Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/0b0280-9623-44ba-8ddf-44c1a4eb969c/1/uXDXIeH_e-qH8hCmrafATNddU2Y.roa
File: uXDXIeH_e-qH8hCmrafATNddU2Y.roa (raw, json)
Hash identifier: l/++S4PpV7F7/fb8bqfvKP4O2xnbjOkxV9kLgJuDYR4=
Subject key identifier: B9:70:D7:21:E1:FF:7B:EA:87:F2:10:A6:AD:A7:C0:4C:D7:5D:53:66
Certificate issuer: /CN=13440366007eb56f10e9f99e95204d330508b9b0
Certificate serial: 0185710BE56650BC861AFB60027BBC4512F6
Authority key identifier: 13:44:03:66:00:7E:B5:6F:10:E9:F9:9E:95:20:4D:33:05:08:B9:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E0QDZgB-tW8Q6fmelSBNMwUIubA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/0b0280-9623-44ba-8ddf-44c1a4eb969c/1/uXDXIeH_e-qH8hCmrafATNddU2Y.roa
Signing time: Mon 02 Jan 2023 05:54:43 +0000
ROA not before: Mon 02 Jan 2023 05:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48109
IP address blocks: 89.31.192.0/24 maxlen: 24
89.31.192.0/21 maxlen: 21
89.31.196.0/24 maxlen: 24
89.31.195.0/24 maxlen: 24
89.31.194.0/24 maxlen: 24
89.31.193.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0b:e5:66:50:bc:86:1a:fb:60:02:7b:bc:45:12:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13440366007eb56f10e9f99e95204d330508b9b0
Validity
Not Before: Jan 2 05:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b970d721e1ff7bea87f210a6ada7c04cd75d5366
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ea:19:f2:fb:b8:1e:6e:9e:7c:61:78:d9:64:
58:4e:12:8c:a4:6a:5f:31:69:07:6b:a7:f9:a1:82:
7c:0e:2d:97:05:8c:d3:5e:d8:17:53:4d:1b:fa:e7:
91:d1:cc:c8:ab:68:b2:ea:4b:ee:2c:d6:4e:d0:db:
80:b1:1d:01:03:1c:ab:bc:38:6a:3b:38:e0:f9:35:
b4:9a:ee:c1:f4:f1:65:79:23:88:ab:0e:0e:34:e3:
40:64:be:c6:b1:f0:0e:fd:cc:7f:4c:9f:68:c1:d9:
53:a2:5f:46:4b:d5:40:85:5c:0a:f3:91:d9:52:fa:
9d:ac:df:6e:42:29:48:72:7d:63:2a:8b:8c:e9:e3:
95:83:51:34:70:19:9f:11:92:9a:fc:c1:76:72:fe:
ec:94:1f:d8:92:8f:86:5b:8a:a8:c8:cd:29:ed:a8:
df:57:be:36:02:88:76:c2:8d:01:cc:4d:6c:c7:8f:
26:ad:31:8e:28:6d:42:9e:8f:19:38:ac:92:39:63:
31:c8:91:ac:ea:4c:63:32:4b:d9:7e:e0:b9:4a:0a:
ed:44:8d:b0:c2:25:37:a2:cd:31:8e:0a:b4:40:06:
9d:00:9a:5d:9b:2c:f6:9e:05:5e:80:4e:91:d1:ad:
a4:dc:05:0d:aa:f2:20:f6:76:a9:13:36:5e:e9:92:
7a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:70:D7:21:E1:FF:7B:EA:87:F2:10:A6:AD:A7:C0:4C:D7:5D:53:66
X509v3 Authority Key Identifier:
keyid:13:44:03:66:00:7E:B5:6F:10:E9:F9:9E:95:20:4D:33:05:08:B9:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E0QDZgB-tW8Q6fmelSBNMwUIubA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/0b0280-9623-44ba-8ddf-44c1a4eb969c/1/uXDXIeH_e-qH8hCmrafATNddU2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/0b0280-9623-44ba-8ddf-44c1a4eb969c/1/E0QDZgB-tW8Q6fmelSBNMwUIubA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.31.192.0/21
