Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/xmIEwjTMmsEPGJCsjRu0AFxMHS4.roa
File: xmIEwjTMmsEPGJCsjRu0AFxMHS4.roa (raw, json)
Hash identifier: FOiKOZb/8O9ijvAf0MQCgKEbhAsS/Y70je+g8jDyy2I=
Subject key identifier: C6:62:04:C2:34:CC:9A:C1:0F:18:90:AC:8D:1B:B4:00:5C:4C:1D:2E
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0189829BCE683D14C858E1BEC9D5EDA6931D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/xmIEwjTMmsEPGJCsjRu0AFxMHS4.roa
Signing time: Sun 23 Jul 2023 11:56:36 +0000
ROA not before: Sun 23 Jul 2023 11:56:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209043
IP address blocks: 89.44.207.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:82:9b:ce:68:3d:14:c8:58:e1:be:c9:d5:ed:a6:93:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 23 11:56:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c66204c234cc9ac10f1890ac8d1bb4005c4c1d2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e9:83:52:00:d8:10:a4:de:85:d6:ce:b7:e2:
f4:8d:ed:eb:dc:e2:5d:b8:8f:f9:e1:e2:78:c9:3a:
96:8b:21:50:4d:a5:c0:e7:17:9c:d7:e8:ad:75:c5:
7c:73:d2:dc:bf:f3:bb:25:71:ec:ca:8e:c8:8a:5e:
f3:a2:8a:de:1b:ed:20:6d:09:2b:2c:85:4f:ce:0c:
fe:d9:fb:72:82:24:ab:2c:ce:53:37:93:a0:65:ea:
68:d0:64:4e:4a:d7:75:1f:d8:9c:94:f3:35:3f:de:
c4:ee:33:dc:f9:ec:d7:16:3b:6d:91:41:81:fe:57:
9b:0e:ab:e6:90:eb:e7:05:85:e4:e7:ea:a4:8e:f4:
f4:c7:19:52:78:1a:69:6f:53:36:f7:32:02:08:0a:
43:bb:02:66:93:12:59:8d:e2:a9:96:6b:1f:b1:39:
74:df:0e:3f:ca:a4:d1:b5:23:77:7c:f3:4e:d2:b1:
fd:7d:10:02:00:da:3f:b5:b1:3a:bc:a4:68:10:e1:
39:b0:99:a8:f5:97:8f:2f:32:12:5f:83:9e:f6:bf:
b8:4c:4a:a6:81:19:2e:80:12:1e:41:ee:45:6f:d1:
a0:fb:bd:86:f0:94:b5:46:b2:bd:c7:c9:52:66:c6:
29:fe:3e:0d:89:60:fe:aa:29:7f:2e:93:6c:6d:30:
e1:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:62:04:C2:34:CC:9A:C1:0F:18:90:AC:8D:1B:B4:00:5C:4C:1D:2E
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/xmIEwjTMmsEPGJCsjRu0AFxMHS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.207.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:2a:8f:84:2c:90:b9:b5:28:88:c9:26:53:97:81:c3:51:c7:
2a:a1:92:ce:8d:35:8f:06:1f:18:26:33:f5:af:67:54:ad:58:
39:1f:f9:e4:21:ad:5b:b7:9a:17:59:01:0c:80:97:14:75:32:
33:17:45:64:b9:d2:3a:45:02:60:66:32:51:de:fd:81:dc:34:
69:52:47:81:dd:cf:9a:48:75:0b:b7:17:c0:78:3a:22:84:85:
9e:f5:c7:cf:d0:6a:0a:31:04:de:a7:7d:f1:21:75:3f:c9:1e:
23:81:bd:5c:5d:ab:6c:7c:75:6a:88:98:eb:65:97:4e:20:f0:
e6:0c:a7:df:c1:0e:a1:89:a7:1c:81:22:8b:38:63:8f:ba:4f:
19:3e:2e:e3:0b:53:a1:f8:42:28:7f:21:04:cb:b2:18:56:e8:
74:d0:b2:ed:58:07:b4:61:56:a7:73:74:92:52:bd:ed:6b:f9:
1d:44:59:a7:40:80:52:99:ff:5d:de:e7:40:a7:b1:a6:43:b2:
15:f0:f2:83:03:c7:f7:3a:cc:42:07:f1:f9:17:f9:25:30:28:
79:4c:c5:f5:67:e5:3d:b4:34:9d:c3:e0:94:9a:b0:6b:b7:4b:
32:c9:a3:3d:7f:ba:ab:06:85:61:ee:24:45:ac:e9:e1:8f:47:
c5:19:1f:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmCm85oPRTIWOG+ydXtppMdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzIzMTE1NjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjYyMDRjMjM0Y2M5YWMxMGYxODkwYWM4ZDFiYjQwMDVjNGMxZDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+mDUgDYEKTehdbOt+L0je3r3OJd
uI/54eJ4yTqWiyFQTaXA5xec1+itdcV8c9Lcv/O7JXHsyo7Iil7zooreG+0gbQkr
LIVPzgz+2ftygiSrLM5TN5OgZepo0GROStd1H9iclPM1P97E7jPc+ezXFjttkUGB
/lebDqvmkOvnBYXk5+qkjvT0xxlSeBppb1M29zICCApDuwJmkxJZjeKplmsfsTl0
3w4/yqTRtSN3fPNO0rH9fRACANo/tbE6vKRoEOE5sJmo9ZePLzISX4Oe9r+4TEqm
gRkugBIeQe5Fb9Gg+72G8JS1RrK9x8lSZsYp/j4NiWD+qil/LpNsbTDhGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMZiBMI0zJrBDxiQrI0btABcTB0uMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEveG1JRXdqVE1tc0VQR0pDc2pSdTBBRnhNSFM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSzPMA0G
CSqGSIb3DQEBCwUAA4IBAQA8Ko+ELJC5tSiIySZTl4HDUccqoZLOjTWPBh8YJjP1
r2dUrVg5H/nkIa1bt5oXWQEMgJcUdTIzF0VkudI6RQJgZjJR3v2B3DRpUkeB3c+a
SHULtxfAeDoihIWe9cfP0GoKMQTep33xIXU/yR4jgb1cXatsfHVqiJjrZZdOIPDm
DKffwQ6hiaccgSKLOGOPuk8ZPi7jC1Oh+EIofyEEy7IYVuh00LLtWAe0YVanc3SS
Ur3ta/kdRFmnQIBSmf9d3udAp7GmQ7IV8PKDA8f3OsxCB/H5F/klMCh5TMX1Z+U9
tDSdw+CUmrBrt0syyaM9f7qrBoVh7iRFrOnhj0fFGR9s
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:28 2024 by rpki-client on console-fra.rpki-client.org