Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/m3HK1Sed-iz655Bf1eK3B8sOcTk.roa
File: m3HK1Sed-iz655Bf1eK3B8sOcTk.roa (raw, json)
Hash identifier: KfapLRfp8Nq0x9PWO6k4vDH+aU2wszazpgmrYTQul7Y=
Subject key identifier: 9B:71:CA:D5:27:9D:FA:2C:FA:E7:90:5F:D5:E2:B7:07:CB:0E:71:39
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 0186BB703E25A6482C997D36D71F48D3D9CB
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/m3HK1Sed-iz655Bf1eK3B8sOcTk.roa
Signing time: Tue 07 Mar 2023 09:39:00 +0000
ROA not before: Tue 07 Mar 2023 09:39:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212219
IP address blocks: 89.39.91.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:bb:70:3e:25:a6:48:2c:99:7d:36:d7:1f:48:d3:d9:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: Mar 7 09:39:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b71cad5279dfa2cfae7905fd5e2b707cb0e7139
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:5d:eb:15:a2:7a:52:26:12:be:cc:0a:eb:d2:
6e:37:a0:36:80:ab:c2:03:d7:3a:7b:c9:0a:bf:e0:
91:18:c5:77:cf:26:8e:df:13:f0:dd:64:f2:40:7d:
12:63:3d:32:89:27:2e:1e:19:43:7e:15:d4:9d:6e:
82:5c:3b:5a:aa:73:7f:77:1d:cb:3c:c7:fe:99:6b:
54:68:e7:95:29:3b:35:41:9e:7b:bc:ab:e0:5a:2b:
8e:8b:19:64:9e:12:ec:fe:2e:13:5e:89:83:a5:b6:
2d:b5:57:41:13:c8:d3:f4:17:d7:b3:83:ed:10:ee:
6c:40:ba:aa:6d:cc:9f:db:52:c3:58:60:41:5a:6c:
4b:9f:05:01:2b:bf:fe:f5:41:b2:54:cf:28:46:03:
a0:b0:a7:fa:b0:8b:88:c1:84:da:e0:a2:ca:9c:f1:
a3:d5:e5:5b:40:60:e0:42:7d:f6:54:94:0a:67:40:
75:ed:4d:6c:dd:19:c6:3e:83:3e:07:92:85:73:3f:
3b:f7:e8:86:25:cb:ea:7b:cd:ec:6a:14:b7:79:ec:
5a:a6:55:cd:88:5a:b4:4b:b8:d3:81:33:ba:da:5a:
84:30:e5:46:99:ce:e0:98:59:d0:62:a2:e0:29:cc:
ae:c7:04:43:3a:21:6e:81:d8:4d:28:41:c3:02:74:
f5:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:71:CA:D5:27:9D:FA:2C:FA:E7:90:5F:D5:E2:B7:07:CB:0E:71:39
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/m3HK1Sed-iz655Bf1eK3B8sOcTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.39.91.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:d1:5f:3b:52:77:87:da:0e:53:52:29:0f:61:44:af:9d:a8:
26:36:39:c1:21:bb:aa:8c:7f:be:07:f5:a4:0b:8e:6f:ba:11:
17:1b:19:f6:f0:ba:08:d3:d9:fd:b0:ee:65:09:87:6a:74:c6:
81:90:a9:e2:49:96:65:8e:00:88:30:ca:8b:b4:78:c6:f8:96:
83:bc:06:5c:bb:50:67:4a:d1:fb:1a:dd:9e:94:77:9f:84:e5:
9c:45:9d:84:05:c1:e5:78:8a:ba:45:e1:a9:07:79:b5:8e:30:
a1:ee:5d:1c:f9:a4:e9:c4:53:d3:6d:61:a1:32:84:9e:e7:e7:
69:36:ce:c2:2d:5d:fe:4c:36:50:ba:f5:b9:91:a6:4f:f9:42:
35:a9:7c:f5:25:fb:0f:72:ca:9e:4f:41:c9:a1:0f:fb:44:14:
6a:95:90:2f:bd:3a:64:df:bf:98:42:83:c0:0e:f2:17:f3:fd:
76:2a:6f:ef:13:22:22:8a:9d:86:e8:4c:0a:c2:f6:a3:59:c8:
4c:c7:3f:07:3b:06:19:3f:e1:a4:ff:df:16:52:c8:2b:18:ed:
54:7b:98:d2:ac:9f:01:5e:96:7e:60:dd:7f:bc:65:9a:69:66:
0a:d8:51:f9:20:8a:f3:ce:86:e5:97:5f:c0:d8:8a:01:05:29:
d1:df:4d:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYa7cD4lpkgsmX021x9I09nLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjMwMzA3MDkzOTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjcxY2FkNTI3OWRmYTJjZmFlNzkwNWZkNWUyYjcwN2NiMGU3MTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm13rFaJ6UiYSvswK69JuN6A2gKvC
A9c6e8kKv+CRGMV3zyaO3xPw3WTyQH0SYz0yiScuHhlDfhXUnW6CXDtaqnN/dx3L
PMf+mWtUaOeVKTs1QZ57vKvgWiuOixlknhLs/i4TXomDpbYttVdBE8jT9BfXs4Pt
EO5sQLqqbcyf21LDWGBBWmxLnwUBK7/+9UGyVM8oRgOgsKf6sIuIwYTa4KLKnPGj
1eVbQGDgQn32VJQKZ0B17U1s3RnGPoM+B5KFcz879+iGJcvqe83sahS3eexaplXN
iFq0S7jTgTO62lqEMOVGmc7gmFnQYqLgKcyuxwRDOiFugdhNKEHDAnT1MQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJtxytUnnfos+ueQX9XitwfLDnE5MB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvbTNISzFTZWQtaXo2NTVCZjFlSzNCOHNPY1RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSdbMA0G
CSqGSIb3DQEBCwUAA4IBAQA90V87UneH2g5TUikPYUSvnagmNjnBIbuqjH++B/Wk
C45vuhEXGxn28LoI09n9sO5lCYdqdMaBkKniSZZljgCIMMqLtHjG+JaDvAZcu1Bn
StH7Gt2elHefhOWcRZ2EBcHleIq6ReGpB3m1jjCh7l0c+aTpxFPTbWGhMoSe5+dp
Ns7CLV3+TDZQuvW5kaZP+UI1qXz1JfsPcsqeT0HJoQ/7RBRqlZAvvTpk37+YQoPA
DvIX8/12Km/vEyIiip2G6EwKwvajWchMxz8HOwYZP+Gk/98WUsgrGO1Ue5jSrJ8B
XpZ+YN1/vGWaaWYK2FH5IIrzzobll1/A2IoBBSnR300j
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:54 2023 by rpki-client on console-ams.rpki-client.org