Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/a62a7b-8f76-4899-a153-8c500295cb96/1/p_ATNxMafvpzP4hI2G0P8Z1kwos.roa
File: p_ATNxMafvpzP4hI2G0P8Z1kwos.roa (raw, json)
Hash identifier: K+Sn6gvw3OtsVd3pK1jb/DxuNMVBgemLnff4V9fkKvM=
Subject key identifier: A7:F0:13:37:13:1A:7E:FA:73:3F:88:48:D8:6D:0F:F1:9D:64:C2:8B
Certificate issuer: /CN=0c1037c17bc15a7c9d8569887f5b05835ce32d27
Certificate serial: 0185BA43C49C458124B7F85434F7F5DD6B88
Authority key identifier: 0C:10:37:C1:7B:C1:5A:7C:9D:85:69:88:7F:5B:05:83:5C:E3:2D:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DBA3wXvBWnydhWmIf1sFg1zjLSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/a62a7b-8f76-4899-a153-8c500295cb96/1/p_ATNxMafvpzP4hI2G0P8Z1kwos.roa
Signing time: Mon 16 Jan 2023 11:08:01 +0000
ROA not before: Mon 16 Jan 2023 11:08:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41557
IP address blocks: 89.205.0.0/17 maxlen: 17
89.205.0.0/21 maxlen: 21
89.205.8.0/21 maxlen: 21
89.205.16.0/21 maxlen: 21
89.205.24.0/21 maxlen: 21
185.47.56.0/22 maxlen: 22
89.205.32.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ba:43:c4:9c:45:81:24:b7:f8:54:34:f7:f5:dd:6b:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c1037c17bc15a7c9d8569887f5b05835ce32d27
Validity
Not Before: Jan 16 11:08:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7f01337131a7efa733f8848d86d0ff19d64c28b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:72:d1:42:9c:72:07:0f:97:d3:ed:8b:68:2f:
cb:ce:1c:cf:ee:11:81:f9:d4:a8:98:bf:02:ec:f3:
dd:29:22:cb:62:52:c1:2b:af:b7:58:cc:c5:e9:c4:
19:58:9e:1e:18:db:97:e4:aa:d7:c0:79:55:a9:4d:
8b:a4:a8:7e:16:b5:00:a3:e4:98:f8:d4:15:89:b4:
89:20:54:4c:3a:fa:f7:0f:8e:63:a8:14:ea:00:79:
32:ef:17:f2:36:c0:cc:b8:6d:dd:0f:a8:ed:e1:d4:
42:b0:34:2e:85:30:fe:a9:c6:30:ae:65:a4:be:aa:
2a:76:5b:e7:5c:34:36:91:07:92:0e:7d:2d:6c:0f:
fc:50:6b:5d:ed:ef:f9:07:a0:ac:cc:e9:91:ab:cc:
49:cc:98:d0:ca:25:99:5e:c6:b5:9b:3e:cf:ee:99:
bf:78:a0:72:b9:3a:4d:30:23:a6:02:5f:b1:b7:00:
a7:96:c0:ac:54:cb:88:5c:2e:1b:69:92:a4:9e:20:
5c:c9:26:75:ea:82:8f:3c:44:ee:33:c6:f1:13:3b:
24:61:44:3c:ec:b2:d0:be:02:54:29:de:97:b3:11:
fd:4a:db:08:90:b4:5c:9b:13:b1:ce:9f:1f:3b:7e:
fe:78:b7:76:e8:13:ee:ce:f3:0d:c0:55:65:b3:4d:
6b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:F0:13:37:13:1A:7E:FA:73:3F:88:48:D8:6D:0F:F1:9D:64:C2:8B
X509v3 Authority Key Identifier:
keyid:0C:10:37:C1:7B:C1:5A:7C:9D:85:69:88:7F:5B:05:83:5C:E3:2D:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DBA3wXvBWnydhWmIf1sFg1zjLSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a62a7b-8f76-4899-a153-8c500295cb96/1/p_ATNxMafvpzP4hI2G0P8Z1kwos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a62a7b-8f76-4899-a153-8c500295cb96/1/DBA3wXvBWnydhWmIf1sFg1zjLSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.205.0.0/17
