Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Ixo6El1idJoCgWPF8OGdrrss_DM.roa
File: Ixo6El1idJoCgWPF8OGdrrss_DM.roa (raw, json)
Hash identifier: 1/fyiLkqNxM+FPG1jcc2ty4CmHk1bUlrakWAW3vrlBs=
Subject key identifier: 23:1A:3A:12:5D:62:74:9A:02:81:63:C5:F0:E1:9D:AE:BB:2C:FC:33
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018D315C58280BBBC9220058601737E29931
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Ixo6El1idJoCgWPF8OGdrrss_DM.roa
Signing time: Mon 22 Jan 2024 13:29:11 +0000
ROA not before: Mon 22 Jan 2024 13:29:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 89.37.196.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Mar 2024 07:56:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:31:5c:58:28:0b:bb:c9:22:00:58:60:17:37:e2:99:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 22 13:29:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=231a3a125d62749a028163c5f0e19daebb2cfc33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:af:87:d7:34:d2:72:78:d6:79:97:c7:3a:ef:
83:64:09:98:f0:a6:e2:39:06:09:69:2c:e7:00:7c:
ac:23:6d:d1:c1:4d:fb:ce:f8:32:13:fd:22:85:fe:
31:ec:2d:d3:b5:44:4e:e6:1a:98:9e:9f:4b:52:8b:
78:cf:d2:ed:24:f6:db:49:ac:f2:07:ab:48:57:5c:
14:c4:2b:5a:2a:b2:18:1a:ff:97:dc:c2:e7:9b:00:
35:4e:fe:50:45:ec:ae:b4:d7:ff:46:a5:aa:f2:36:
13:40:03:fe:9a:d7:88:18:1b:2f:4c:96:a6:cd:12:
c5:ed:46:46:35:90:59:59:19:82:86:87:5a:af:1d:
77:4e:e1:db:7b:9e:19:df:44:9d:5d:ad:cf:7d:fa:
1e:9e:f1:20:d1:ab:76:a2:05:be:99:9d:7e:85:f1:
98:7c:76:ef:e2:54:66:80:50:82:29:c0:5b:a1:c8:
72:f5:cc:5d:90:41:2c:a1:1e:33:d8:07:eb:ae:43:
92:db:a4:14:01:c6:81:f9:a8:8f:c1:29:0e:3f:cc:
4b:4a:fc:21:8d:8f:49:0b:59:8f:7f:7e:9f:f5:30:
68:c3:0c:78:5d:d3:44:83:3d:23:91:6e:fc:d7:ee:
de:68:1b:97:bb:89:7a:45:20:48:8e:32:a9:76:18:
0e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:1A:3A:12:5D:62:74:9A:02:81:63:C5:F0:E1:9D:AE:BB:2C:FC:33
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Ixo6El1idJoCgWPF8OGdrrss_DM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.196.0/24
Signature Algorithm: sha256WithRSAEncryption
61:bb:36:03:cf:3b:c7:39:75:62:2e:d9:7d:eb:09:f3:81:cb:
fd:0c:a3:da:15:56:b5:e1:d9:e1:94:bb:37:1c:42:cb:aa:e9:
05:07:f6:47:15:b5:ae:ee:5d:b8:af:94:cc:ee:12:b4:c7:13:
0b:01:69:47:25:15:a0:ba:b1:1f:4b:03:85:79:0e:aa:32:4c:
db:55:d6:56:03:e6:f4:8e:3f:8e:c1:98:14:5c:9d:0f:a4:20:
7c:90:23:ad:c1:b1:e9:d2:33:dc:e4:a6:cb:e5:f5:bb:ef:f1:
0f:7a:c6:3e:b3:c2:19:35:69:03:13:c2:59:bc:0c:18:dd:00:
cd:df:60:5a:eb:60:76:78:d5:0e:85:da:f3:ac:36:73:41:e6:
7e:7c:ed:59:be:69:34:db:e6:4e:5c:5c:5b:0d:f4:c2:df:fe:
55:fe:d0:a4:2e:ef:88:ca:39:60:32:10:3b:b4:ae:dd:0e:19:
ca:f6:8a:6c:19:5e:4c:a4:30:11:46:4a:a5:d9:47:4b:c6:47:
b8:f4:4d:48:68:46:29:b7:6c:12:b8:cf:c5:b3:fb:f1:74:df:
ff:e0:cf:2e:70:2b:94:b8:b9:ee:d2:30:a8:b0:9d:e2:66:e5:
f7:c3:1c:29:8a:c6:c9:fd:85:de:ea:9b:eb:bb:37:63:23:62:
54:0c:69:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0xXFgoC7vJIgBYYBc34pkxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTIyMTMyOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzFhM2ExMjVkNjI3NDlhMDI4MTYzYzVmMGUxOWRhZWJiMmNmYzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhq+H1zTScnjWeZfHOu+DZAmY8Kbi
OQYJaSznAHysI23RwU37zvgyE/0ihf4x7C3TtURO5hqYnp9LUot4z9LtJPbbSazy
B6tIV1wUxCtaKrIYGv+X3MLnmwA1Tv5QReyutNf/RqWq8jYTQAP+mteIGBsvTJam
zRLF7UZGNZBZWRmChodarx13TuHbe54Z30SdXa3PffoenvEg0at2ogW+mZ1+hfGY
fHbv4lRmgFCCKcBbochy9cxdkEEsoR4z2AfrrkOS26QUAcaB+aiPwSkOP8xLSvwh
jY9JC1mPf36f9TBowwx4XdNEgz0jkW781+7eaBuXu4l6RSBIjjKpdhgOewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCMaOhJdYnSaAoFjxfDhna67LPwzMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvSXhvNkVsMWlkSm9DZ1dQRjhPR2RycnNzX0RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSXEMA0G
CSqGSIb3DQEBCwUAA4IBAQBhuzYDzzvHOXViLtl96wnzgcv9DKPaFVa14dnhlLs3
HELLqukFB/ZHFbWu7l24r5TM7hK0xxMLAWlHJRWgurEfSwOFeQ6qMkzbVdZWA+b0
jj+OwZgUXJ0PpCB8kCOtwbHp0jPc5KbL5fW77/EPesY+s8IZNWkDE8JZvAwY3QDN
32Ba62B2eNUOhdrzrDZzQeZ+fO1Zvmk02+ZOXFxbDfTC3/5V/tCkLu+IyjlgMhA7
tK7dDhnK9opsGV5MpDARRkql2UdLxke49E1IaEYpt2wSuM/Fs/vxdN//4M8ucCuU
uLnu0jCosJ3iZuX3wxwpisbJ/YXe6pvruzdjI2JUDGlm
-----END CERTIFICATE-----
Generated at Wed Mar 27 12:42:48 2024 by rpki-client on console-fra.rpki-client.org