Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/kWmndJoM72z7fEHIQVglLaJ14W0.roa
File: kWmndJoM72z7fEHIQVglLaJ14W0.roa (raw, json)
Hash identifier: 85jDKGrAq0//995HBeERFm8ZtWRu1nw3vDoCFxUn6xk=
Subject key identifier: 91:69:A7:74:9A:0C:EF:6C:FB:7C:41:C8:41:58:25:2D:A2:75:E1:6D
Certificate issuer: /CN=01626ffd800eafa336bdf343141f03f7c393c364
Certificate serial: 0187A35F8FFA1EC68C0654BBF6ADA4119D5E
Authority key identifier: 01:62:6F:FD:80:0E:AF:A3:36:BD:F3:43:14:1F:03:F7:C3:93:C3:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/kWmndJoM72z7fEHIQVglLaJ14W0.roa
Signing time: Fri 21 Apr 2023 10:32:41 +0000
ROA not before: Fri 21 Apr 2023 10:32:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16278
IP address blocks: 89.30.224.0/22 maxlen: 24
2a02:20b2::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a3:5f:8f:fa:1e:c6:8c:06:54:bb:f6:ad:a4:11:9d:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01626ffd800eafa336bdf343141f03f7c393c364
Validity
Not Before: Apr 21 10:32:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9169a7749a0cef6cfb7c41c84158252da275e16d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:ff:81:49:fe:2a:da:4c:b2:03:cb:8d:cb:99:
7e:dc:47:e2:dc:7f:29:b9:59:df:24:ff:31:e6:92:
01:3f:56:89:45:56:30:d0:2a:5d:67:3a:48:30:b1:
d6:40:77:fb:df:5c:53:74:8e:82:f7:95:88:78:36:
89:0a:38:8f:f7:01:c8:bc:94:8c:d7:60:07:6b:8c:
dc:e3:86:aa:26:fd:ca:90:5c:85:ab:84:03:4e:2c:
b7:76:85:7c:ba:f5:72:a6:95:1e:f4:94:3e:88:b7:
44:16:0e:3a:db:0b:17:d8:0b:7d:0e:1e:78:33:e3:
a9:4f:c2:f9:8c:8e:10:f9:eb:3e:ed:9e:47:a6:2f:
8b:1c:3e:87:08:5b:c1:b3:ae:85:eb:43:1b:2c:b7:
93:a2:9c:f9:0b:ac:59:28:b3:24:0a:71:9e:82:70:
d2:45:ff:fc:86:36:e0:d1:14:3f:19:85:9e:67:2c:
6b:7e:be:86:dd:d8:57:e3:23:a2:9f:d3:34:6e:d7:
d9:b9:e1:d2:83:94:1c:19:22:41:c0:c4:56:a9:eb:
d2:55:e7:94:67:cd:78:6c:e9:87:c2:4e:8b:7b:5b:
64:e9:87:56:e4:52:6b:b3:53:41:0c:93:f9:98:1a:
ce:ef:75:7c:5f:4a:32:b8:44:08:a7:2c:9f:84:28:
66:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:69:A7:74:9A:0C:EF:6C:FB:7C:41:C8:41:58:25:2D:A2:75:E1:6D
X509v3 Authority Key Identifier:
keyid:01:62:6F:FD:80:0E:AF:A3:36:BD:F3:43:14:1F:03:F7:C3:93:C3:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/kWmndJoM72z7fEHIQVglLaJ14W0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.30.224.0/22
IPv6:
2a02:20b2::/32
Signature Algorithm: sha256WithRSAEncryption
a0:f1:6b:1b:fb:27:36:62:36:af:24:a8:da:e7:58:28:1c:7b:
01:7d:d2:bb:27:99:a0:33:0d:c0:61:b6:ce:ba:c6:40:e7:e8:
