Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/331ce6-e428-41fa-bb10-db3afd3d762e/1/1UFjiYqsMu3WTQ7P0CfbPtTCKiQ.roa
File: 1UFjiYqsMu3WTQ7P0CfbPtTCKiQ.roa (raw, json)
Hash identifier: heUliRHdo0bI05PBTUtF7R6oya2KdVrHY3wF1ysNOvg=
Subject key identifier: D5:41:63:89:8A:AC:32:ED:D6:4D:0E:CF:D0:27:DB:3E:D4:C2:2A:24
Certificate issuer: /CN=81aeb7622a44d23c2a45b4d0df40d6cdcc33241d
Certificate serial: 018BD1FFE94ACED9C761502E679A14603DF1
Authority key identifier: 81:AE:B7:62:2A:44:D2:3C:2A:45:B4:D0:DF:40:D6:CD:CC:33:24:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ga63YipE0jwqRbTQ30DWzcwzJB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/331ce6-e428-41fa-bb10-db3afd3d762e/1/1UFjiYqsMu3WTQ7P0CfbPtTCKiQ.roa
Signing time: Wed 15 Nov 2023 08:01:31 +0000
ROA not before: Wed 15 Nov 2023 08:01:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204949
IP address blocks: 89.23.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d1:ff:e9:4a:ce:d9:c7:61:50:2e:67:9a:14:60:3d:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81aeb7622a44d23c2a45b4d0df40d6cdcc33241d
Validity
Not Before: Nov 15 08:01:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d54163898aac32edd64d0ecfd027db3ed4c22a24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:35:db:46:47:7e:7c:1c:f2:86:d3:1d:bb:0f:
94:f7:f2:58:75:14:c6:94:e6:45:96:00:6c:55:8e:
30:5b:9a:c6:a9:b6:a2:08:0e:8d:07:2d:07:d7:03:
e6:ca:a8:7e:8d:12:75:be:bf:a7:2f:17:6a:80:22:
b8:00:36:56:a0:a5:a8:ab:ee:b7:93:73:aa:2e:26:
e4:a2:cd:a6:4b:00:e0:26:87:01:e9:d7:28:66:56:
75:b2:7e:6b:a3:95:ec:82:01:b7:ac:44:b4:ab:8e:
8e:80:93:31:20:fb:6f:6d:3c:e7:5d:35:16:6b:a3:
18:7f:8e:b4:f9:df:05:eb:9b:15:1f:27:11:22:09:
45:11:cb:23:9d:92:a6:53:87:b3:5c:c9:68:44:ad:
fa:24:18:c7:cf:b2:74:14:ba:ef:4f:46:12:bf:4a:
90:0d:18:06:31:d2:b2:51:50:42:d7:c5:ec:43:cb:
3e:e7:de:59:de:db:8e:2e:9b:7d:61:ec:39:cb:47:
f3:de:7c:62:d4:65:38:31:45:84:68:c6:58:68:d0:
0a:20:6c:82:f3:63:f6:5b:e5:3c:54:9b:7f:12:28:
9c:b2:e7:7f:13:33:c9:e0:b6:f3:da:4e:61:e2:b8:
90:51:d7:64:c0:09:11:d4:57:fd:42:6a:e8:25:0c:
ab:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:41:63:89:8A:AC:32:ED:D6:4D:0E:CF:D0:27:DB:3E:D4:C2:2A:24
X509v3 Authority Key Identifier:
keyid:81:AE:B7:62:2A:44:D2:3C:2A:45:B4:D0:DF:40:D6:CD:CC:33:24:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ga63YipE0jwqRbTQ30DWzcwzJB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/331ce6-e428-41fa-bb10-db3afd3d762e/1/1UFjiYqsMu3WTQ7P0CfbPtTCKiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/331ce6-e428-41fa-bb10-db3afd3d762e/1/ga63YipE0jwqRbTQ30DWzcwzJB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.125.0/24
