Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/0b0280-9623-44ba-8ddf-44c1a4eb969c/1/k5PLE4-m3E2KZS6LlaTMxFzL4Qo.roa
File: k5PLE4-m3E2KZS6LlaTMxFzL4Qo.roa (raw, json)
Hash identifier: h715mIz5P+xlVIQlGItbGLe8yv5u0R4wwRb0hkK2tYA=
Subject key identifier: 93:93:CB:13:8F:A6:DC:4D:8A:65:2E:8B:95:A4:CC:C4:5C:CB:E1:0A
Certificate issuer: /CN=13440366007eb56f10e9f99e95204d330508b9b0
Certificate serial: 0185710BE4FE506FE283AD4F5006469E9B47
Authority key identifier: 13:44:03:66:00:7E:B5:6F:10:E9:F9:9E:95:20:4D:33:05:08:B9:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E0QDZgB-tW8Q6fmelSBNMwUIubA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/0b0280-9623-44ba-8ddf-44c1a4eb969c/1/k5PLE4-m3E2KZS6LlaTMxFzL4Qo.roa
Signing time: Mon 02 Jan 2023 05:54:42 +0000
ROA not before: Mon 02 Jan 2023 05:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6453
IP address blocks: 89.31.192.0/21 maxlen: 21
89.31.192.0/24 maxlen: 24
89.31.194.0/24 maxlen: 24
89.31.193.0/24 maxlen: 24
89.31.196.0/24 maxlen: 24
89.31.195.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0b:e4:fe:50:6f:e2:83:ad:4f:50:06:46:9e:9b:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13440366007eb56f10e9f99e95204d330508b9b0
Validity
Not Before: Jan 2 05:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9393cb138fa6dc4d8a652e8b95a4ccc45ccbe10a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:76:ba:5b:33:27:9d:46:d3:87:7b:a9:ff:86:
b7:ce:f2:b6:fb:68:fa:01:81:bd:0d:07:b7:6a:b3:
3f:4f:ce:11:bf:11:01:86:bb:45:11:f7:f1:7c:64:
5d:a1:2c:5d:68:9f:be:19:2d:e7:0d:57:86:cf:43:
c2:b9:bd:04:eb:e7:c8:01:ae:74:98:76:64:ca:b8:
b2:cb:bd:c6:f7:b9:63:2c:42:bc:d3:0f:23:9b:4a:
80:f7:11:6f:52:f3:1c:6c:3e:b0:ed:55:c4:f2:a1:
d9:a4:9c:63:3e:b5:e6:a6:88:76:d0:80:6d:d7:22:
88:24:ad:b3:c5:fe:5b:2a:1a:7c:ae:f0:cf:fc:e3:
54:a3:44:99:71:a2:a6:d9:65:0f:aa:10:84:25:6e:
6a:36:b4:1c:77:8b:97:5c:03:0a:56:90:f0:8c:cf:
79:14:0b:20:73:a0:48:1d:e7:90:81:a4:5e:7f:7c:
61:be:a9:f1:4e:4a:d9:6f:7b:8f:c3:ff:ed:7d:0b:
fc:a2:9c:0d:31:63:60:c5:7c:5a:92:bc:38:25:88:
fb:51:ef:b7:b9:50:43:1d:17:4e:80:88:4b:ef:24:
73:6f:59:59:b5:b7:b8:7b:b9:77:a5:e4:af:84:e3:
64:8a:73:87:cf:41:df:21:70:47:a5:f1:67:7e:fb:
da:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:93:CB:13:8F:A6:DC:4D:8A:65:2E:8B:95:A4:CC:C4:5C:CB:E1:0A
X509v3 Authority Key Identifier:
keyid:13:44:03:66:00:7E:B5:6F:10:E9:F9:9E:95:20:4D:33:05:08:B9:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E0QDZgB-tW8Q6fmelSBNMwUIubA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/0b0280-9623-44ba-8ddf-44c1a4eb969c/1/k5PLE4-m3E2KZS6LlaTMxFzL4Qo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/0b0280-9623-44ba-8ddf-44c1a4eb969c/1/E0QDZgB-tW8Q6fmelSBNMwUIubA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.31.192.0/21