68:65:cd:4d:9d:37:0c:b6:91:5e:2f:6d:09:33:e4:eb:5f:56:
0c:27:a5:f3:f7:08:d5:7f:45:b4:2b:15:35:79:9c:5a:97:ba:
56:4d:65:ef:28:1b:4c:34:8d:11:6e:cb:92:6f:f1:bb:d2:79:
2e:5c:7a:47:f7:c1:92:c6:9b:3e:d8:e5:b2:8c:a8:fc:28:d8:
06:00:da:dd:12:0c:51:65:48:e8:23:c5:f4:b1:a9:19:db:f3:
3a:ba:2e:2c:c1:a1:30:08:b9:bc:8e:cb:78:83:cd:7e:30:79:
fa:38:ec:24:74:2a:58:5d:94:b6:e9:95:de:48:43:d6:c8:83:
8d:75:4e:e9:3e:98:7d:6c:86:06:c6:b6:50:d6:3b:ec:09:04:
f3:1b:d4:cd:4d:a3:31:c9:7c:37:fb:19:61:d9:fd:26:26:38:
b3:4d:0d:50:a5:f8:4a:06:b8:1e:fa:7f:9e:d9:09:a6:8f:fd:
ef:a7:16:aa:74:19:96:ba:ac:ff:16:d8:2f:70:52:62:6d:59:
69:ad:bf:ac:a2:7e:f5:b1:ab:96:5a:7e:dd:b2:c6:68:2a:19:
3c:72:d4:43
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYejX4/6HsaMBlS79q2kEZ1eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNjI2ZmZkODAwZWFmYTMzNmJkZjM0MzE0MWYwM2Y3YzM5
M2MzNjQwHhcNMjMwNDIxMTAzMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTY5YTc3NDlhMGNlZjZjZmI3YzQxYzg0MTU4MjUyZGEyNzVlMTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5/+BSf4q2kyyA8uNy5l+3Efi3H8p
uVnfJP8x5pIBP1aJRVYw0CpdZzpIMLHWQHf731xTdI6C95WIeDaJCjiP9wHIvJSM
12AHa4zc44aqJv3KkFyFq4QDTiy3doV8uvVyppUe9JQ+iLdEFg462wsX2At9Dh54
M+OpT8L5jI4Q+es+7Z5Hpi+LHD6HCFvBs66F60MbLLeTopz5C6xZKLMkCnGegnDS
Rf/8hjbg0RQ/GYWeZyxrfr6G3dhX4yOin9M0btfZueHSg5QcGSJBwMRWqevSVeeU
Z814bOmHwk6Le1tk6YdW5FJrs1NBDJP5mBrO73V8X0oyuEQIpyyfhChm8QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJFpp3SaDO9s+3xByEFYJS2ideFtMB8GA1UdIwQY
MBaAFAFib/2ADq+jNr3zQxQfA/fDk8NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVdKdl9ZQU9yNk0ydmZOREZCOEQ5OE9UdzJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jNGU1YTAtODIxOS00ZmY5LTgyODct
MWY0YmVhMjNlNGM3LzEva1dtbmRKb003Mno3ZkVISVFWZ2xMYUoxNFcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jNGU1YTAtODIxOS00ZmY5LTgyODctMWY0YmVhMjNlNGM3
LzEvQVdKdl9ZQU9yNk0ydmZOREZCOEQ5OE9UdzJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCWR7gMA0E
AgACMAcDBQAqAiCyMA0GCSqGSIb3DQEBCwUAA4IBAQCg8Wsb+yc2YjavJKja51go
HHsBfdK7J5mgMw3AYbbOusZA5+hoZc1NnTcMtpFeL20JM+TrX1YMJ6Xz9wjVf0W0
KxU1eZxal7pWTWXvKBtMNI0RbsuSb/G70nkuXHpH98GSxps+2OWyjKj8KNgGANrd
EgxRZUjoI8X0sakZ2/M6ui4swaEwCLm8jst4g81+MHn6OOwkdCpYXZS26ZXeSEPW
yIONdU7pPph9bIYGxrZQ1jvsCQTzG9TNTaMxyXw3+xlh2f0mJjizTQ1QpfhKBrge
+n+e2Qmmj/3vpxaqdBmWuqz/FtgvcFJibVlprb+son71sauWWn7dssZoKhk8ctRD
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:17:07 2024 by rpki-client on console-ams.rpki-client.org