Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/nbHX9MAAc-nt0In836Py0pWilgg.roa
File: nbHX9MAAc-nt0In836Py0pWilgg.roa (raw, json)
Hash identifier: 2Ynja79uLY/+WJkWhV/5RLA1KozE+sEsxNjWxzkbRV8=
Subject key identifier: 9D:B1:D7:F4:C0:00:73:E9:ED:D0:89:FC:DF:A3:F2:D2:95:A2:96:08
Certificate issuer: /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial: 01856BEEC29599698AF7D4A3C173366C88ED
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/nbHX9MAAc-nt0In836Py0pWilgg.roa
Signing time: Sun 01 Jan 2023 06:04:47 +0000
ROA not before: Sun 01 Jan 2023 06:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208371
IP address blocks: 89.223.98.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ee:c2:95:99:69:8a:f7:d4:a3:c1:73:36:6c:88:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Validity
Not Before: Jan 1 06:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9db1d7f4c00073e9edd089fcdfa3f2d295a29608
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:78:34:a6:8d:36:4e:12:de:cc:15:b3:a2:b0:
c2:ed:58:3e:74:fa:8e:ae:6b:57:6a:16:c3:e0:72:
b5:8a:93:61:cf:ca:11:74:02:a2:9f:e4:55:e8:5b:
33:c4:2b:82:d0:90:a5:4c:eb:f6:57:f2:13:9b:c6:
21:96:49:5b:f9:25:69:9d:5f:0c:42:94:9a:59:5a:
b9:70:0b:02:bc:ca:7b:70:52:b3:3d:4a:e7:c3:55:
91:ed:88:37:2f:26:97:73:31:f7:1e:97:06:9e:05:
f0:3f:a3:aa:71:a6:b3:1f:2b:f5:ba:98:d9:f5:ba:
a4:04:21:6e:af:36:63:31:26:30:e3:bd:60:bc:89:
24:60:68:e0:5d:35:91:1a:87:0d:fa:56:0d:a9:77:
a2:26:b6:10:62:3b:a4:1d:be:15:09:f2:e8:0d:4b:
fa:6c:62:aa:a3:00:24:cd:fb:8d:e1:8f:70:66:b7:
03:0f:de:63:ac:8f:be:8c:68:d6:21:40:80:f6:d1:
ae:ce:dd:63:af:77:4f:b8:2a:d5:c7:ab:f5:cd:5b:
cf:a6:6d:53:6b:93:b9:24:fd:ae:06:a9:93:10:a2:
54:98:f1:16:6f:2f:36:86:7c:d6:c1:21:1c:83:46:
66:d0:7c:86:72:4c:f1:ea:45:2a:1c:6f:4b:c1:6e:
a3:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:B1:D7:F4:C0:00:73:E9:ED:D0:89:FC:DF:A3:F2:D2:95:A2:96:08
X509v3 Authority Key Identifier:
keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/nbHX9MAAc-nt0In836Py0pWilgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.223.98.0/24
Signature Algorithm: sha256WithRSAEncryption
89:31:15:38:8f:46:c5:3a:8e:49:e1:25:f6:2e:85:3a:ff:ab:
94:8d:8b:29:de:58:0c:30:c5:07:80:97:9c:53:df:98:c1:20:
25:76:eb:e5:4a:74:7c:de:e1:5c:00:f3:0e:0d:9f:f4:b7:8b:
63:be:ad:5f:8f:7f:64:3b:e2:0d:ae:45:4d:68:4e:b0:c5:79:
81:96:67:cd:d7:41:a2:cc:4f:b8:80:ea:87:f6:a8:66:b3:80:
1d:5c:36:d0:1c:b7:d6:4d:cb:72:c6:ef:e6:4d:3b:61:66:c7:
a5:ef:ab:30:da:d1:8d:a0:41:5c:57:14:98:17:cc:45:86:c4:
94:f5:f9:ce:44:3a:2b:2f:5f:0f:78:c0:c9:38:07:dc:4e:13:
e4:c3:1e:48:71:63:0e:b6:7d:99:6e:3f:e8:3b:3c:80:f4:7d:
28:b6:34:c6:fd:88:ed:17:c0:cc:c2:fc:7a:9c:2b:a7:fd:fb:
91:75:49:d9:f5:3a:05:9c:53:31:7e:0f:9f:fa:95:52:22:a5:
f9:52:07:5a:31:86:54:85:32:6d:34:c0:73:23:d4:58:b7:20:
b3:91:70:43:2c:bc:55:e1:20:98:89:40:d8:01:85:95:d7:1e:
92:7a:80:92:94:be:39:fc:b5:7b:29:ad:03:4d:3f:5c:b1:85:
df:c0:c6:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr7sKVmWmK99SjwXM2bIjtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkODMxM2U0MWU2NDZhMDljZDAxZTJlNmY0NzM5ZDNiZDIz
NmM0ZmYwHhcNMjMwMTAxMDYwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGIxZDdmNGMwMDA3M2U5ZWRkMDg5ZmNkZmEzZjJkMjk1YTI5NjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHg0po02ThLezBWzorDC7Vg+dPqO
rmtXahbD4HK1ipNhz8oRdAKin+RV6FszxCuC0JClTOv2V/ITm8Yhlklb+SVpnV8M
QpSaWVq5cAsCvMp7cFKzPUrnw1WR7Yg3LyaXczH3HpcGngXwP6OqcaazHyv1upjZ
9bqkBCFurzZjMSYw471gvIkkYGjgXTWRGocN+lYNqXeiJrYQYjukHb4VCfLoDUv6
bGKqowAkzfuN4Y9wZrcDD95jrI++jGjWIUCA9tGuzt1jr3dPuCrVx6v1zVvPpm1T
a5O5JP2uBqmTEKJUmPEWby82hnzWwSEcg0Zm0HyGckzx6kUqHG9LwW6jlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ2x1/TAAHPp7dCJ/N+j8tKVopYIMB8GA1UdIwQY
MBaAFM2DE+QeZGoJzQHi5vRznTvSNsT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQt
ODg2MmI1MTczMTdjLzEvbmJIWDlNQUFjLW50MEluODM2UHkwcFdpbGdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQtODg2MmI1MTczMTdj
LzEvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWd9iMA0G
CSqGSIb3DQEBCwUAA4IBAQCJMRU4j0bFOo5J4SX2LoU6/6uUjYsp3lgMMMUHgJec
U9+YwSAlduvlSnR83uFcAPMODZ/0t4tjvq1fj39kO+INrkVNaE6wxXmBlmfN10Gi
zE+4gOqH9qhms4AdXDbQHLfWTctyxu/mTTthZsel76sw2tGNoEFcVxSYF8xFhsSU
9fnORDorL18PeMDJOAfcThPkwx5IcWMOtn2Zbj/oOzyA9H0otjTG/YjtF8DMwvx6
nCun/fuRdUnZ9ToFnFMxfg+f+pVSIqX5UgdaMYZUhTJtNMBzI9RYtyCzkXBDLLxV
4SCYiUDYAYWV1x6SeoCSlL45/LV7Ka0DTT9csYXfwMa7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:02 2024 by rpki-client on console-fra.rpki-client.org