Signature Algorithm: sha256WithRSAEncryption
91:61:72:e1:03:37:1a:65:d8:53:e8:66:ad:3b:ac:8b:08:2a:
b0:ea:40:fc:21:05:43:0f:c8:38:93:02:b6:b1:7d:98:c4:c4:
4b:bd:44:f1:dd:82:cc:1d:7d:27:70:81:47:85:9b:26:08:60:
81:16:16:16:2c:bf:8a:31:37:f1:6f:80:84:03:d6:b4:a9:95:
7a:2e:29:03:87:8a:2e:79:00:7a:d4:3c:b3:c7:a5:08:9b:df:
81:cf:e6:93:0c:b8:dc:c1:9f:de:73:8b:58:b0:78:f7:d6:2f:
fb:e1:65:af:48:df:0c:ae:9a:05:df:53:86:1f:fd:35:b1:09:
aa:6b:d0:8a:ac:e7:71:0c:67:25:44:34:33:18:d5:b3:8c:6f:
7f:ff:7d:7b:f2:24:77:00:b0:be:89:df:2d:11:db:88:93:70:
2b:39:60:a5:33:91:ff:01:a3:67:00:b7:ab:1a:63:c6:fd:27:
8b:57:b8:db:88:e6:23:2e:fd:e4:3f:d1:47:ef:8d:4e:83:d0:
3d:6e:d6:90:02:01:00:d8:9d:77:f4:f3:37:99:d7:89:e2:82:
29:4f:94:ea:da:16:d6:5f:ba:96:6d:cc:fc:7a:c9:c9:47:9b:
3e:54:59:da:b7:dd:24:b8:38:1e:2b:54:52:d7:69:49:77:a2:
97:e3:09:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxC+T+UG/ig61PUAZGnptHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNDQwMzY2MDA3ZWI1NmYxMGU5Zjk5ZTk1MjA0ZDMzMDUw
OGI5YjAwHhcNMjMwMTAyMDU1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzkzY2IxMzhmYTZkYzRkOGE2NTJlOGI5NWE0Y2NjNDVjY2JlMTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXa6WzMnnUbTh3up/4a3zvK2+2j6
AYG9DQe3arM/T84RvxEBhrtFEffxfGRdoSxdaJ++GS3nDVeGz0PCub0E6+fIAa50
mHZkyriyy73G97ljLEK80w8jm0qA9xFvUvMcbD6w7VXE8qHZpJxjPrXmpoh20IBt
1yKIJK2zxf5bKhp8rvDP/ONUo0SZcaKm2WUPqhCEJW5qNrQcd4uXXAMKVpDwjM95
FAsgc6BIHeeQgaRef3xhvqnxTkrZb3uPw//tfQv8opwNMWNgxXxakrw4JYj7Ue+3
uVBDHRdOgIhL7yRzb1lZtbe4e7l3peSvhONkinOHz0HfIXBHpfFnfvva+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJOTyxOPptxNimUui5WkzMRcy+EKMB8GA1UdIwQY
MBaAFBNEA2YAfrVvEOn5npUgTTMFCLmwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTBRRFpnQi10VzhRNmZtZWxTQk5Nd1VJdWJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8wYjAyODAtOTYyMy00NGJhLThkZGYt
NDRjMWE0ZWI5NjljLzEvazVQTEU0LW0zRTJLWlM2TGxhVE14RnpMNFFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8wYjAyODAtOTYyMy00NGJhLThkZGYtNDRjMWE0ZWI5Njlj
LzEvRTBRRFpnQi10VzhRNmZtZWxTQk5Nd1VJdWJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDWR/AMA0G
CSqGSIb3DQEBCwUAA4IBAQCRYXLhAzcaZdhT6GatO6yLCCqw6kD8IQVDD8g4kwK2
sX2YxMRLvUTx3YLMHX0ncIFHhZsmCGCBFhYWLL+KMTfxb4CEA9a0qZV6LikDh4ou
eQB61Dyzx6UIm9+Bz+aTDLjcwZ/ec4tYsHj31i/74WWvSN8MrpoF31OGH/01sQmq
a9CKrOdxDGclRDQzGNWzjG9//3178iR3ALC+id8tEduIk3ArOWClM5H/AaNnALer
GmPG/SeLV7jbiOYjLv3kP9FH741Og9A9btaQAgEA2J139PM3mdeJ4oIpT5Tq2hbW
X7qWbcz8esnJR5s+VFnat90kuDgeK1RS12lJd6KX4wmm
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:16 2024 by rpki-client on console-ams.rpki-client.org