Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/fff1c7-cee1-4fa6-a99b-c9c8ab188853/1/SYOrsNCNOvHtqOqA746tuBjFzjg.roa
File: SYOrsNCNOvHtqOqA746tuBjFzjg.roa (raw, json)
Hash identifier: MY8Xhx29Hx+9Lefeu+SjclhuwyWrMAvxStoSUoYPlNI=
Subject key identifier: 49:83:AB:B0:D0:8D:3A:F1:ED:A8:EA:80:EF:8E:AD:B8:18:C5:CE:38
Certificate issuer: /CN=69226ceb40c671f30acf11fa36b8d7d1c6754704
Certificate serial: 018571A786E16027510B1C76A7ACD08BACDC
Authority key identifier: 69:22:6C:EB:40:C6:71:F3:0A:CF:11:FA:36:B8:D7:D1:C6:75:47:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aSJs60DGcfMKzxH6NrjX0cZ1RwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/fff1c7-cee1-4fa6-a99b-c9c8ab188853/1/SYOrsNCNOvHtqOqA746tuBjFzjg.roa
Signing time: Mon 02 Jan 2023 08:44:42 +0000
ROA not before: Mon 02 Jan 2023 08:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38968
IP address blocks: 89.28.216.0/21 maxlen: 21
89.28.220.0/24 maxlen: 24
89.28.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:86:e1:60:27:51:0b:1c:76:a7:ac:d0:8b:ac:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69226ceb40c671f30acf11fa36b8d7d1c6754704
Validity
Not Before: Jan 2 08:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4983abb0d08d3af1eda8ea80ef8eadb818c5ce38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:c2:a3:fd:4f:c5:d1:ec:de:4b:fe:21:2c:21:
b3:d8:9d:cb:e1:d2:54:df:5c:8a:ea:3c:09:95:ac:
73:68:0b:fd:c7:79:24:5b:38:0c:48:4f:11:e2:41:
e0:e0:84:87:06:b5:d5:16:fe:32:45:cb:08:88:6d:
83:fe:ad:02:b9:82:e6:4d:60:1b:f7:a8:1c:e3:2d:
33:72:7d:a3:6d:02:58:bb:98:a8:65:dc:58:fb:23:
95:3a:44:27:60:d6:d1:a3:b9:45:60:1c:3e:e2:9c:
8d:55:5d:cc:a7:6e:af:94:18:12:f6:cd:81:29:05:
0a:1f:cc:bb:fa:e4:7d:e0:97:35:67:06:61:cf:47:
48:4c:16:36:55:d2:d7:e2:02:a3:42:d5:4a:a1:01:
1d:29:a4:ec:98:5f:b0:12:f0:99:1d:19:a8:cf:20:
ca:1e:a1:62:80:89:f8:ea:27:7c:47:23:69:b3:52:
22:b6:5e:45:ce:bc:c7:69:f9:c4:05:31:37:d4:1f:
fd:f3:d2:0c:38:7c:48:92:18:e4:4f:48:a3:6b:b9:
76:dd:4a:2b:f5:ee:9b:55:67:bd:c7:c8:74:c7:e6:
cd:9d:ee:28:21:2f:87:18:90:50:03:25:02:4f:1a:
29:6b:c1:09:d0:3f:7c:f6:a4:10:72:4c:8c:cb:68:
87:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:83:AB:B0:D0:8D:3A:F1:ED:A8:EA:80:EF:8E:AD:B8:18:C5:CE:38
X509v3 Authority Key Identifier:
keyid:69:22:6C:EB:40:C6:71:F3:0A:CF:11:FA:36:B8:D7:D1:C6:75:47:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aSJs60DGcfMKzxH6NrjX0cZ1RwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/fff1c7-cee1-4fa6-a99b-c9c8ab188853/1/SYOrsNCNOvHtqOqA746tuBjFzjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/fff1c7-cee1-4fa6-a99b-c9c8ab188853/1/aSJs60DGcfMKzxH6NrjX0cZ1RwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.28.216.0/21
