Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/63c9db-8ab9-4c1e-af27-ed28851ecb76/1/kJg_6KRVpcbEEr2IuvBGpKJ6a3k.roa
File: kJg_6KRVpcbEEr2IuvBGpKJ6a3k.roa (raw, json)
Hash identifier: Q21XavOxfDHQoA4FNa9eEW4KRmHi0Q4ZOspspEcwnJ8=
Subject key identifier: 90:98:3F:E8:A4:55:A5:C6:C4:12:BD:88:BA:F0:46:A4:A2:7A:6B:79
Certificate issuer: /CN=4a1d20be77e12232323c1422fb5198fea0086034
Certificate serial: 0186263F535F0847C80CCB0CB5DECF6BBCE6
Authority key identifier: 4A:1D:20:BE:77:E1:22:32:32:3C:14:22:FB:51:98:FE:A0:08:60:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sh0gvnfhIjIyPBQi-1GY_qAIYDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/63c9db-8ab9-4c1e-af27-ed28851ecb76/1/kJg_6KRVpcbEEr2IuvBGpKJ6a3k.roa
Signing time: Mon 06 Feb 2023 10:22:09 +0000
ROA not before: Mon 06 Feb 2023 10:22:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212311
IP address blocks: 89.34.170.0/24 maxlen: 24
2a0f:ecc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:26:3f:53:5f:08:47:c8:0c:cb:0c:b5:de:cf:6b:bc:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a1d20be77e12232323c1422fb5198fea0086034
Validity
Not Before: Feb 6 10:22:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90983fe8a455a5c6c412bd88baf046a4a27a6b79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:46:98:c1:bb:76:18:38:e5:25:de:51:67:a5:
75:17:79:29:e6:fb:f6:58:aa:7d:8f:14:81:1d:81:
10:38:8d:5c:c4:f9:a9:41:b3:83:ad:62:2d:be:77:
c2:64:39:f7:3e:6e:b5:c5:71:d5:19:5e:d1:cc:df:
96:3e:31:ca:91:87:9a:14:e4:fc:8e:3c:30:0b:5f:
c1:a6:5b:96:45:74:07:0f:48:03:a4:bb:3d:2b:24:
53:c8:3c:9d:df:11:08:e6:ea:0d:b1:64:70:9d:93:
8a:fc:a7:9c:f1:3e:6c:0f:12:33:4c:f2:2c:7f:50:
25:e0:b9:bb:e1:17:74:a6:23:d5:fb:8b:b5:c3:ff:
7b:cd:c7:09:16:d9:58:2a:41:e8:dd:79:96:12:8e:
55:f2:05:c2:73:32:81:0c:8f:35:90:2b:8a:63:fb:
c4:59:3b:c5:ce:09:15:67:a7:37:1a:a6:d3:89:c7:
e1:f9:2c:39:9c:4b:ed:1d:eb:61:c9:fd:1c:c9:e5:
86:6f:2f:76:f0:5c:7d:67:99:89:ef:a8:68:8a:44:
a5:07:6f:4f:62:c1:59:f6:82:dc:3f:f6:8e:54:ed:
8d:82:b7:3a:b8:c8:3a:9f:4b:ba:d8:7f:c6:ab:6b:
c4:93:86:6d:f2:22:c6:de:43:1f:b8:f7:8a:6e:12:
39:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:98:3F:E8:A4:55:A5:C6:C4:12:BD:88:BA:F0:46:A4:A2:7A:6B:79
X509v3 Authority Key Identifier:
keyid:4A:1D:20:BE:77:E1:22:32:32:3C:14:22:FB:51:98:FE:A0:08:60:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sh0gvnfhIjIyPBQi-1GY_qAIYDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/63c9db-8ab9-4c1e-af27-ed28851ecb76/1/kJg_6KRVpcbEEr2IuvBGpKJ6a3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/63c9db-8ab9-4c1e-af27-ed28851ecb76/1/Sh0gvnfhIjIyPBQi-1GY_qAIYDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.170.0/24
