Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/9ea49a-cf67-466a-ab5c-70cbf5149a5a/1/kEDTWrJG5QvxHwD1r_LNxRuuA1w.roa
File: kEDTWrJG5QvxHwD1r_LNxRuuA1w.roa (raw, json)
Hash identifier: 6h5QsgYdBSIJHKkRZ8P4ru4IvRTHqfcVasyyWVChgRc=
Subject key identifier: 90:40:D3:5A:B2:46:E5:0B:F1:1F:00:F5:AF:F2:CD:C5:1B:AE:03:5C
Certificate issuer: /CN=3a3cf9919a2c8146c96f5a14b157459b794b6a2e
Certificate serial: 01856C939060063A817211BD0B9AAF8E5FD8
Authority key identifier: 3A:3C:F9:91:9A:2C:81:46:C9:6F:5A:14:B1:57:45:9B:79:4B:6A:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ojz5kZosgUbJb1oUsVdFm3lLai4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/9ea49a-cf67-466a-ab5c-70cbf5149a5a/1/kEDTWrJG5QvxHwD1r_LNxRuuA1w.roa
Signing time: Sun 01 Jan 2023 09:04:48 +0000
ROA not before: Sun 01 Jan 2023 09:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 32934
IP address blocks: 185.89.218.0/24 maxlen: 24
185.89.218.0/23 maxlen: 24
185.89.219.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:93:90:60:06:3a:81:72:11:bd:0b:9a:af:8e:5f:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a3cf9919a2c8146c96f5a14b157459b794b6a2e
Validity
Not Before: Jan 1 09:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9040d35ab246e50bf11f00f5aff2cdc51bae035c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:97:5d:32:c1:ef:20:ee:3e:a8:51:90:ab:d7:
c1:0e:82:2f:3b:a8:17:74:e2:88:3c:21:b0:d2:46:
e8:97:ec:54:1d:f3:7a:17:81:0e:2e:d5:aa:2b:6c:
bd:6e:f8:5b:98:2a:67:c2:c9:20:51:80:ff:c8:61:
bd:55:93:47:34:5c:01:f2:ab:8b:48:d9:21:10:12:
30:8b:9d:ef:25:9c:91:f7:16:da:67:d1:a8:55:70:
aa:29:31:3b:00:36:3e:d5:b6:94:63:03:1a:0d:dc:
9e:6c:f2:27:48:ce:5d:84:32:94:fb:d6:41:7c:09:
f7:c2:79:a8:05:50:e4:ce:48:d9:25:dd:47:ca:0e:
f9:af:b8:bb:95:e2:56:74:b0:86:68:09:dc:6f:52:
f1:c3:9f:67:7a:2c:91:7f:f3:21:15:9d:33:c2:33:
32:93:e2:b3:ad:04:d1:23:0c:b5:b4:4b:b9:af:3e:
0f:47:03:9f:d5:ac:86:24:e8:3b:31:06:30:da:c7:
cb:4b:42:a0:0f:8a:84:a3:6f:06:15:26:e1:f3:01:
8b:91:03:70:76:5b:1a:01:a4:29:94:ff:bd:75:1f:
15:58:c8:a5:de:33:00:69:e3:95:19:aa:fb:3b:78:
b0:22:df:74:94:5f:03:0a:ad:78:a2:f4:7d:2f:cc:
fc:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:40:D3:5A:B2:46:E5:0B:F1:1F:00:F5:AF:F2:CD:C5:1B:AE:03:5C
X509v3 Authority Key Identifier:
keyid:3A:3C:F9:91:9A:2C:81:46:C9:6F:5A:14:B1:57:45:9B:79:4B:6A:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ojz5kZosgUbJb1oUsVdFm3lLai4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ea49a-cf67-466a-ab5c-70cbf5149a5a/1/kEDTWrJG5QvxHwD1r_LNxRuuA1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ea49a-cf67-466a-ab5c-70cbf5149a5a/1/Ojz5kZosgUbJb1oUsVdFm3lLai4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.218.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:25:f4:8d:19:36:b8:fd:fb:c3:c0:05:aa:9f:03:fe:94:5f:
