Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/hYtH55DpCMAfY8os0EF-s37BUlE.roa
File: hYtH55DpCMAfY8os0EF-s37BUlE.roa (raw, json)
Hash identifier: aVY3Uip6rvPJ/Xe8h5VBKu5zK2dAlO2KQy2yoohPZOc=
Subject key identifier: 85:8B:47:E7:90:E9:08:C0:1F:63:CA:2C:D0:41:7E:B3:7E:C1:52:51
Certificate issuer: /CN=5bea2b884c7067f58fff040a1f06e0df1e80ab3e
Certificate serial: 0185710C073A8A29F7AE19454CBC3337F531
Authority key identifier: 5B:EA:2B:88:4C:70:67:F5:8F:FF:04:0A:1F:06:E0:DF:1E:80:AB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W-oriExwZ_WP_wQKHwbg3x6Aqz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/hYtH55DpCMAfY8os0EF-s37BUlE.roa
Signing time: Mon 02 Jan 2023 05:54:51 +0000
ROA not before: Mon 02 Jan 2023 05:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35725
IP address blocks: 89.123.192.0/20 maxlen: 20
109.101.160.0/19 maxlen: 19
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:07:3a:8a:29:f7:ae:19:45:4c:bc:33:37:f5:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bea2b884c7067f58fff040a1f06e0df1e80ab3e
Validity
Not Before: Jan 2 05:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=858b47e790e908c01f63ca2cd0417eb37ec15251
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:07:2e:ef:67:01:01:ab:93:80:6f:ad:05:6a:
00:e2:2a:79:01:22:77:c1:0e:7e:c7:be:bf:1d:f5:
f4:f8:e4:ee:57:63:23:bf:d4:91:e7:b4:82:22:2e:
b9:2f:b3:1b:06:2d:74:f8:27:63:a8:43:df:e4:ba:
93:0a:e4:72:63:0c:d0:e5:4e:89:de:c8:9d:28:9e:
65:d5:39:9a:2c:a2:fb:9a:5d:f4:aa:81:c5:4e:33:
a7:64:fb:7f:5a:87:b7:44:a2:e2:56:ed:c9:57:64:
2f:55:c1:80:86:bb:e7:7a:a7:0e:12:d0:42:2b:65:
5b:5a:07:be:4a:d1:99:ff:76:f1:e6:1b:a0:29:65:
cf:35:49:86:0d:21:1a:67:ed:c2:52:03:06:42:1a:
ef:94:57:60:e1:ce:25:02:61:35:ff:5e:45:32:d7:
19:30:83:e6:29:cd:56:f3:82:62:50:8e:6c:7b:21:
93:08:13:d6:c5:90:b4:c0:d0:f1:21:54:63:f8:a4:
f5:02:d5:db:44:91:ed:b5:44:e4:72:45:23:b8:a1:
d4:0f:bf:10:6b:e1:c7:89:68:9a:27:fc:af:48:33:
de:ab:5a:85:4a:35:22:0a:ad:2f:f8:74:86:d9:9a:
b2:7f:d4:91:c7:e6:e9:cc:53:ad:c7:35:e0:69:a8:
81:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:8B:47:E7:90:E9:08:C0:1F:63:CA:2C:D0:41:7E:B3:7E:C1:52:51
X509v3 Authority Key Identifier:
keyid:5B:EA:2B:88:4C:70:67:F5:8F:FF:04:0A:1F:06:E0:DF:1E:80:AB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W-oriExwZ_WP_wQKHwbg3x6Aqz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/hYtH55DpCMAfY8os0EF-s37BUlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/W-oriExwZ_WP_wQKHwbg3x6Aqz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.123.192.0/20
109.101.160.0/19
