Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/B9KkkpV0QurrItYnIADYj4hV-KU.roa
File: B9KkkpV0QurrItYnIADYj4hV-KU.roa (raw, json)
Hash identifier: ICswLjAeEAwlINgnP1r2p4RiUSxsKMz60a0BsAzf11w=
Subject key identifier: 07:D2:A4:92:95:74:42:EA:EB:22:D6:27:20:00:D8:8F:88:55:F8:A5
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 0186CD1C0E0564E3F0668ABBEA43FB76C383
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/B9KkkpV0QurrItYnIADYj4hV-KU.roa
Signing time: Fri 10 Mar 2023 20:00:13 +0000
ROA not before: Fri 10 Mar 2023 20:00:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50225
IP address blocks: 89.38.134.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:cd:1c:0e:05:64:e3:f0:66:8a:bb:ea:43:fb:76:c3:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: Mar 10 20:00:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=07d2a492957442eaeb22d6272000d88f8855f8a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ee:c7:73:8a:91:31:52:06:57:d1:ac:5e:08:
5c:12:82:39:c4:bc:1d:9d:ba:9c:90:7e:da:40:3c:
c3:c3:b2:cd:d5:e5:d8:fd:94:19:7c:bb:3b:4d:16:
20:fa:ea:05:ac:3a:e0:c4:9e:bc:2c:d1:a6:8f:de:
df:0c:da:9e:56:5d:01:78:8a:67:4b:9f:a7:80:0a:
c0:d3:c4:53:c7:15:b5:24:2d:3f:e4:aa:87:03:4a:
3d:a7:2a:76:73:6a:ee:20:cf:97:26:fe:d8:58:c2:
63:11:32:90:ef:67:e2:3f:92:a2:7d:2e:e9:c3:f4:
8b:cf:dc:88:07:0e:3a:b3:4d:83:fb:66:d9:68:72:
11:52:b7:a5:4f:96:d4:a7:b4:03:67:43:d4:5a:50:
83:a6:ee:16:1a:26:2f:f4:95:ad:f3:53:3a:cd:29:
c3:08:0b:f8:e6:e8:a3:eb:07:4c:f4:6e:f2:77:39:
ef:47:b5:0b:42:4b:0f:cc:4a:f9:61:83:ff:63:dd:
50:bb:f8:08:60:14:db:af:95:3c:89:b1:31:9a:b0:
54:17:3f:b2:81:be:c0:b5:a9:9b:1c:9d:fc:4d:0c:
49:26:f3:8a:3e:5b:8e:bf:7e:e2:fe:66:f5:13:55:
8a:ee:76:3a:1e:49:04:7a:67:b3:0c:ce:70:b1:b7:
09:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:D2:A4:92:95:74:42:EA:EB:22:D6:27:20:00:D8:8F:88:55:F8:A5
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/B9KkkpV0QurrItYnIADYj4hV-KU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.134.0/24
Signature Algorithm: sha256WithRSAEncryption
02:ec:cb:e2:3a:97:9d:c9:47:1e:9e:6b:e6:3f:55:a7:ff:9d:
8e:84:0c:4c:30:58:fe:5e:fb:9f:93:88:e3:57:61:3d:81:00:
5e:2d:f3:ac:78:72:ad:1a:cb:85:cb:fe:b2:68:0c:d9:4b:07:
89:6c:3e:47:0c:03:9a:91:83:12:a5:03:4d:e4:2d:f1:ce:bb:
c7:1a:9f:ec:47:1e:aa:83:85:85:9d:c1:ff:72:e2:61:9c:36:
17:c1:8b:17:1a:d7:1e:4d:1d:cf:95:1a:2e:31:c0:f7:c1:7b:
f5:7c:9c:75:8a:a9:34:db:b9:27:95:c7:dc:9e:96:ee:b3:3c:
29:23:c8:4b:71:1c:9f:76:54:7c:d5:eb:6f:87:11:27:4a:82:
4b:4c:92:0a:0b:9f:69:f2:01:e1:5e:7b:23:e5:dc:81:f4:71:
da:8a:a2:d0:75:fe:44:f0:8e:82:dc:d7:ee:33:2c:dd:02:e5:
ee:54:57:6f:72:6c:73:31:57:d9:00:87:d6:32:2d:37:d9:62:
51:47:73:d1:ee:ba:35:8a:60:6f:9e:4f:a6:a6:16:b5:80:74:
30:f5:ff:44:04:56:8c:88:c4:68:90:6e:35:c5:98:2d:40:64:
bc:3d:54:93:f5:a1:bc:7a:66:9d:60:6a:1c:e7:15:73:e2:1e:
a4:59:44:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbNHA4FZOPwZoq76kP7dsODMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjMwMzEwMjAwMDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2QyYTQ5Mjk1NzQ0MmVhZWIyMmQ2MjcyMDAwZDg4Zjg4NTVmOGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAme7Hc4qRMVIGV9GsXghcEoI5xLwd
nbqckH7aQDzDw7LN1eXY/ZQZfLs7TRYg+uoFrDrgxJ68LNGmj97fDNqeVl0BeIpn
S5+ngArA08RTxxW1JC0/5KqHA0o9pyp2c2ruIM+XJv7YWMJjETKQ72fiP5KifS7p
w/SLz9yIBw46s02D+2bZaHIRUrelT5bUp7QDZ0PUWlCDpu4WGiYv9JWt81M6zSnD
CAv45uij6wdM9G7ydznvR7ULQksPzEr5YYP/Y91Qu/gIYBTbr5U8ibExmrBUFz+y
gb7AtambHJ38TQxJJvOKPluOv37i/mb1E1WK7nY6HkkEemezDM5wsbcJEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAfSpJKVdELq6yLWJyAA2I+IVfilMB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvQjlLa2twVjBRdXJySXRZbklBRFlqNGhWLUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSaGMA0G
CSqGSIb3DQEBCwUAA4IBAQAC7MviOpedyUcenmvmP1Wn/52OhAxMMFj+Xvufk4jj
V2E9gQBeLfOseHKtGsuFy/6yaAzZSweJbD5HDAOakYMSpQNN5C3xzrvHGp/sRx6q
g4WFncH/cuJhnDYXwYsXGtceTR3PlRouMcD3wXv1fJx1iqk027knlcfcnpbuszwp
I8hLcRyfdlR81etvhxEnSoJLTJIKC59p8gHhXnsj5dyB9HHaiqLQdf5E8I6C3Nfu
MyzdAuXuVFdvcmxzMVfZAIfWMi032WJRR3PR7ro1imBvnk+mpha1gHQw9f9EBFaM
iMRokG41xZgtQGS8PVST9aG8emadYGoc5xVz4h6kWUQU
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:54 2023 by rpki-client on console-ams.rpki-client.org