Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/52d0fe-cc6e-41d9-9643-c5d360fcdf0e/1/IQgZV8Ig6QwRMgIjtNyN9ECBRqc.roa
File: IQgZV8Ig6QwRMgIjtNyN9ECBRqc.roa (raw, json)
Hash identifier: 3a5tvEbMOZUqkSqsZT3bW3u0xkY+dYelygqNxXFOZ/U=
Subject key identifier: 21:08:19:57:C2:20:E9:0C:11:32:02:23:B4:DC:8D:F4:40:81:46:A7
Certificate issuer: /CN=a7f66522f403d8c994a484682870799417ce1e81
Certificate serial: 01856C4130A16622CE70D764230D25B7AB87
Authority key identifier: A7:F6:65:22:F4:03:D8:C9:94:A4:84:68:28:70:79:94:17:CE:1E:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_ZlIvQD2MmUpIRoKHB5lBfOHoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/52d0fe-cc6e-41d9-9643-c5d360fcdf0e/1/IQgZV8Ig6QwRMgIjtNyN9ECBRqc.roa
Signing time: Sun 01 Jan 2023 07:34:49 +0000
ROA not before: Sun 01 Jan 2023 07:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60815
IP address blocks: 185.89.89.0/24 maxlen: 24
185.89.88.0/24 maxlen: 24
185.89.88.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 13 Jul 2023 11:53:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:30:a1:66:22:ce:70:d7:64:23:0d:25:b7:ab:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7f66522f403d8c994a484682870799417ce1e81
Validity
Not Before: Jan 1 07:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21081957c220e90c11320223b4dc8df4408146a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:98:12:85:c0:b0:ae:7b:43:94:73:c5:92:ed:
da:c5:ca:f4:ff:fc:4e:5a:22:fe:a7:b0:01:cf:e3:
42:7c:43:a2:6a:16:b6:82:49:e7:e8:4e:bf:e1:40:
d0:1d:25:f3:db:82:10:27:a6:c8:65:a2:38:7e:65:
ab:3d:ea:10:bc:fd:72:fb:1f:10:03:67:b6:b4:01:
3e:df:13:44:32:28:66:e0:3a:3e:09:36:71:75:d5:
85:aa:05:65:d3:27:29:45:97:6d:3a:16:16:08:2f:
55:7e:75:67:a6:b9:f1:a4:d4:d1:70:78:a9:39:f8:
2f:68:70:fb:4d:3e:b1:63:40:b8:d5:41:5d:2d:9c:
dd:4b:e9:03:30:03:92:6b:5a:30:d1:b6:f9:8f:49:
e8:8c:c7:00:7b:94:7f:4d:fb:72:c6:aa:0b:8b:25:
ff:7e:e8:41:2c:32:66:ad:d0:cf:c3:23:a5:09:64:
f8:17:76:6b:27:af:bc:dd:f4:c1:7f:b1:bc:0f:52:
6c:09:f4:b1:79:61:84:a2:31:fe:f2:cc:58:c9:68:
ed:e3:a3:10:5c:d6:8e:aa:76:81:c2:d0:3c:90:45:
cf:78:dc:ac:d9:d7:59:d8:37:68:93:bd:a4:15:70:
50:d3:0c:88:ef:9c:94:08:c4:ac:94:14:91:5e:d3:
2a:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:08:19:57:C2:20:E9:0C:11:32:02:23:B4:DC:8D:F4:40:81:46:A7
X509v3 Authority Key Identifier:
keyid:A7:F6:65:22:F4:03:D8:C9:94:A4:84:68:28:70:79:94:17:CE:1E:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_ZlIvQD2MmUpIRoKHB5lBfOHoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/52d0fe-cc6e-41d9-9643-c5d360fcdf0e/1/IQgZV8Ig6QwRMgIjtNyN9ECBRqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/52d0fe-cc6e-41d9-9643-c5d360fcdf0e/1/p_ZlIvQD2MmUpIRoKHB5lBfOHoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.88.0/23