Signature Algorithm: sha256WithRSAEncryption
cf:66:f9:78:3b:8e:0e:70:d7:00:3e:bd:be:3e:41:25:78:a7:
b8:cc:a3:19:1a:99:3d:a5:c4:bb:4f:de:20:64:06:23:03:8b:
62:df:1a:33:63:8c:0d:98:0f:21:60:d5:b4:17:19:cd:63:f4:
9c:24:15:5d:47:71:30:55:8c:bf:82:38:11:d7:b0:cd:01:2d:
b0:4b:28:4d:df:9d:51:08:b2:05:2d:b2:64:c2:9c:44:bd:12:
46:6e:f9:fe:e3:07:75:e6:d1:f3:16:64:57:11:a7:7b:62:8b:
89:a8:6b:e9:33:7a:d7:b1:1b:3e:48:a5:df:f3:78:e8:ac:82:
c6:38:06:95:9f:fe:f4:87:2e:39:b9:c9:5d:f7:1e:ab:1c:51:
0d:ac:3e:f6:40:e6:25:26:cd:60:ca:f6:c6:e8:3f:b5:4c:a0:
18:3a:3f:64:50:b0:91:c5:29:f3:cc:6f:14:d9:81:06:d3:d1:
6e:6b:18:35:0a:91:f0:99:54:b8:c4:76:cb:b9:dd:7f:48:f9:
84:44:8a:17:ae:bd:cf:f2:06:43:a5:6b:a1:92:18:b7:67:48:
f9:7e:7d:de:99:c7:23:9f:9f:30:32:ff:07:10:9b:47:4f:6b:
0e:fa:a2:e0:57:e1:65:57:af:7e:78:e5:40:93:93:0c:a4:23:
ec:2c:f7:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxp4bhYCdRCxx2p6zQi6zcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MjI2Y2ViNDBjNjcxZjMwYWNmMTFmYTM2YjhkN2QxYzY3
NTQ3MDQwHhcNMjMwMTAyMDg0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTgzYWJiMGQwOGQzYWYxZWRhOGVhODBlZjhlYWRiODE4YzVjZTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysKj/U/F0ezeS/4hLCGz2J3L4dJU
31yK6jwJlaxzaAv9x3kkWzgMSE8R4kHg4ISHBrXVFv4yRcsIiG2D/q0CuYLmTWAb
96gc4y0zcn2jbQJYu5ioZdxY+yOVOkQnYNbRo7lFYBw+4pyNVV3Mp26vlBgS9s2B
KQUKH8y7+uR94Jc1ZwZhz0dITBY2VdLX4gKjQtVKoQEdKaTsmF+wEvCZHRmozyDK
HqFigIn46id8RyNps1Iitl5FzrzHafnEBTE31B/989IMOHxIkhjkT0ija7l23Uor
9e6bVWe9x8h0x+bNne4oIS+HGJBQAyUCTxopa8EJ0D989qQQckyMy2iHhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEmDq7DQjTrx7ajqgO+OrbgYxc44MB8GA1UdIwQY
MBaAFGkibOtAxnHzCs8R+ja419HGdUcEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVNKczYwREdjZk1LenhINk5yalgwY1oxUndRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9mZmYxYzctY2VlMS00ZmE2LWE5OWIt
YzljOGFiMTg4ODUzLzEvU1lPcnNOQ05Pdkh0cU9xQTc0NnR1QmpGempnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9mZmYxYzctY2VlMS00ZmE2LWE5OWItYzljOGFiMTg4ODUz
LzEvYVNKczYwREdjZk1LenhINk5yalgwY1oxUndRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDWRzYMA0G
CSqGSIb3DQEBCwUAA4IBAQDPZvl4O44OcNcAPr2+PkEleKe4zKMZGpk9pcS7T94g
ZAYjA4ti3xozY4wNmA8hYNW0FxnNY/ScJBVdR3EwVYy/gjgR17DNAS2wSyhN351R
CLIFLbJkwpxEvRJGbvn+4wd15tHzFmRXEad7YouJqGvpM3rXsRs+SKXf83jorILG
OAaVn/70hy45ucld9x6rHFENrD72QOYlJs1gyvbG6D+1TKAYOj9kULCRxSnzzG8U
2YEG09Fuaxg1CpHwmVS4xHbLud1/SPmERIoXrr3P8gZDpWuhkhi3Z0j5fn3emccj
n58wMv8HEJtHT2sO+qLgV+FlV69+eOVAk5MMpCPsLPem
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:12 2024 by rpki-client on console-ams.rpki-client.org