Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/G3u5xzlbbq-1u_bNMDSaLBYEuFk.roa
File: G3u5xzlbbq-1u_bNMDSaLBYEuFk.roa (raw, json)
Hash identifier: fbWLfYaUbPLxpQ10ni6ZojM2kscZlHK9nmrJ42h5CuQ=
Subject key identifier: 1B:7B:B9:C7:39:5B:6E:AF:B5:BB:F6:CD:30:34:9A:2C:16:04:B8:59
Certificate issuer: /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial: 01856BEEC202D527D38A1627D9618E8093FA
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/G3u5xzlbbq-1u_bNMDSaLBYEuFk.roa
Signing time: Sun 01 Jan 2023 06:04:47 +0000
ROA not before: Sun 01 Jan 2023 06:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208325
IP address blocks: 89.223.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ee:c2:02:d5:27:d3:8a:16:27:d9:61:8e:80:93:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Validity
Not Before: Jan 1 06:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b7bb9c7395b6eafb5bbf6cd30349a2c1604b859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ee:1d:d0:51:be:c7:ec:b9:c0:c9:22:b4:e7:
dc:3b:3c:f3:38:88:cd:57:c6:51:e4:d5:43:4d:fd:
ec:3d:61:64:ba:3f:48:bb:53:ec:c9:2d:b1:cc:05:
25:d3:3b:23:ae:36:ff:fb:ad:08:97:73:b9:aa:4d:
4b:21:82:a8:cb:61:1a:59:92:34:97:2e:1d:1c:0d:
c1:0e:4d:a5:eb:d2:7c:45:7b:f9:16:53:59:f9:14:
6f:fa:f0:6f:59:16:50:64:66:21:59:23:ea:42:14:
1a:20:2f:e2:84:55:33:84:8b:32:86:a6:c4:6c:dc:
47:ce:94:9e:5e:5d:02:e3:3b:2c:19:2d:74:be:4c:
cc:83:0e:ed:8f:44:15:b0:e6:d4:c8:5a:08:c0:78:
6c:4c:79:34:91:09:3d:b6:a3:87:bb:45:2a:5f:c2:
4d:0d:6c:f3:4d:fd:ec:a8:6f:48:01:fe:15:b8:31:
68:ab:68:14:dc:ed:ac:8a:f4:9c:28:db:d8:16:88:
37:81:3a:6f:8e:d3:45:e9:ef:18:dd:13:76:66:69:
68:24:59:a5:91:db:ad:c1:30:5d:2c:c8:a1:b2:c4:
22:b3:53:ef:64:17:59:d4:bc:58:75:79:8b:a3:d6:
01:2f:c8:d3:04:d2:65:e0:af:c1:cf:60:67:51:9a:
f6:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:7B:B9:C7:39:5B:6E:AF:B5:BB:F6:CD:30:34:9A:2C:16:04:B8:59
X509v3 Authority Key Identifier:
keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/G3u5xzlbbq-1u_bNMDSaLBYEuFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.223.99.0/24
Signature Algorithm: sha256WithRSAEncryption
75:70:28:d8:16:7e:a9:3a:7d:38:7f:ac:1a:0a:34:19:4a:d2:
a7:4f:e3:9b:54:d2:f6:fa:58:e8:5f:38:ff:d5:b9:f6:00:bf:
78:21:bd:66:d0:5c:fb:38:0a:d5:7e:57:a4:2d:14:e2:09:0c:
91:23:47:3e:03:02:3d:2f:45:9d:b6:98:13:78:76:d8:aa:b4:
74:3e:22:8e:0d:85:f8:d7:e9:85:06:a4:4c:1d:90:9c:7c:c0:
80:07:7d:91:c1:7b:ca:18:e2:52:43:f2:48:47:fe:a5:67:5e:
a9:0b:c4:9e:78:ac:e6:bb:41:1a:11:a4:65:69:55:6d:51:aa:
f8:6a:f7:0d:5b:8b:78:83:4f:e9:3a:8b:09:33:d1:03:e2:96:
16:d8:c4:d8:b8:07:08:74:6d:96:bd:87:7a:c1:7a:74:4b:c6:
b1:c8:a9:d7:83:13:ca:a3:99:aa:64:0e:7f:33:4a:e5:d6:af:
0d:20:8d:de:e6:92:c8:67:f8:1d:22:b4:a2:da:91:38:5b:52:
8c:6c:68:31:c9:4f:6c:a1:51:47:5e:02:be:39:e4:ec:70:bc:
60:04:06:73:0f:1c:94:21:34:cb:c0:a9:25:9d:57:5f:91:e5:
26:45:d0:78:47:b3:db:47:91:5c:66:0f:a0:e4:aa:f6:35:92:
82:8b:5d:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr7sIC1SfTihYn2WGOgJP6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkODMxM2U0MWU2NDZhMDljZDAxZTJlNmY0NzM5ZDNiZDIz
NmM0ZmYwHhcNMjMwMTAxMDYwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjdiYjljNzM5NWI2ZWFmYjViYmY2Y2QzMDM0OWEyYzE2MDRiODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+4d0FG+x+y5wMkitOfcOzzzOIjN
V8ZR5NVDTf3sPWFkuj9Iu1PsyS2xzAUl0zsjrjb/+60Il3O5qk1LIYKoy2EaWZI0
ly4dHA3BDk2l69J8RXv5FlNZ+RRv+vBvWRZQZGYhWSPqQhQaIC/ihFUzhIsyhqbE
bNxHzpSeXl0C4zssGS10vkzMgw7tj0QVsObUyFoIwHhsTHk0kQk9tqOHu0UqX8JN
DWzzTf3sqG9IAf4VuDFoq2gU3O2sivScKNvYFog3gTpvjtNF6e8Y3RN2ZmloJFml
kdutwTBdLMihssQis1PvZBdZ1LxYdXmLo9YBL8jTBNJl4K/Bz2BnUZr2jQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBt7ucc5W26vtbv2zTA0miwWBLhZMB8GA1UdIwQY
MBaAFM2DE+QeZGoJzQHi5vRznTvSNsT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQt
ODg2MmI1MTczMTdjLzEvRzN1NXh6bGJicS0xdV9iTk1EU2FMQllFdUZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQtODg2MmI1MTczMTdj
LzEvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWd9jMA0G
CSqGSIb3DQEBCwUAA4IBAQB1cCjYFn6pOn04f6waCjQZStKnT+ObVNL2+ljoXzj/
1bn2AL94Ib1m0Fz7OArVflekLRTiCQyRI0c+AwI9L0WdtpgTeHbYqrR0PiKODYX4
1+mFBqRMHZCcfMCAB32RwXvKGOJSQ/JIR/6lZ16pC8SeeKzmu0EaEaRlaVVtUar4
avcNW4t4g0/pOosJM9ED4pYW2MTYuAcIdG2WvYd6wXp0S8axyKnXgxPKo5mqZA5/
M0rl1q8NII3e5pLIZ/gdIrSi2pE4W1KMbGgxyU9soVFHXgK+OeTscLxgBAZzDxyU
ITTLwKklnVdfkeUmRdB4R7PbR5FcZg+g5Kr2NZKCi12M
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:33 2024 by rpki-client on console-ams.rpki-client.org