Signature Algorithm: sha256WithRSAEncryption
13:6f:55:37:c4:a5:75:1e:ba:77:b5:1f:49:c9:23:46:8d:5e:
ec:a7:4f:59:a9:6d:bc:e9:55:04:ce:1e:6b:ac:47:1e:f2:ec:
b3:4c:c1:51:72:d1:32:bd:7a:ee:e2:0d:b6:d4:70:e4:ba:62:
b2:d0:93:af:f9:d6:c3:4d:98:9c:55:86:a7:64:b5:c7:02:10:
68:b5:5b:c3:a6:fe:81:32:8b:39:b4:b5:77:26:a6:ca:3b:a3:
db:8c:90:33:02:89:7d:95:04:f6:a2:49:07:8a:f3:5d:ef:63:
6b:16:1e:8a:67:e8:30:86:85:f8:06:73:0b:0f:aa:f7:b4:60:
5c:7e:81:11:1c:39:e3:8c:63:8d:ca:36:8b:ae:96:70:2f:48:
7c:c3:85:41:33:ce:0c:8a:bf:99:8d:6e:8b:4b:76:28:ad:62:
0f:1b:76:2c:a1:aa:4d:d5:8f:b1:1e:ea:78:d3:75:4f:4c:1c:
bc:1d:68:24:9e:f4:bb:c8:4d:48:dc:a3:d0:c4:50:a6:ba:71:
f0:7f:a6:b2:46:7c:31:b1:fc:ef:ab:9e:b5:9d:fc:e1:ab:66:
31:38:ff:83:d2:75:40:dd:1c:a1:bc:ef:9e:cb:ee:9e:5a:29:
b6:40:9a:83:fd:fd:d2:87:fd:60:25:5d:84:2d:ba:13:2b:cd:
67:8f:d8:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvR/+lKztnHYVAuZ5oUYD3xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYWViNzYyMmE0NGQyM2MyYTQ1YjRkMGRmNDBkNmNkY2Mz
MzI0MWQwHhcNMjMxMTE1MDgwMTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTQxNjM4OThhYWMzMmVkZDY0ZDBlY2ZkMDI3ZGIzZWQ0YzIyYTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjXbRkd+fBzyhtMduw+U9/JYdRTG
lOZFlgBsVY4wW5rGqbaiCA6NBy0H1wPmyqh+jRJ1vr+nLxdqgCK4ADZWoKWoq+63
k3OqLibkos2mSwDgJocB6dcoZlZ1sn5ro5XsggG3rES0q46OgJMxIPtvbTznXTUW
a6MYf460+d8F65sVHycRIglFEcsjnZKmU4ezXMloRK36JBjHz7J0FLrvT0YSv0qQ
DRgGMdKyUVBC18XsQ8s+595Z3tuOLpt9Yew5y0fz3nxi1GU4MUWEaMZYaNAKIGyC
82P2W+U8VJt/Eiicsud/EzPJ4Lbz2k5h4riQUddkwAkR1Ff9QmroJQyrKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNVBY4mKrDLt1k0Oz9An2z7UwiokMB8GA1UdIwQY
MBaAFIGut2IqRNI8KkW00N9A1s3MMyQdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2E2M1lpcEUwandxUmJUUTMwRFd6Y3d6SkIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8zMzFjZTYtZTQyOC00MWZhLWJiMTAt
ZGIzYWZkM2Q3NjJlLzEvMVVGamlZcXNNdTNXVFE3UDBDZmJQdFRDS2lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8zMzFjZTYtZTQyOC00MWZhLWJiMTAtZGIzYWZkM2Q3NjJl
LzEvZ2E2M1lpcEUwandxUmJUUTMwRFd6Y3d6SkIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRd9MA0G
CSqGSIb3DQEBCwUAA4IBAQATb1U3xKV1Hrp3tR9JySNGjV7sp09ZqW286VUEzh5r
rEce8uyzTMFRctEyvXru4g221HDkumKy0JOv+dbDTZicVYanZLXHAhBotVvDpv6B
Mos5tLV3JqbKO6PbjJAzAol9lQT2okkHivNd72NrFh6KZ+gwhoX4BnMLD6r3tGBc
foERHDnjjGONyjaLrpZwL0h8w4VBM84Mir+ZjW6LS3YorWIPG3YsoapN1Y+xHup4
03VPTBy8HWgknvS7yE1I3KPQxFCmunHwf6ayRnwxsfzvq561nfzhq2YxOP+D0nVA
3RyhvO+ey+6eWim2QJqD/f3Sh/1gJV2ELboTK81nj9ii
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:46 2024 by rpki-client on console-ams.rpki-client.org