Signature Algorithm: sha256WithRSAEncryption
b5:c9:27:44:c9:29:2d:41:2b:9c:76:b3:04:37:34:20:7b:97:
3d:23:c0:09:58:da:a7:8f:70:f6:3b:a2:24:ae:eb:6f:f0:ff:
db:c5:06:15:ea:0b:1e:51:83:0f:0d:45:44:91:ae:93:6f:ab:
01:df:0e:67:0b:59:f8:98:6e:b8:58:84:2c:5b:a7:bd:86:2c:
a4:bd:4f:48:bc:0c:f5:59:5b:c3:f4:1a:36:de:a7:b4:dc:a3:
9e:d1:47:f9:6f:d4:07:b9:bb:76:e5:89:b2:c6:c1:96:47:ef:
41:19:c4:18:74:ea:79:40:0d:39:d3:38:58:48:d8:b5:5c:28:
59:90:e6:3b:50:64:a8:44:4f:7e:c8:4a:d4:b6:99:04:20:50:
09:b1:fa:69:a2:6a:97:f2:61:42:89:86:22:61:be:65:f5:91:
12:d0:3e:21:98:72:66:da:5c:43:96:ed:ce:e4:14:3b:aa:e1:
23:17:bc:02:3e:60:17:60:55:b0:b6:c6:f1:ea:90:dc:24:4c:
cf:69:47:61:fd:c1:81:e2:00:be:ec:6a:64:40:86:c6:fd:65:
e5:29:c7:ef:29:d1:ba:d8:75:9a:d7:1b:e1:c2:12:e9:90:6a:
75:84:63:1b:82:81:17:b8:5a:1a:a9:2b:fa:14:9b:90:10:d0:
3f:ba:b2:eb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxDAc6iin3rhlFTLwzN/UxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZWEyYjg4NGM3MDY3ZjU4ZmZmMDQwYTFmMDZlMGRmMWU4
MGFiM2UwHhcNMjMwMTAyMDU1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NThiNDdlNzkwZTkwOGMwMWY2M2NhMmNkMDQxN2ViMzdlYzE1MjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgcu72cBAauTgG+tBWoA4ip5ASJ3
wQ5+x76/HfX0+OTuV2Mjv9SR57SCIi65L7MbBi10+CdjqEPf5LqTCuRyYwzQ5U6J
3sidKJ5l1TmaLKL7ml30qoHFTjOnZPt/Woe3RKLiVu3JV2QvVcGAhrvneqcOEtBC
K2VbWge+StGZ/3bx5hugKWXPNUmGDSEaZ+3CUgMGQhrvlFdg4c4lAmE1/15FMtcZ
MIPmKc1W84JiUI5seyGTCBPWxZC0wNDxIVRj+KT1AtXbRJHttUTkckUjuKHUD78Q
a+HHiWiaJ/yvSDPeq1qFSjUiCq0v+HSG2Zqyf9SRx+bpzFOtxzXgaaiBcwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIWLR+eQ6QjAH2PKLNBBfrN+wVJRMB8GA1UdIwQY
MBaAFFvqK4hMcGf1j/8ECh8G4N8egKs+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVy1vcmlFeHdaX1dQX3dRS0h3YmczeDZBcXo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMzM0ZjgtZGFjZS00OTdmLWE1YTMt
ODE0ZTgwOTA0YmU0LzEvaFl0SDU1RHBDTUFmWThvczBFRi1zMzdCVWxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMzM0ZjgtZGFjZS00OTdmLWE1YTMtODE0ZTgwOTA0YmU0
LzEvVy1vcmlFeHdaX1dQX3dRS0h3YmczeDZBcXo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEWXvAAwQF
bWWgMA0GCSqGSIb3DQEBCwUAA4IBAQC1ySdEySktQSucdrMENzQge5c9I8AJWNqn
j3D2O6Ikrutv8P/bxQYV6gseUYMPDUVEka6Tb6sB3w5nC1n4mG64WIQsW6e9hiyk
vU9IvAz1WVvD9Bo23qe03KOe0Uf5b9QHubt25YmyxsGWR+9BGcQYdOp5QA050zhY
SNi1XChZkOY7UGSoRE9+yErUtpkEIFAJsfppomqX8mFCiYYiYb5l9ZES0D4hmHJm
2lxDlu3O5BQ7quEjF7wCPmAXYFWwtsbx6pDcJEzPaUdh/cGB4gC+7GpkQIbG/WXl
KcfvKdG62HWa1xvhwhLpkGp1hGMbgoEXuFoaqSv6FJuQENA/urLr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:38 2024 by rpki-client on console-fra.rpki-client.org