Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/dmWfl5Cn99irbYlra-Ej1QNMRG8.roa
File: dmWfl5Cn99irbYlra-Ej1QNMRG8.roa (raw, json)
Hash identifier: IwGJ940VwjcJPBvFxqO1xpzQpUzPoWA7uvddqbn7zNs=
Subject key identifier: 76:65:9F:97:90:A7:F7:D8:AB:6D:89:6B:6B:E1:23:D5:03:4C:44:6F
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 01857115538097F6C5EB735CDC03F176A3F9
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/dmWfl5Cn99irbYlra-Ej1QNMRG8.roa
Signing time: Mon 02 Jan 2023 06:05:00 +0000
ROA not before: Mon 02 Jan 2023 06:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62308
IP address blocks: 89.174.20.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:53:80:97:f6:c5:eb:73:5c:dc:03:f1:76:a3:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 2 06:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76659f9790a7f7d8ab6d896b6be123d5034c446f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1d:a0:22:97:5b:20:3b:6e:05:0c:9e:e8:93:
68:00:31:96:1e:d4:8a:6a:df:bc:7a:63:99:86:34:
43:ac:51:78:76:a7:e7:8b:fe:0a:58:c9:b4:3f:f0:
41:58:e9:b2:77:32:53:7e:4b:88:a7:15:07:5e:c5:
72:9b:c0:c2:34:93:60:1a:10:34:6f:4b:4f:77:a3:
2c:82:17:da:b3:3a:0d:33:4c:67:28:f3:d4:b7:05:
e3:60:17:4e:58:4d:2e:cb:c3:4d:0a:b2:8b:97:12:
3f:63:4e:30:46:f5:fd:f5:29:8a:00:62:70:1a:1c:
7f:59:4b:25:a5:97:ba:d2:fa:3f:31:f4:29:9a:c1:
2e:c2:41:75:1e:0d:4d:bf:95:22:7b:b0:2d:d3:61:
3e:b0:a7:75:03:79:36:7f:4f:a7:96:96:07:53:41:
25:dd:a5:bc:76:3a:d1:9f:a2:77:ea:59:13:cf:b9:
55:31:60:bf:36:49:ff:f9:c3:6e:43:92:40:7a:c5:
9f:cf:c9:30:5d:98:fe:da:8d:61:43:7f:34:8c:b2:
52:e6:f2:64:e9:97:dd:0d:a3:bf:fd:a6:86:fa:b8:
14:dc:bc:fd:10:29:a9:91:50:74:ba:bb:d3:b1:69:
b5:0b:d8:9c:b7:9f:58:66:41:d7:ac:d9:2b:1f:3f:
90:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:65:9F:97:90:A7:F7:D8:AB:6D:89:6B:6B:E1:23:D5:03:4C:44:6F
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/dmWfl5Cn99irbYlra-Ej1QNMRG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.174.20.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:bc:74:71:01:cd:91:d5:bf:e9:55:67:f2:60:91:25:5c:23:
f1:da:3b:c4:e8:6e:70:1d:1d:a7:71:55:18:4d:29:9f:64:86:
a6:2d:92:7d:c3:b4:bf:96:83:29:19:cd:07:cc:aa:36:ec:eb:
e0:29:6b:bf:d8:20:a6:81:82:59:43:5f:a5:ea:57:5c:99:0e:
57:93:63:6a:89:db:c4:f9:f8:ec:29:45:3d:54:44:bd:28:12:
f5:3f:a7:79:61:b3:aa:e6:01:aa:01:5d:b9:a6:c6:09:3a:72:
55:6c:33:3b:00:c3:25:70:e0:dc:ba:bf:db:16:16:68:77:5f:
f0:5c:65:97:c6:88:be:ec:98:a6:6f:65:52:dc:52:57:f8:a6:
d8:d9:7a:70:a0:be:d6:1d:28:6e:e3:ce:b4:20:ac:e2:c6:ee:
0c:2e:e5:9e:15:40:b9:b9:ca:c5:37:c9:f4:32:a1:2e:50:00:
09:48:53:65:1d:c1:2e:24:47:5b:c2:5e:5d:d8:66:9d:44:ca:
aa:54:cb:b4:13:ac:0e:de:6e:70:79:3e:e6:cf:26:9b:04:79:
d6:45:57:cf:09:a3:6e:64:da:68:73:d1:2f:96:f1:d5:fb:3c:
cd:22:2e:6d:e5:17:47:6a:38:c8:53:76:dd:eb:e1:47:79:fa:
fb:69:d7:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxFVOAl/bF63Nc3APxdqP5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjMwMTAyMDYwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjY1OWY5NzkwYTdmN2Q4YWI2ZDg5NmI2YmUxMjNkNTAzNGM0NDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArB2gIpdbIDtuBQye6JNoADGWHtSK
at+8emOZhjRDrFF4dqfni/4KWMm0P/BBWOmydzJTfkuIpxUHXsVym8DCNJNgGhA0
b0tPd6MsghfaszoNM0xnKPPUtwXjYBdOWE0uy8NNCrKLlxI/Y04wRvX99SmKAGJw
Ghx/WUslpZe60vo/MfQpmsEuwkF1Hg1Nv5Uie7At02E+sKd1A3k2f0+nlpYHU0El
3aW8djrRn6J36lkTz7lVMWC/Nkn/+cNuQ5JAesWfz8kwXZj+2o1hQ380jLJS5vJk
6ZfdDaO//aaG+rgU3Lz9ECmpkVB0urvTsWm1C9ict59YZkHXrNkrHz+QcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHZln5eQp/fYq22Ja2vhI9UDTERvMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvZG1XZmw1Q245OWlyYllscmEtRWoxUU5NUkc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWa4UMA0G
CSqGSIb3DQEBCwUAA4IBAQAsvHRxAc2R1b/pVWfyYJElXCPx2jvE6G5wHR2ncVUY
TSmfZIamLZJ9w7S/loMpGc0HzKo27OvgKWu/2CCmgYJZQ1+l6ldcmQ5Xk2NqidvE
+fjsKUU9VES9KBL1P6d5YbOq5gGqAV25psYJOnJVbDM7AMMlcODcur/bFhZod1/w
XGWXxoi+7Jimb2VS3FJX+KbY2XpwoL7WHShu4860IKzixu4MLuWeFUC5ucrFN8n0
MqEuUAAJSFNlHcEuJEdbwl5d2GadRMqqVMu0E6wO3m5weT7mzyabBHnWRVfPCaNu
ZNpoc9EvlvHV+zzNIi5t5RdHajjIU3bd6+FHefr7adeq
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:50:29 2024 by rpki-client on console-fra.rpki-client.org