Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/kKL50WbZsD6OfQmp80uotWvJNpo.roa
File: kKL50WbZsD6OfQmp80uotWvJNpo.roa (raw, json)
Hash identifier: OH3QSN4bN2jDTNJBfAyXQrq98x0xm0sOK3vvWf693YM=
Subject key identifier: 90:A2:F9:D1:66:D9:B0:3E:8E:7D:09:A9:F3:4B:A8:B5:6B:C9:36:9A
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 018CCA2BDE446860BDDC26A2506D7FCB21B0
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/kKL50WbZsD6OfQmp80uotWvJNpo.roa
Signing time: Tue 02 Jan 2024 12:35:21 +0000
ROA not before: Tue 02 Jan 2024 12:35:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 152.89.192.0/24 maxlen: 24
152.89.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 May 2024 10:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:de:44:68:60:bd:dc:26:a2:50:6d:7f:cb:21:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Jan 2 12:35:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90a2f9d166d9b03e8e7d09a9f34ba8b56bc9369a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:15:ca:e2:9d:8f:78:dd:62:7e:30:e5:fc:c9:
d6:2e:17:20:ee:5f:20:e8:ef:ff:d7:37:ac:be:52:
a9:95:da:c0:30:61:2e:4d:d7:70:a7:78:ea:7f:d7:
06:e4:95:7c:f1:d3:1a:7e:e9:b7:73:03:48:29:d5:
bf:3e:e3:61:dd:8c:39:a6:0c:75:a8:c8:97:71:0e:
e8:33:d3:7b:ab:8a:61:88:59:28:dc:12:f2:23:3c:
3e:95:c1:c6:fd:d0:d9:46:95:4b:44:c7:3b:47:2e:
8c:9f:30:c2:7a:91:57:ff:1b:fc:05:6f:db:bd:b4:
e3:22:9c:50:f6:85:57:f6:fb:f8:fa:18:37:a2:77:
17:99:aa:38:b9:62:fe:9d:81:09:3d:bb:37:3a:11:
86:a8:26:13:8b:3b:97:30:f9:a9:1b:11:0c:d5:02:
4c:a5:15:3f:a2:e0:d1:b2:5f:1f:43:b1:b1:21:96:
dc:12:13:e8:38:ff:9e:a4:e5:a5:13:76:3b:85:5e:
32:53:b0:91:a3:61:2b:9f:36:31:ab:ea:ac:d9:07:
16:bb:ee:bf:c3:0c:28:4d:3f:44:c2:2b:d7:4f:3c:
3b:a5:6f:21:99:48:d1:64:68:84:02:b0:cc:a5:b6:
01:ca:cb:9e:84:26:61:ca:e8:42:39:35:75:e9:0b:
f2:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:A2:F9:D1:66:D9:B0:3E:8E:7D:09:A9:F3:4B:A8:B5:6B:C9:36:9A
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/kKL50WbZsD6OfQmp80uotWvJNpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.192.0/23
Signature Algorithm: sha256WithRSAEncryption
75:ce:aa:9c:b9:12:44:4d:9e:10:b8:b0:d1:00:e6:49:c5:20:
f2:f8:ab:fc:89:1f:1d:0a:f1:c7:d2:e8:58:22:a4:db:99:10:
ac:22:39:dd:c9:32:1a:da:61:59:6b:0d:e1:a0:89:ea:b7:c9:
a1:5d:e4:06:34:e8:19:f6:0a:be:63:ee:13:dd:83:d2:a3:5b:
83:86:4e:11:40:18:b4:31:23:f3:81:80:5a:97:4a:b6:b5:eb:
99:55:75:35:bb:0d:70:93:9a:a7:0a:aa:fb:ba:27:02:6d:ab:
d4:e6:6e:2a:e3:77:a4:69:61:e8:b0:df:85:fa:fa:da:dc:7f:
c5:6c:eb:a3:90:a7:c9:3f:d6:b2:fe:86:99:d3:42:76:bc:09:
86:d7:59:b4:3e:05:4e:b2:ce:ef:f9:41:e4:26:b6:63:a2:87:
f5:ef:9d:76:c2:7b:88:22:fd:f6:59:d5:7d:2c:ab:a5:71:a9:
07:68:58:8f:15:73:6e:c8:26:fe:61:a0:10:cd:2f:f2:e0:25:
d0:97:a0:b1:15:d4:ba:6f:93:1d:7b:08:9c:47:27:9d:d0:9d:
ed:4e:e1:73:62:80:cb:f0:fd:d6:5f:07:2f:a2:8f:09:d1:ba:
b0:e8:cb:3f:90:30:b3:57:fe:ba:3a:30:7c:f1:b4:bd:df:69:
99:d8:77:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK95EaGC93CaiUG1/yyGwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjQwMTAyMTIzNTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGEyZjlkMTY2ZDliMDNlOGU3ZDA5YTlmMzRiYThiNTZiYzkzNjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxXK4p2PeN1ifjDl/MnWLhcg7l8g
6O//1zesvlKpldrAMGEuTddwp3jqf9cG5JV88dMafum3cwNIKdW/PuNh3Yw5pgx1
qMiXcQ7oM9N7q4phiFko3BLyIzw+lcHG/dDZRpVLRMc7Ry6MnzDCepFX/xv8BW/b
vbTjIpxQ9oVX9vv4+hg3oncXmao4uWL+nYEJPbs3OhGGqCYTizuXMPmpGxEM1QJM
pRU/ouDRsl8fQ7GxIZbcEhPoOP+epOWlE3Y7hV4yU7CRo2ErnzYxq+qs2QcWu+6/
wwwoTT9EwivXTzw7pW8hmUjRZGiEArDMpbYBysuehCZhyuhCOTV16QvyJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJCi+dFm2bA+jn0JqfNLqLVryTaaMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEva0tMNTBXYlpzRDZPZlFtcDgwdW90V3ZKTnBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmFnAMA0G
CSqGSIb3DQEBCwUAA4IBAQB1zqqcuRJETZ4QuLDRAOZJxSDy+Kv8iR8dCvHH0uhY
IqTbmRCsIjndyTIa2mFZaw3hoInqt8mhXeQGNOgZ9gq+Y+4T3YPSo1uDhk4RQBi0
MSPzgYBal0q2teuZVXU1uw1wk5qnCqr7uicCbavU5m4q43ekaWHosN+F+vra3H/F
bOujkKfJP9ay/oaZ00J2vAmG11m0PgVOss7v+UHkJrZjoof17512wnuIIv32WdV9
LKulcakHaFiPFXNuyCb+YaAQzS/y4CXQl6CxFdS6b5MdewicRyed0J3tTuFzYoDL
8P3WXwcvoo8J0bqw6Ms/kDCzV/66OjB88bS932mZ2Hcr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:30 2024 by rpki-client on console-fra.rpki-client.org