0mRJVSZvk+NH4pmy0JmPVRDDN3rlrMkH0RRa9a2AU8C1Ag3GsWzpaBUAWrVP8aPC
RPXOa6f8cxCmwbRrOk7IwbH2hKathsROELk7yg6MIpvGV1TBgwUt3oI2A0hWFWfE
gz0mDs2lh/3sLQWWAf/bCCl7KlQ7CsXvadrjZ3KMLq21cpmI6yppH4Ih7rYP5slN
c51/B3NhPxzKw6rh8drRPPvRioO4nUsz5YwzSkIityvMz67NNcaAjaDiglBJW68U
skdZdW5aZvyziTeQXBPj7rHQ94d2+HtCuYHINy9/ct23
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:44 2024 by rpki-client on console-ams.rpki-client.org