Signature Algorithm: sha256WithRSAEncryption
a5:b0:66:e1:06:cc:05:16:c7:48:18:4f:3b:38:a4:b2:df:7a:
56:c5:83:66:20:a4:0c:4a:73:27:fe:3f:84:7b:44:fe:62:0e:
11:1e:f1:85:ad:64:35:12:cd:ff:91:9d:95:c7:73:c8:db:3e:
b0:ba:9a:4a:a7:07:ba:17:ee:4e:64:bb:e1:67:5c:d1:c3:33:
1c:aa:3d:ba:20:78:20:46:14:51:cd:27:93:e3:22:d5:9a:93:
2a:fa:7f:80:dd:05:09:be:01:a9:f2:b8:8c:a1:18:ee:16:fa:
2c:de:ef:9b:28:39:1f:c9:d8:c0:d3:01:ff:f1:4b:fc:88:52:
8d:97:5f:76:f0:71:cd:e0:2c:05:e2:17:1c:f6:e5:be:13:95:
a6:a3:61:f2:04:35:88:4e:f8:1c:59:72:5f:3e:10:97:e4:63:
fd:c5:b1:d5:54:5b:28:05:1a:ee:29:ac:1e:12:34:bb:d0:16:
3a:34:af:8b:e2:65:41:44:94:b5:67:ed:7a:3e:96:fc:28:60:
d4:81:09:0d:f7:60:80:bb:a4:39:74:1d:44:6b:6c:f4:22:20:
fc:0d:90:ee:27:f3:36:50:f6:6c:27:38:e5:07:44:58:eb:b1:
45:1d:ce:f2:45:7c:7f:22:7e:4b:db:be:f4:fd:6b:bc:c7:00:
a6:b5:7c:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsQTChZiLOcNdkIw0lt6uHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZjY2NTIyZjQwM2Q4Yzk5NGE0ODQ2ODI4NzA3OTk0MTdj
ZTFlODEwHhcNMjMwMTAxMDczNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTA4MTk1N2MyMjBlOTBjMTEzMjAyMjNiNGRjOGRmNDQwODE0NmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5pgShcCwrntDlHPFku3axcr0//xO
WiL+p7ABz+NCfEOiaha2gknn6E6/4UDQHSXz24IQJ6bIZaI4fmWrPeoQvP1y+x8Q
A2e2tAE+3xNEMihm4Do+CTZxddWFqgVl0ycpRZdtOhYWCC9VfnVnprnxpNTRcHip
OfgvaHD7TT6xY0C41UFdLZzdS+kDMAOSa1ow0bb5j0nojMcAe5R/TftyxqoLiyX/
fuhBLDJmrdDPwyOlCWT4F3ZrJ6+83fTBf7G8D1JsCfSxeWGEojH+8sxYyWjt46MQ
XNaOqnaBwtA8kEXPeNys2ddZ2Ddok72kFXBQ0wyI75yUCMSslBSRXtMqmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCEIGVfCIOkMETICI7TcjfRAgUanMB8GA1UdIwQY
MBaAFKf2ZSL0A9jJlKSEaChweZQXzh6BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF9abEl2UUQyTW1VcElSb0tIQjVsQmZPSG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81MmQwZmUtY2M2ZS00MWQ5LTk2NDMt
YzVkMzYwZmNkZjBlLzEvSVFnWlY4SWc2UXdSTWdJanROeU45RUNCUnFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81MmQwZmUtY2M2ZS00MWQ5LTk2NDMtYzVkMzYwZmNkZjBl
LzEvcF9abEl2UUQyTW1VcElSb0tIQjVsQmZPSG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuVlYMA0G
CSqGSIb3DQEBCwUAA4IBAQClsGbhBswFFsdIGE87OKSy33pWxYNmIKQMSnMn/j+E
e0T+Yg4RHvGFrWQ1Es3/kZ2Vx3PI2z6wuppKpwe6F+5OZLvhZ1zRwzMcqj26IHgg
RhRRzSeT4yLVmpMq+n+A3QUJvgGp8riMoRjuFvos3u+bKDkfydjA0wH/8Uv8iFKN
l1928HHN4CwF4hcc9uW+E5Wmo2HyBDWITvgcWXJfPhCX5GP9xbHVVFsoBRruKawe
EjS70BY6NK+L4mVBRJS1Z+16Ppb8KGDUgQkN92CAu6Q5dB1Ea2z0IiD8DZDuJ/M2
UPZsJzjlB0RY67FFHc7yRXx/In5L2770/Wu8xwCmtXxa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:46 2024 by rpki-client on console-fra.rpki-client.org