IPv6:
2a0f:ecc0::/29
Signature Algorithm: sha256WithRSAEncryption
87:2f:4a:5b:8e:71:dd:84:6e:e8:aa:98:68:20:d4:7d:37:8f:
1e:fa:c3:5a:45:73:61:f7:50:49:50:0b:ce:74:f4:d9:7c:d1:
1d:63:35:63:fe:66:1d:5e:ea:92:07:e2:73:49:95:03:a5:aa:
00:cb:9e:ff:a2:b4:e9:98:7c:8f:52:17:1b:34:40:ca:94:00:
8a:07:04:66:fb:be:1f:d9:d0:b0:33:0a:cb:2e:25:37:69:d8:
ff:9f:3d:8a:68:4c:92:e7:f9:43:74:d8:dc:aa:93:70:ac:43:
8e:e8:84:5f:d7:7c:c1:1d:5e:44:ee:73:66:54:d5:a7:59:c3:
69:8f:83:94:59:67:fb:6b:64:5e:2f:45:46:aa:70:e5:a1:98:
38:05:d6:63:22:e0:c4:a0:ef:1b:1f:bd:64:88:41:1c:5a:e8:
61:88:4c:6e:7a:84:8c:73:f6:00:c5:c1:2f:10:a1:8f:c7:70:
8a:9c:93:b3:6e:af:be:dc:b6:69:68:0e:1e:6a:1b:22:38:3f:
b3:a5:a8:cc:85:e8:f5:95:ca:16:f9:14:87:11:1d:59:ff:f0:
02:24:e4:02:07:d7:49:46:d4:57:e4:6f:f5:4a:12:24:b6:56:
2e:c9:e1:56:c2:67:4e:da:0b:9c:4d:b5:d4:0f:dd:d5:51:2c:
75:16:b1:d4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYYmP1NfCEfIDMsMtd7Pa7zmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhMWQyMGJlNzdlMTIyMzIzMjNjMTQyMmZiNTE5OGZlYTAw
ODYwMzQwHhcNMjMwMjA2MTAyMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDk4M2ZlOGE0NTVhNWM2YzQxMmJkODhiYWYwNDZhNGEyN2E2Yjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUaYwbt2GDjlJd5RZ6V1F3kp5vv2
WKp9jxSBHYEQOI1cxPmpQbODrWItvnfCZDn3Pm61xXHVGV7RzN+WPjHKkYeaFOT8
jjwwC1/BpluWRXQHD0gDpLs9KyRTyDyd3xEI5uoNsWRwnZOK/Kec8T5sDxIzTPIs
f1Al4Lm74Rd0piPV+4u1w/97zccJFtlYKkHo3XmWEo5V8gXCczKBDI81kCuKY/vE
WTvFzgkVZ6c3GqbTicfh+Sw5nEvtHethyf0cyeWGby928Fx9Z5mJ76hoikSlB29P
YsFZ9oLcP/aOVO2Ngrc6uMg6n0u62H/Gq2vEk4Zt8iLG3kMfuPeKbhI5/wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJCYP+ikVaXGxBK9iLrwRqSiemt5MB8GA1UdIwQY
MBaAFEodIL534SIyMjwUIvtRmP6gCGA0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2gwZ3ZuZmhJakl5UEJRaS0xR1lfcUFJWURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi82M2M5ZGItOGFiOS00YzFlLWFmMjct
ZWQyODg1MWVjYjc2LzEva0pnXzZLUlZwY2JFRXIySXV2QkdwS0o2YTNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi82M2M5ZGItOGFiOS00YzFlLWFmMjctZWQyODg1MWVjYjc2
LzEvU2gwZ3ZuZmhJakl5UEJRaS0xR1lfcUFJWURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAWSKqMA0E
AgACMAcDBQMqD+zAMA0GCSqGSIb3DQEBCwUAA4IBAQCHL0pbjnHdhG7oqphoINR9
N48e+sNaRXNh91BJUAvOdPTZfNEdYzVj/mYdXuqSB+JzSZUDpaoAy57/orTpmHyP
UhcbNEDKlACKBwRm+74f2dCwMwrLLiU3adj/nz2KaEyS5/lDdNjcqpNwrEOO6IRf
13zBHV5E7nNmVNWnWcNpj4OUWWf7a2ReL0VGqnDloZg4BdZjIuDEoO8bH71kiEEc
WuhhiExueoSMc/YAxcEvEKGPx3CKnJOzbq++3LZpaA4eahsiOD+zpajMhej1lcoW
+RSHER1Z//ACJOQCB9dJRtRX5G/1ShIktlYuyeFWwmdO2gucTbXUD93VUSx1FrHU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:36 2024 by rpki-client on console-fra.rpki-client.org