Signature Algorithm: sha256WithRSAEncryption
1d:a7:44:7d:7d:64:ed:33:72:d0:f1:82:35:8d:f4:cb:0b:d0:
e7:b2:b6:f6:d8:5b:40:a7:30:44:7f:19:04:f5:3e:d7:04:0f:
96:88:18:d4:c1:1f:92:15:f9:68:1b:10:10:61:7d:85:58:17:
cf:3e:2e:9e:30:06:a6:6d:cc:53:88:94:78:a2:f7:39:b5:07:
1b:11:49:be:cc:96:9c:9f:34:53:b9:d4:1c:93:89:91:aa:0a:
2e:e8:54:0e:1a:a6:ec:fb:98:07:f4:ff:40:61:2c:74:f0:c4:
26:c3:4b:3e:7f:f0:14:a8:68:54:69:8a:ad:0f:b1:71:7c:9e:
28:c5:5e:88:ee:f4:a1:80:3f:74:e5:20:b6:09:0c:c0:76:2d:
7c:23:31:06:41:9d:63:bf:11:c9:50:7f:12:b2:b9:31:1b:c0:
5e:02:ab:82:51:b9:63:05:7f:0f:47:b9:8f:bd:01:17:92:b9:
4a:fb:26:f1:29:87:e2:a7:d2:c8:f8:22:7f:fe:04:02:67:93:
d0:51:ca:80:df:85:bd:cf:94:05:91:ba:9d:48:7a:21:b0:09:
73:da:43:de:63:50:6c:45:51:cd:12:06:06:3d:49:21:33:42:
e3:d8:0f:56:40:b8:a6:cf:86:5e:93:0d:60:61:d4:22:d9:7d:
b5:b3:65:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxC+VmULyGGvtgAnu8RRL2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNDQwMzY2MDA3ZWI1NmYxMGU5Zjk5ZTk1MjA0ZDMzMDUw
OGI5YjAwHhcNMjMwMTAyMDU1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTcwZDcyMWUxZmY3YmVhODdmMjEwYTZhZGE3YzA0Y2Q3NWQ1MzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+oZ8vu4Hm6efGF42WRYThKMpGpf
MWkHa6f5oYJ8Di2XBYzTXtgXU00b+ueR0czIq2iy6kvuLNZO0NuAsR0BAxyrvDhq
Ozjg+TW0mu7B9PFleSOIqw4ONONAZL7GsfAO/cx/TJ9owdlTol9GS9VAhVwK85HZ
UvqdrN9uQilIcn1jKouM6eOVg1E0cBmfEZKa/MF2cv7slB/Yko+GW4qoyM0p7ajf
V742Aoh2wo0BzE1sx48mrTGOKG1Cno8ZOKySOWMxyJGs6kxjMkvZfuC5SgrtRI2w
wiU3os0xjgq0QAadAJpdmyz2ngVegE6R0a2k3AUNqvIg9napEzZe6ZJ6OwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLlw1yHh/3vqh/IQpq2nwEzXXVNmMB8GA1UdIwQY
MBaAFBNEA2YAfrVvEOn5npUgTTMFCLmwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTBRRFpnQi10VzhRNmZtZWxTQk5Nd1VJdWJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8wYjAyODAtOTYyMy00NGJhLThkZGYt
NDRjMWE0ZWI5NjljLzEvdVhEWEllSF9lLXFIOGhDbXJhZkFUTmRkVTJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8wYjAyODAtOTYyMy00NGJhLThkZGYtNDRjMWE0ZWI5Njlj
LzEvRTBRRFpnQi10VzhRNmZtZWxTQk5Nd1VJdWJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDWR/AMA0G
CSqGSIb3DQEBCwUAA4IBAQAdp0R9fWTtM3LQ8YI1jfTLC9Dnsrb22FtApzBEfxkE
9T7XBA+WiBjUwR+SFfloGxAQYX2FWBfPPi6eMAambcxTiJR4ovc5tQcbEUm+zJac
nzRTudQck4mRqgou6FQOGqbs+5gH9P9AYSx08MQmw0s+f/AUqGhUaYqtD7FxfJ4o
xV6I7vShgD905SC2CQzAdi18IzEGQZ1jvxHJUH8SsrkxG8BeAquCUbljBX8PR7mP
vQEXkrlK+ybxKYfip9LI+CJ//gQCZ5PQUcqA34W9z5QFkbqdSHohsAlz2kPeY1Bs
RVHNEgYGPUkhM0Lj2A9WQLimz4Zekw1gYdQi2X21s2Ue
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:26 2024 by rpki-client on console-fra.rpki-client.org