Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/wMK6-YJfmZfXkVqUPGq8FKuslZ0.roa
File: wMK6-YJfmZfXkVqUPGq8FKuslZ0.roa (raw, json)
Hash identifier: 9uBW08RF9b2Z4nYbXfXS9EJN/EDmA+QX+oc5oE4QC+0=
Subject key identifier: C0:C2:BA:F9:82:5F:99:97:D7:91:5A:94:3C:6A:BC:14:AB:AC:95:9D
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 0189741124646BBB85057ECC407D22F3518D
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/wMK6-YJfmZfXkVqUPGq8FKuslZ0.roa
Signing time: Thu 20 Jul 2023 16:10:27 +0000
ROA not before: Thu 20 Jul 2023 16:10:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210122
IP address blocks: 152.89.195.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:74:11:24:64:6b:bb:85:05:7e:cc:40:7d:22:f3:51:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Jul 20 16:10:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0c2baf9825f9997d7915a943c6abc14abac959d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:42:a7:18:55:9f:1a:1e:e9:e7:80:a2:87:4b:
f4:9f:c7:8c:d5:aa:02:0a:24:2a:33:5b:74:a7:4c:
bd:bf:66:39:c2:01:e6:8a:85:6c:eb:cf:8a:96:f5:
c4:0c:61:6d:f7:38:ed:7f:fb:74:ba:5b:9b:e9:23:
0f:d4:b8:19:79:38:53:66:10:5d:9d:f0:45:52:4e:
32:0b:0f:9a:93:79:e9:10:df:45:9d:e9:05:4d:67:
9c:73:4f:38:a5:f1:10:e9:fb:13:22:ca:75:05:2a:
bf:47:64:bb:f9:2d:7d:db:9f:bf:81:c3:3a:55:7c:
2d:20:fa:0d:f9:9a:2b:c1:a2:a5:a6:28:75:62:0f:
71:14:a4:91:42:30:56:70:37:54:69:46:f8:e2:2f:
4e:ae:44:18:13:7c:a2:05:fe:af:cf:8b:7d:eb:b6:
ff:3c:32:28:96:2b:0e:e4:08:1e:88:c6:23:cc:ff:
ee:2a:43:e6:e0:5f:3a:b7:e3:66:28:67:f2:9a:88:
b3:d4:df:b1:33:f6:a5:80:bb:74:f2:aa:5a:a8:78:
59:fa:48:c4:ad:19:54:5b:b5:01:5c:68:f9:88:9c:
b8:44:a0:34:fc:46:b5:75:98:49:d8:2e:ca:dc:29:
ef:c7:a5:6f:6f:86:ec:a5:a5:f3:a4:45:5a:30:32:
e7:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:C2:BA:F9:82:5F:99:97:D7:91:5A:94:3C:6A:BC:14:AB:AC:95:9D
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/wMK6-YJfmZfXkVqUPGq8FKuslZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.195.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:74:57:d2:cc:e6:2f:50:f7:79:55:6d:b7:60:79:99:57:0a:
a5:41:bc:8e:70:7a:33:c0:56:51:18:17:38:26:c3:3a:9a:34:
18:c4:f8:06:8d:50:6e:d4:7a:c1:13:cc:f4:df:19:d0:2f:04:
ba:64:f2:b5:eb:f8:1d:66:38:23:8e:f8:80:e5:95:42:12:8b:
fa:05:29:ea:8f:40:72:11:b4:c8:f7:af:90:f8:55:3e:d4:78:
ef:7a:75:fa:b6:bc:2e:b2:5c:f7:ea:75:be:c4:12:35:21:36:
58:ec:a5:43:68:f5:21:3d:89:ba:67:eb:72:1c:1e:9c:09:61:
2e:f5:8e:4e:18:64:1f:ea:de:1e:89:3a:d4:05:64:2e:16:97:
4b:98:05:15:f0:79:58:b3:91:ce:4c:3f:73:8b:61:58:f1:3e:
35:67:ee:0e:ba:4f:e8:2e:14:14:4b:8c:9c:91:ed:8e:12:81:
6e:13:b9:ee:7b:51:3c:cd:18:02:52:11:90:71:82:8d:2c:bb:
9f:56:a8:44:f5:ff:12:da:f5:35:a2:89:8f:43:5d:ab:d1:4e:
7e:e5:56:12:68:92:ad:e7:50:eb:11:09:ea:b3:24:51:00:92:
fe:0d:5c:6a:90:eb:c8:e6:0f:bb:ef:05:0c:74:d0:53:4f:b4:
5b:e4:8b:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYl0ESRka7uFBX7MQH0i81GNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjMwNzIwMTYxMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGMyYmFmOTgyNWY5OTk3ZDc5MTVhOTQzYzZhYmMxNGFiYWM5NTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEKnGFWfGh7p54Cih0v0n8eM1aoC
CiQqM1t0p0y9v2Y5wgHmioVs68+KlvXEDGFt9zjtf/t0ulub6SMP1LgZeThTZhBd
nfBFUk4yCw+ak3npEN9FnekFTWecc084pfEQ6fsTIsp1BSq/R2S7+S1925+/gcM6
VXwtIPoN+ZorwaKlpih1Yg9xFKSRQjBWcDdUaUb44i9OrkQYE3yiBf6vz4t967b/
PDIolisO5AgeiMYjzP/uKkPm4F86t+NmKGfymoiz1N+xM/algLt08qpaqHhZ+kjE
rRlUW7UBXGj5iJy4RKA0/Ea1dZhJ2C7K3Cnvx6Vvb4bspaXzpEVaMDLn5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMDCuvmCX5mX15FalDxqvBSrrJWdMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvd01LNi1ZSmZtWmZYa1ZxVVBHcThGS3VzbFowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFnDMA0G
CSqGSIb3DQEBCwUAA4IBAQCxdFfSzOYvUPd5VW23YHmZVwqlQbyOcHozwFZRGBc4
JsM6mjQYxPgGjVBu1HrBE8z03xnQLwS6ZPK16/gdZjgjjviA5ZVCEov6BSnqj0By
EbTI96+Q+FU+1HjvenX6trwuslz36nW+xBI1ITZY7KVDaPUhPYm6Z+tyHB6cCWEu
9Y5OGGQf6t4eiTrUBWQuFpdLmAUV8HlYs5HOTD9zi2FY8T41Z+4Ouk/oLhQUS4yc
ke2OEoFuE7nue1E8zRgCUhGQcYKNLLufVqhE9f8S2vU1oomPQ12r0U5+5VYSaJKt
51DrEQnqsyRRAJL+DVxqkOvI5g+77wUMdNBTT7Rb5IsF
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:36:04 2024 by rpki-client on console-fra.rpki-client.org