27:91:49:80:c5:f1:36:df:cd:a5:01:28:d8:91:2a:f8:f8:34:
94:7e:b7:0f:bd:e0:92:e6:b2:05:5f:3e:a6:6d:7f:79:55:e7:
2d:2a:1e:8f:17:3c:da:23:e9:21:81:b9:2f:6c:d4:d2:73:33:
80:19:6e:be:8e:2c:ad:a5:01:5c:04:1d:42:70:11:05:35:82:
c2:a5:0a:33:4e:2e:f1:c8:d0:c1:66:d9:3a:f6:b5:d9:17:f0:
3b:84:24:5b:ba:fe:63:09:cf:1e:03:92:84:35:be:2b:63:20:
e4:38:26:91:d8:d7:f8:12:51:8e:ff:ed:3a:29:17:1f:70:52:
99:4e:5d:17:15:19:12:e9:35:91:4d:cb:4f:46:52:91:e4:21:
3d:be:50:59:bc:91:69:71:8d:2f:49:35:84:f4:e2:be:19:c1:
50:dc:6a:36:bc:c0:8f:5b:86:fb:1e:bf:ce:35:d0:b8:57:37:
bf:55:cd:b0:f7:9b:13:41:29:90:bc:d4:28:63:4d:17:ed:a7:
06:d2:3d:e4:bf:f2:a2:f0:8c:c8:32:b4:10:32:60:2b:f2:0b:
9f:5f:a8:36:48:be:46:1e:58:e9:79:46:f1:40:aa:18:b6:0f:
c3:8d:f3:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsk5BgBjqBchG9C5qvjl/YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhM2NmOTkxOWEyYzgxNDZjOTZmNWExNGIxNTc0NTliNzk0
YjZhMmUwHhcNMjMwMTAxMDkwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDQwZDM1YWIyNDZlNTBiZjExZjAwZjVhZmYyY2RjNTFiYWUwMzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgpddMsHvIO4+qFGQq9fBDoIvO6gX
dOKIPCGw0kbol+xUHfN6F4EOLtWqK2y9bvhbmCpnwskgUYD/yGG9VZNHNFwB8quL
SNkhEBIwi53vJZyR9xbaZ9GoVXCqKTE7ADY+1baUYwMaDdyebPInSM5dhDKU+9ZB
fAn3wnmoBVDkzkjZJd1Hyg75r7i7leJWdLCGaAncb1Lxw59neiyRf/MhFZ0zwjMy
k+KzrQTRIwy1tEu5rz4PRwOf1ayGJOg7MQYw2sfLS0KgD4qEo28GFSbh8wGLkQNw
dlsaAaQplP+9dR8VWMil3jMAaeOVGar7O3iwIt90lF8DCq14ovR9L8z8EQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJBA01qyRuUL8R8A9a/yzcUbrgNcMB8GA1UdIwQY
MBaAFDo8+ZGaLIFGyW9aFLFXRZt5S2ouMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2p6NWtab3NnVWJKYjFvVXNWZEZtM2xMYWk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS85ZWE0OWEtY2Y2Ny00NjZhLWFiNWMt
NzBjYmY1MTQ5YTVhLzEva0VEVFdySkc1UXZ4SHdEMXJfTE54UnV1QTF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS85ZWE0OWEtY2Y2Ny00NjZhLWFiNWMtNzBjYmY1MTQ5YTVh
LzEvT2p6NWtab3NnVWJKYjFvVXNWZEZtM2xMYWk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuVnaMA0G
CSqGSIb3DQEBCwUAA4IBAQA8JfSNGTa4/fvDwAWqnwP+lF8nkUmAxfE2382lASjY
kSr4+DSUfrcPveCS5rIFXz6mbX95VectKh6PFzzaI+khgbkvbNTSczOAGW6+jiyt
pQFcBB1CcBEFNYLCpQozTi7xyNDBZtk69rXZF/A7hCRbuv5jCc8eA5KENb4rYyDk
OCaR2Nf4ElGO/+06KRcfcFKZTl0XFRkS6TWRTctPRlKR5CE9vlBZvJFpcY0vSTWE
9OK+GcFQ3Go2vMCPW4b7Hr/ONdC4Vze/Vc2w95sTQSmQvNQoY00X7acG0j3kv/Ki
8IzIMrQQMmAr8gufX6g2SL5GHljpeUbxQKoYtg/DjfOu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:41 2024 by rpki-client on console-ams.rpki-client.org