185.47.56.0/22
Signature Algorithm: sha256WithRSAEncryption
83:86:86:b6:ab:52:f5:15:44:20:e2:98:ae:e1:f1:23:7f:49:
21:3c:1f:79:ab:31:bf:f0:56:96:db:4a:b7:24:ad:ab:22:0e:
35:02:86:ec:13:a7:d9:d9:1d:3f:aa:97:1b:8f:21:c0:a1:86:
a2:47:d8:8d:8c:a4:70:22:1f:dc:85:3d:94:c4:32:79:91:8c:
58:9f:9a:f1:40:5a:9e:94:bf:f0:4c:45:22:6a:2c:e7:5f:4b:
f0:b9:2f:37:2a:72:07:7f:82:97:e0:fb:e4:40:c9:34:f2:dd:
c8:ea:32:12:25:45:1f:e6:9e:4e:4a:a6:3a:73:06:46:b1:22:
39:95:7e:fd:75:f7:fb:8a:5f:6c:e3:e6:01:f1:cf:4f:6f:9f:
bd:04:51:2e:76:9f:85:ed:36:ac:cc:bc:d4:26:79:81:29:a6:
c8:93:93:e8:a0:87:b4:63:72:94:65:53:7a:90:3b:3d:82:c6:
bc:f6:ac:4a:0f:e8:78:57:24:3e:f3:09:41:a1:2d:e8:9d:f2:
a4:5e:01:09:a0:c0:93:67:57:6b:dd:9b:2c:9b:f1:f8:f1:a5:
5d:37:6e:e1:28:15:6e:39:8e:b5:5b:90:bd:ac:5e:12:92:e5:
2b:b5:5b:84:1e:00:5c:15:45:51:31:2c:0b:69:99:64:b3:83:
3b:31:d6:35
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYW6Q8ScRYEkt/hUNPf13WuIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMTAzN2MxN2JjMTVhN2M5ZDg1Njk4ODdmNWIwNTgzNWNl
MzJkMjcwHhcNMjMwMTE2MTEwODAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2YwMTMzNzEzMWE3ZWZhNzMzZjg4NDhkODZkMGZmMTlkNjRjMjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HLRQpxyBw+X0+2LaC/LzhzP7hGB
+dSomL8C7PPdKSLLYlLBK6+3WMzF6cQZWJ4eGNuX5KrXwHlVqU2LpKh+FrUAo+SY
+NQVibSJIFRMOvr3D45jqBTqAHky7xfyNsDMuG3dD6jt4dRCsDQuhTD+qcYwrmWk
vqoqdlvnXDQ2kQeSDn0tbA/8UGtd7e/5B6CszOmRq8xJzJjQyiWZXsa1mz7P7pm/
eKByuTpNMCOmAl+xtwCnlsCsVMuIXC4baZKkniBcySZ16oKPPETuM8bxEzskYUQ8
7LLQvgJUKd6XsxH9StsIkLRcmxOxzp8fO37+eLd26BPuzvMNwFVls01rRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKfwEzcTGn76cz+ISNhtD/GdZMKLMB8GA1UdIwQY
MBaAFAwQN8F7wVp8nYVpiH9bBYNc4y0nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREJBM3dYdkJXbnlkaFdtSWYxc0ZnMXpqTFNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9hNjJhN2ItOGY3Ni00ODk5LWExNTMt
OGM1MDAyOTVjYjk2LzEvcF9BVE54TWFmdnB6UDRoSTJHMFA4WjFrd29zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9hNjJhN2ItOGY3Ni00ODk5LWExNTMtOGM1MDAyOTVjYjk2
LzEvREJBM3dYdkJXbnlkaFdtSWYxc0ZnMXpqTFNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQHWc0AAwQC
uS84MA0GCSqGSIb3DQEBCwUAA4IBAQCDhoa2q1L1FUQg4piu4fEjf0khPB95qzG/
8FaW20q3JK2rIg41AobsE6fZ2R0/qpcbjyHAoYaiR9iNjKRwIh/chT2UxDJ5kYxY
n5rxQFqelL/wTEUiaiznX0vwuS83KnIHf4KX4PvkQMk08t3I6jISJUUf5p5OSqY6
cwZGsSI5lX79dff7il9s4+YB8c9Pb5+9BFEudp+F7TaszLzUJnmBKabIk5PooIe0
Y3KUZVN6kDs9gsa89qxKD+h4VyQ+8wlBoS3onfKkXgEJoMCTZ1dr3Zssm/H48aVd
N27hKBVuOY61W5C9rF4SkuUrtVuEHgBcFUVRMSwLaZlks4M7MdY1
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:47 2024 by rpki-client on console-ams.rpki-client.org