Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/ESGrUtx7ccZ89SxR2EwT_I6lKsY.roa
File: ESGrUtx7ccZ89SxR2EwT_I6lKsY.roa (raw, json)
Hash identifier: CGTA+PgzJdVhQ/YFOjxBENFvQ4HQwXKt2Y51+HfVyZI=
Subject key identifier: 11:21:AB:52:DC:7B:71:C6:7C:F5:2C:51:D8:4C:13:FC:8E:A5:2A:C6
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 0186B8CC9514AFE43F2BA4E1E898468FFF9C
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/ESGrUtx7ccZ89SxR2EwT_I6lKsY.roa
Signing time: Mon 06 Mar 2023 21:21:00 +0000
ROA not before: Mon 06 Mar 2023 21:21:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211432
IP address blocks: 89.44.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Oct 2023 18:33:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b8:cc:95:14:af:e4:3f:2b:a4:e1:e8:98:46:8f:ff:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: Mar 6 21:21:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1121ab52dc7b71c67cf52c51d84c13fc8ea52ac6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:5d:77:9e:0e:ab:8a:ba:2d:4b:b0:af:0b:84:
63:4f:21:54:0c:2d:42:d3:f9:97:cd:3b:8b:f0:46:
e6:a4:74:69:49:0d:27:c9:9c:0b:af:70:1e:66:e9:
39:8d:98:a9:05:23:62:0c:43:71:d0:c4:c9:b9:86:
6c:54:8e:66:fa:db:52:bb:a9:09:19:96:72:a3:16:
7b:4b:4c:26:8d:d3:2b:22:1e:5c:70:0d:bf:d6:a2:
50:4f:ec:96:8a:a3:9a:c8:3f:45:15:56:6f:0c:29:
8c:41:78:05:0b:e7:1d:fd:df:84:3c:f2:e9:17:1c:
65:f6:9f:73:01:f4:bd:8a:94:fd:72:75:72:e2:4b:
2a:54:69:22:02:89:ed:18:be:2c:d5:dc:23:e5:a6:
6d:25:0a:f3:e2:02:31:a2:13:4f:20:42:65:d4:7c:
cc:1a:78:55:93:8e:8f:4c:bd:a4:46:aa:f2:62:d6:
ee:87:7e:60:98:34:1a:b7:25:56:7d:ff:66:9f:a6:
80:4f:80:7f:f9:38:35:74:d0:ca:0e:4f:7d:9c:3b:
89:40:77:2a:3e:ff:f3:a1:4f:2d:94:44:b0:f8:12:
8c:f5:25:6e:7b:da:5e:ac:33:fd:82:7c:f9:9d:a2:
7b:35:4c:e4:3f:ca:d9:54:b8:c6:01:b3:71:86:22:
ee:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:21:AB:52:DC:7B:71:C6:7C:F5:2C:51:D8:4C:13:FC:8E:A5:2A:C6
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/ESGrUtx7ccZ89SxR2EwT_I6lKsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.102.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:3b:8f:79:9f:1b:db:b8:f5:91:da:4d:46:2f:a2:dc:5f:3b:
c4:e0:0e:44:72:f1:ef:36:6b:7a:98:59:20:54:57:a7:fe:3f:
35:ac:fd:4e:a4:98:a9:8d:9c:03:43:19:3a:5c:73:2d:2e:97:
95:d3:77:ed:90:6d:5f:9c:a5:a1:16:a7:93:f4:a3:41:4f:49:
c6:07:a8:1d:35:7b:8b:32:83:db:bd:37:c9:cf:a9:4d:22:0d:
2f:ae:7b:bb:01:30:97:a6:0e:b1:bc:2a:5c:ef:ef:c9:b4:86:
f6:10:18:45:ed:25:64:fd:ad:6c:21:95:df:57:b8:d2:9e:92:
25:3f:af:77:e7:2d:30:91:db:da:1b:e2:a7:fa:df:6f:97:72:
cb:0a:ea:ec:a8:74:94:f7:ed:c9:ae:c4:42:67:d7:12:58:0b:
83:59:7c:8a:6a:eb:f5:3c:c4:05:25:ff:a1:d8:39:e3:da:5e:
cb:3f:22:13:bf:ed:d7:ee:5c:4f:2f:ce:f2:8f:3c:83:85:d9:
1d:1b:51:61:5a:e0:e3:e4:b5:6c:dc:0a:f3:2d:9d:5c:ff:28:
3c:5c:1c:3a:04:1f:5b:c9:07:af:80:03:1e:7f:d8:5b:d8:a5:
a5:44:58:b6:3a:e6:8d:70:77:3f:79:aa:8b:29:86:fa:18:56:
3f:93:8a:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYa4zJUUr+Q/K6Th6JhGj/+cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjMwMzA2MjEyMTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTIxYWI1MmRjN2I3MWM2N2NmNTJjNTFkODRjMTNmYzhlYTUyYWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyV13ng6rirotS7CvC4RjTyFUDC1C
0/mXzTuL8EbmpHRpSQ0nyZwLr3AeZuk5jZipBSNiDENx0MTJuYZsVI5m+ttSu6kJ
GZZyoxZ7S0wmjdMrIh5ccA2/1qJQT+yWiqOayD9FFVZvDCmMQXgFC+cd/d+EPPLp
Fxxl9p9zAfS9ipT9cnVy4ksqVGkiAontGL4s1dwj5aZtJQrz4gIxohNPIEJl1HzM
GnhVk46PTL2kRqryYtbuh35gmDQatyVWff9mn6aAT4B/+Tg1dNDKDk99nDuJQHcq
Pv/zoU8tlESw+BKM9SVue9perDP9gnz5naJ7NUzkP8rZVLjGAbNxhiLu8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBEhq1Lce3HGfPUsUdhME/yOpSrGMB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvRVNHclV0eDdjY1o4OVN4UjJFd1RfSTZsS3NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSxmMA0G
CSqGSIb3DQEBCwUAA4IBAQCxO495nxvbuPWR2k1GL6LcXzvE4A5EcvHvNmt6mFkg
VFen/j81rP1OpJipjZwDQxk6XHMtLpeV03ftkG1fnKWhFqeT9KNBT0nGB6gdNXuL
MoPbvTfJz6lNIg0vrnu7ATCXpg6xvCpc7+/JtIb2EBhF7SVk/a1sIZXfV7jSnpIl
P6935y0wkdvaG+Kn+t9vl3LLCursqHSU9+3JrsRCZ9cSWAuDWXyKauv1PMQFJf+h
2Dnj2l7LPyITv+3X7lxPL87yjzyDhdkdG1FhWuDj5LVs3ArzLZ1c/yg8XBw6BB9b
yQevgAMef9hb2KWlRFi2OuaNcHc/eaqLKYb6GFY/k4rd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:05 2024 by rpki-client on console-ams.rpki-client.org