Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/97OsD3yI58_k6wsFCud8i7hhIhY.roa
File: 97OsD3yI58_k6wsFCud8i7hhIhY.roa (raw, json)
Hash identifier: ZqG8JmykGF5hsCwxyVm1KVGMWLog90mSmx3+LJlh2JM=
Subject key identifier: F7:B3:AC:0F:7C:88:E7:CF:E4:EB:0B:05:0A:E7:7C:8B:B8:61:22:16
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 018CCA2BDC6EF42AC747DC8BCBC1A7904F68
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/97OsD3yI58_k6wsFCud8i7hhIhY.roa
Signing time: Tue 02 Jan 2024 12:35:21 +0000
ROA not before: Tue 02 Jan 2024 12:35:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 152.89.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 May 2024 08:28:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:dc:6e:f4:2a:c7:47:dc:8b:cb:c1:a7:90:4f:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Jan 2 12:35:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7b3ac0f7c88e7cfe4eb0b050ae77c8bb8612216
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:93:df:08:96:6c:50:5f:8d:12:83:29:22:9d:
13:b2:13:83:97:5b:d9:28:1c:8c:c6:e7:a3:25:d9:
35:11:36:0b:2a:49:41:b5:54:7c:2b:18:c2:ee:c7:
1b:be:dc:42:aa:c4:2e:0f:68:3c:ad:1d:e4:e7:84:
7e:24:b1:fb:02:87:3c:c0:e6:5b:54:6f:9f:e5:1a:
f6:f0:74:cb:a8:19:04:c9:10:f5:e9:52:c0:f4:8e:
8d:94:23:57:32:df:3a:06:d2:1e:b6:5e:c5:04:45:
d7:4e:ed:a9:6f:87:70:79:42:11:6c:b5:f2:17:a4:
22:f3:8d:7a:df:9a:23:b9:b7:f2:13:6a:13:c9:fd:
c2:27:18:f9:73:86:c6:18:d7:e0:1d:14:bb:8c:93:
3c:21:a5:53:b6:88:3f:3c:69:e4:85:8e:2a:82:81:
77:44:98:eb:59:f2:f4:21:89:eb:a5:32:33:b7:c8:
d1:b7:eb:77:82:38:f3:3a:2c:90:5d:ab:bf:5b:9a:
78:09:46:be:07:6f:1c:90:7d:14:ba:bc:cc:67:5c:
6d:35:12:ca:b2:9d:5d:12:00:9d:b5:d4:9b:c9:97:
ee:ad:30:d5:6b:9a:49:88:68:c0:96:af:8e:e4:b5:
3c:01:fa:ef:2a:91:4c:6a:6d:f2:f0:af:a2:cb:a2:
74:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:B3:AC:0F:7C:88:E7:CF:E4:EB:0B:05:0A:E7:7C:8B:B8:61:22:16
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/97OsD3yI58_k6wsFCud8i7hhIhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.194.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:e5:be:ae:79:4b:3d:c9:ba:d2:12:dc:eb:41:02:f3:13:62:
ab:88:bd:32:02:0e:b5:9b:59:5e:e2:a9:2c:18:c2:8a:9f:1f:
07:52:01:8c:f4:83:52:da:d4:ac:fd:a8:26:d1:c9:2d:92:6d:
da:f1:34:f3:b2:37:91:71:b5:4e:b7:bf:2e:53:fe:9c:e9:61:
26:4c:4b:57:91:3f:2b:80:b9:fd:56:54:05:bd:1c:0a:10:fc:
2c:4e:1f:ca:4c:db:57:79:da:9c:6f:4b:dc:7a:d4:6f:03:cb:
c2:96:38:80:5d:f5:49:eb:15:3b:ac:21:fa:8e:88:e3:13:dc:
0d:ea:34:ae:86:61:e7:18:31:81:26:5f:42:28:ad:ed:ce:f1:
e2:d4:10:21:61:b8:01:70:ec:bd:e9:73:08:92:b8:93:9d:90:
20:08:06:84:04:b0:e0:6a:b5:09:ee:6a:bf:4f:1b:b5:f2:c1:
60:36:c8:9d:cf:f2:af:9b:f3:f1:b8:3d:a1:03:b0:2e:74:88:
f9:72:c0:8b:0d:77:a1:1d:19:bc:b8:49:4f:de:49:07:ba:f9:
ed:e7:40:25:20:8a:72:71:5a:91:e3:96:62:46:0a:4e:4d:17:
8b:6f:b7:0c:bb:5c:35:6d:50:d4:c9:5d:c4:a8:41:d4:06:cb:
43:b9:dd:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK9xu9CrHR9yLy8GnkE9oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjQwMTAyMTIzNTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2IzYWMwZjdjODhlN2NmZTRlYjBiMDUwYWU3N2M4YmI4NjEyMjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpPfCJZsUF+NEoMpIp0TshODl1vZ
KByMxuejJdk1ETYLKklBtVR8KxjC7scbvtxCqsQuD2g8rR3k54R+JLH7Aoc8wOZb
VG+f5Rr28HTLqBkEyRD16VLA9I6NlCNXMt86BtIetl7FBEXXTu2pb4dweUIRbLXy
F6Qi841635ojubfyE2oTyf3CJxj5c4bGGNfgHRS7jJM8IaVTtog/PGnkhY4qgoF3
RJjrWfL0IYnrpTIzt8jRt+t3gjjzOiyQXau/W5p4CUa+B28ckH0UurzMZ1xtNRLK
sp1dEgCdtdSbyZfurTDVa5pJiGjAlq+O5LU8AfrvKpFMam3y8K+iy6J0vwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPezrA98iOfP5OsLBQrnfIu4YSIWMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvOTdPc0QzeUk1OF9rNndzRkN1ZDhpN2hoSWhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFnCMA0G
CSqGSIb3DQEBCwUAA4IBAQCw5b6ueUs9ybrSEtzrQQLzE2KriL0yAg61m1le4qks
GMKKnx8HUgGM9INS2tSs/agm0cktkm3a8TTzsjeRcbVOt78uU/6c6WEmTEtXkT8r
gLn9VlQFvRwKEPwsTh/KTNtXedqcb0vcetRvA8vCljiAXfVJ6xU7rCH6jojjE9wN
6jSuhmHnGDGBJl9CKK3tzvHi1BAhYbgBcOy96XMIkriTnZAgCAaEBLDgarUJ7mq/
Txu18sFgNsidz/Kvm/PxuD2hA7AudIj5csCLDXehHRm8uElP3kkHuvnt50AlIIpy
cVqR45ZiRgpOTReLb7cMu1w1bVDUyV3EqEHUBstDud15
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:59 2024 by rpki-client on console-ams.rpki-client.org