Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/r5e2bh-xhQrQBCpI6LLglbIv8ig.roa
File: r5e2bh-xhQrQBCpI6LLglbIv8ig.roa (raw, json)
Hash identifier: 9I3h5+Gzv0wgOihd/eTX4mxLAnzpKWZZQbpY1opqtMQ=
Subject key identifier: AF:97:B6:6E:1F:B1:85:0A:D0:04:2A:48:E8:B2:E0:95:B2:2F:F2:28
Certificate issuer: /CN=89da60f049dfba34be4b4e8418b9ff492125c449
Certificate serial: 01856FA709C969919A2A1631365A04394156
Authority key identifier: 89:DA:60:F0:49:DF:BA:34:BE:4B:4E:84:18:B9:FF:49:21:25:C4:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/idpg8EnfujS-S06EGLn_SSElxEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/r5e2bh-xhQrQBCpI6LLglbIv8ig.roa
Signing time: Sun 01 Jan 2023 23:24:56 +0000
ROA not before: Sun 01 Jan 2023 23:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57187
IP address blocks: 94.207.32.0/20 maxlen: 24
2a00:f2f::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a7:09:c9:69:91:9a:2a:16:31:36:5a:04:39:41:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89da60f049dfba34be4b4e8418b9ff492125c449
Validity
Not Before: Jan 1 23:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af97b66e1fb1850ad0042a48e8b2e095b22ff228
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:6a:ca:d9:2e:ac:98:e5:dd:60:1c:0d:90:17:
88:ea:29:8e:31:38:b5:4d:80:1c:7d:4a:61:9e:7c:
ac:45:01:31:44:f9:48:e8:32:f6:66:5d:c3:b8:12:
34:f4:01:3d:50:d3:fc:57:ca:3e:2c:3c:30:58:14:
91:ee:05:de:e1:01:4a:b6:f1:71:ca:fd:70:55:98:
4e:27:ca:5f:c8:e7:14:86:b7:27:6b:db:ba:6a:96:
39:0d:fd:66:e8:93:e6:76:e2:77:9a:8c:ee:09:19:
cc:f1:c4:fc:83:f2:c2:57:ff:c2:82:ec:a0:ec:5e:
45:6a:e4:a8:a5:ec:ce:89:05:2a:0b:24:5f:2c:09:
34:94:79:10:ef:89:51:30:c2:8d:fb:43:47:fa:3f:
28:5c:47:ac:31:82:96:5f:46:c9:47:0c:bb:79:46:
10:e0:a3:6a:b1:d2:a5:13:a0:4f:73:0d:be:43:29:
a0:78:3b:db:66:ab:7f:f6:7d:7c:70:72:0d:94:6f:
89:31:6a:41:35:57:fb:15:cb:a7:7d:cc:f6:94:f1:
2b:4f:f3:e1:d9:da:c6:94:65:96:1f:9f:b6:2c:0e:
7f:4c:08:30:08:db:f0:a8:8a:ac:e8:cf:d7:f7:40:
67:9e:0b:ac:7f:1e:aa:90:56:17:12:74:9a:98:3f:
7d:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:97:B6:6E:1F:B1:85:0A:D0:04:2A:48:E8:B2:E0:95:B2:2F:F2:28
X509v3 Authority Key Identifier:
keyid:89:DA:60:F0:49:DF:BA:34:BE:4B:4E:84:18:B9:FF:49:21:25:C4:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/idpg8EnfujS-S06EGLn_SSElxEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/r5e2bh-xhQrQBCpI6LLglbIv8ig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/idpg8EnfujS-S06EGLn_SSElxEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.207.32.0/20
IPv6:
2a00:f2f::/32
