Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/dZT_YDMLyXVsTWRZbuK_mU_fd0c.roa
File: dZT_YDMLyXVsTWRZbuK_mU_fd0c.roa (raw, json)
Hash identifier: 6JXRGqrBx0zwIuCIf4yKbgM8Gcbda94S0NWWgsNNVgM=
Subject key identifier: 75:94:FF:60:33:0B:C9:75:6C:4D:64:59:6E:E2:BF:99:4F:DF:77:47
Certificate issuer: /CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Certificate serial: 018570C2D62F17B481EDDE8AF7A09798D9F1
Authority key identifier: D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/dZT_YDMLyXVsTWRZbuK_mU_fd0c.roa
Signing time: Mon 02 Jan 2023 04:34:55 +0000
ROA not before: Mon 02 Jan 2023 04:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8551
IP address blocks: 89.38.28.0/23 maxlen: 23
89.38.28.0/22 maxlen: 22
89.38.30.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:d6:2f:17:b4:81:ed:de:8a:f7:a0:97:98:d9:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Validity
Not Before: Jan 2 04:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7594ff60330bc9756c4d64596ee2bf994fdf7747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d4:94:e0:b9:33:44:b1:d4:f4:e1:5c:81:95:
76:66:b8:c9:0e:fa:50:52:76:8d:51:33:51:46:54:
13:db:bd:83:8a:1f:a7:66:5c:ec:c9:1a:39:11:69:
8d:d9:ae:48:2b:ca:77:51:1c:71:fa:9b:25:32:45:
49:90:3c:d5:83:87:83:8c:fc:d8:28:de:5f:d0:2d:
d4:b8:7f:a1:6c:28:83:ef:ed:60:de:53:31:fd:fc:
8c:20:a8:4b:3b:47:90:57:b2:8c:c6:94:c5:a3:84:
28:6e:ac:24:a0:50:97:25:5b:c6:f9:4f:1a:41:fb:
7d:29:d6:dd:ce:cb:b6:d4:06:03:66:9b:fe:74:ec:
58:c6:e0:97:8b:33:f7:00:07:3d:74:86:3f:f3:09:
ef:d2:2c:9d:88:58:09:74:4b:a4:ad:f7:75:15:bd:
6e:81:2a:cc:8d:5b:e1:5c:ef:b8:14:25:e5:ca:52:
bb:18:76:d2:45:86:f9:d7:12:c9:97:f6:d3:18:4d:
82:e9:26:9e:e8:da:3f:de:78:87:f7:90:7b:bb:ca:
92:f6:2b:db:ce:42:20:69:f4:7a:0d:fd:9e:14:5d:
b9:ce:96:6c:80:e5:31:1a:25:bd:74:44:4f:01:91:
c2:63:c0:3a:69:3c:7f:f8:17:c7:eb:f4:f6:f2:14:
0d:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:94:FF:60:33:0B:C9:75:6C:4D:64:59:6E:E2:BF:99:4F:DF:77:47
X509v3 Authority Key Identifier:
keyid:D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/dZT_YDMLyXVsTWRZbuK_mU_fd0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.28.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:37:ae:a1:0e:50:1f:61:fb:1b:e4:50:3a:59:3f:ef:ab:c7:
8d:01:ea:8c:28:1a:cb:c9:c1:20:41:69:19:f0:8b:80:11:e7:
61:cc:ba:e6:54:fc:f3:8d:ee:6b:e7:dd:e6:5d:14:82:cb:be:
42:3d:1e:d8:79:f7:6a:89:34:19:24:7d:f1:a2:f3:0a:a8:27:
da:cc:4c:04:9e:5f:d7:af:dd:11:d0:74:c8:ee:3a:03:58:ff:
f3:e6:09:dc:dc:47:76:e4:f6:09:38:8a:28:f1:1f:b8:71:3f:
0d:e0:96:5a:64:ec:11:16:e0:31:cf:ba:88:ab:ae:d6:fb:23:
41:33:f0:cf:32:df:ac:73:07:b9:22:af:7f:59:48:4d:26:fd:
8c:c8:dc:10:2d:aa:4b:71:36:70:9d:e2:22:26:75:1d:50:9a:
35:f2:5d:85:71:20:eb:24:80:77:09:fa:40:5f:d5:e9:e6:10:
b9:8d:ef:69:d1:e0:b9:70:ec:7f:e4:56:e0:39:8d:0f:03:82:
97:8d:57:99:e0:32:a5:a3:63:2f:e9:5d:72:a7:17:56:ad:ff:
bc:8f:c8:ad:e4:36:cd:51:3d:1e:2a:db:3c:00:29:e4:d7:25:
44:51:61:3e:ba:78:5f:d2:c2:0f:c2:c1:dd:7c:3b:7d:b4:15:
f4:3f:11:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwwtYvF7SB7d6K96CXmNnxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZWZlOWQzNmY1Zjg4ZmRmMDQ3NDJjNDE0MGM3NTMyMDkw
YWI3NzAwHhcNMjMwMTAyMDQzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTk0ZmY2MDMzMGJjOTc1NmM0ZDY0NTk2ZWUyYmY5OTRmZGY3NzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktSU4LkzRLHU9OFcgZV2ZrjJDvpQ
UnaNUTNRRlQT272Dih+nZlzsyRo5EWmN2a5IK8p3URxx+pslMkVJkDzVg4eDjPzY
KN5f0C3UuH+hbCiD7+1g3lMx/fyMIKhLO0eQV7KMxpTFo4QobqwkoFCXJVvG+U8a
Qft9Kdbdzsu21AYDZpv+dOxYxuCXizP3AAc9dIY/8wnv0iydiFgJdEukrfd1Fb1u
gSrMjVvhXO+4FCXlylK7GHbSRYb51xLJl/bTGE2C6Sae6No/3niH95B7u8qS9ivb
zkIgafR6Df2eFF25zpZsgOUxGiW9dERPAZHCY8A6aTx/+BfH6/T28hQNowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHWU/2AzC8l1bE1kWW7iv5lP33dHMB8GA1UdIwQY
MBaAFNnv6dNvX4j98EdCxBQMdTIJCrdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1Yzkt
MzlmNmQ2NDI1MzM4LzEvZFpUX1lETUx5WFZzVFdSWmJ1S19tVV9mZDBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4
LzEvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWSYcMA0G
CSqGSIb3DQEBCwUAA4IBAQBuN66hDlAfYfsb5FA6WT/vq8eNAeqMKBrLycEgQWkZ
8IuAEedhzLrmVPzzje5r593mXRSCy75CPR7YefdqiTQZJH3xovMKqCfazEwEnl/X
r90R0HTI7joDWP/z5gnc3Ed25PYJOIoo8R+4cT8N4JZaZOwRFuAxz7qIq67W+yNB
M/DPMt+scwe5Iq9/WUhNJv2MyNwQLapLcTZwneIiJnUdUJo18l2FcSDrJIB3CfpA
X9Xp5hC5je9p0eC5cOx/5FbgOY0PA4KXjVeZ4DKlo2Mv6V1ypxdWrf+8j8it5DbN
UT0eKts8ACnk1yVEUWE+unhf0sIPwsHdfDt9tBX0PxGF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:55 2024 by rpki-client on console-fra.rpki-client.org