Signature Algorithm: sha256WithRSAEncryption
a4:0f:12:1d:d0:e5:0b:da:b1:ed:95:96:dd:4d:76:04:d5:2b:
c6:ff:16:8a:45:5f:7a:77:c0:10:b1:94:3d:0f:3c:ba:73:9e:
8f:a7:10:78:03:cf:26:69:60:07:b1:c1:89:c5:f6:6e:98:e0:
40:bf:ed:e1:66:e0:81:5a:7a:58:53:c1:a4:a0:e4:4b:45:e4:
e6:e5:52:60:d1:aa:83:42:22:09:a2:7c:f8:29:b6:6c:7f:3e:
88:b0:6a:ee:99:d7:ed:9c:61:f4:42:b4:4e:5e:ed:79:50:20:
fa:67:9c:d1:d0:4b:b6:83:80:34:cd:7a:ed:c9:f7:9e:43:d7:
57:a9:b3:bc:6c:e7:e7:41:fb:3b:be:f0:a4:04:e2:87:d5:1b:
78:94:2b:cd:51:12:e2:69:3d:0a:06:99:4e:6c:a9:8f:d3:0d:
ed:22:82:ff:d7:a4:f2:49:b1:ff:44:19:39:ea:59:fd:69:b6:
f2:89:9e:a2:85:58:cf:17:ba:65:0d:ce:d4:ec:78:35:6a:1f:
52:8e:c4:b6:eb:93:c5:09:c5:6c:a5:ba:f0:fb:ab:cc:a4:24:
40:9f:5c:ff:af:88:a0:df:83:20:0b:b7:b8:5c:0e:64:81:8e:
e1:34:a6:2a:01:3b:47:6d:4b:bb:b8:9d:bb:4f:8c:9e:ff:be:
c5:4d:28:51
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvpwnJaZGaKhYxNloEOUFWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZGE2MGYwNDlkZmJhMzRiZTRiNGU4NDE4YjlmZjQ5MjEy
NWM0NDkwHhcNMjMwMTAxMjMyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjk3YjY2ZTFmYjE4NTBhZDAwNDJhNDhlOGIyZTA5NWIyMmZmMjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2rK2S6smOXdYBwNkBeI6imOMTi1
TYAcfUphnnysRQExRPlI6DL2Zl3DuBI09AE9UNP8V8o+LDwwWBSR7gXe4QFKtvFx
yv1wVZhOJ8pfyOcUhrcna9u6apY5Df1m6JPmduJ3mozuCRnM8cT8g/LCV//Cguyg
7F5FauSopezOiQUqCyRfLAk0lHkQ74lRMMKN+0NH+j8oXEesMYKWX0bJRwy7eUYQ
4KNqsdKlE6BPcw2+QymgeDvbZqt/9n18cHINlG+JMWpBNVf7Fcunfcz2lPErT/Ph
2drGlGWWH5+2LA5/TAgwCNvwqIqs6M/X90Bnngusfx6qkFYXEnSamD99LwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK+Xtm4fsYUK0AQqSOiy4JWyL/IoMB8GA1UdIwQY
MBaAFInaYPBJ37o0vktOhBi5/0khJcRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWRwZzhFbmZ1alMtUzA2RUdMbl9TU0VseEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTQ3N2YtMDc4NS00MDI2LTgzYmUt
Njk4OTBjODI5ZTMzLzEvcjVlMmJoLXhoUXJRQkNwSTZMTGdsYkl2OGlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTQ3N2YtMDc4NS00MDI2LTgzYmUtNjk4OTBjODI5ZTMz
LzEvaWRwZzhFbmZ1alMtUzA2RUdMbl9TU0VseEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEXs8gMA0E
AgACMAcDBQAqAA8vMA0GCSqGSIb3DQEBCwUAA4IBAQCkDxId0OUL2rHtlZbdTXYE
1SvG/xaKRV96d8AQsZQ9Dzy6c56PpxB4A88maWAHscGJxfZumOBAv+3hZuCBWnpY
U8GkoORLReTm5VJg0aqDQiIJonz4KbZsfz6IsGrumdftnGH0QrROXu15UCD6Z5zR
0Eu2g4A0zXrtyfeeQ9dXqbO8bOfnQfs7vvCkBOKH1Rt4lCvNURLiaT0KBplObKmP
0w3tIoL/16TySbH/RBk56ln9abbyiZ6ihVjPF7plDc7U7Hg1ah9SjsS265PFCcVs
pbrw+6vMpCRAn1z/r4ig34MgC7e4XA5kgY7hNKYqATtHbUu7uJ27T4ye/77FTShR
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:13 2024 by rpki-client on console-ams.rpki-client.org