Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/57b7a3-a739-4262-8b01-0c3d4e31eba4/1/c7tEcVBB-w3hvP-oVjpuOcrR92o.roa
File: c7tEcVBB-w3hvP-oVjpuOcrR92o.roa (raw, json)
Hash identifier: bDinrnRk3rBDMuJ4+y3z0l3XE4Nh4VD2h/VgE7ekMUY=
Subject key identifier: 73:BB:44:71:50:41:FB:0D:E1:BC:FF:A8:56:3A:6E:39:CA:D1:F7:6A
Certificate issuer: /CN=89c31770db729895c6c3fd93375e5cd5613ef36a
Certificate serial: 01857255A735E994702F635DEA2F1CC1C9A9
Authority key identifier: 89:C3:17:70:DB:72:98:95:C6:C3:FD:93:37:5E:5C:D5:61:3E:F3:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/icMXcNtymJXGw_2TN15c1WE-82o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/57b7a3-a739-4262-8b01-0c3d4e31eba4/1/c7tEcVBB-w3hvP-oVjpuOcrR92o.roa
Signing time: Mon 02 Jan 2023 11:54:54 +0000
ROA not before: Mon 02 Jan 2023 11:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200991
IP address blocks: 185.89.80.0/22 maxlen: 22
2a03:82e0:ffff::/48 maxlen: 48
2a03:82e0:1000::/36 maxlen: 36
2a03:82e0::/36 maxlen: 36
2a03:82e0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:55:a7:35:e9:94:70:2f:63:5d:ea:2f:1c:c1:c9:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89c31770db729895c6c3fd93375e5cd5613ef36a
Validity
Not Before: Jan 2 11:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73bb44715041fb0de1bcffa8563a6e39cad1f76a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f0:aa:c1:39:f8:77:f6:7e:d3:92:23:9a:4c:
98:37:23:67:6e:35:77:92:f3:7f:19:e6:9e:6c:b2:
cc:8b:07:9d:89:e0:dc:98:80:67:17:e8:b3:d1:16:
1f:ef:a7:80:6e:dd:23:2e:22:5a:c7:40:f1:6c:94:
91:09:92:37:08:45:03:be:3f:03:64:3b:c1:d5:0f:
95:5c:ba:ab:84:45:b5:a5:b3:c1:be:c3:e4:e3:c0:
80:d0:8b:0c:fa:67:d3:0c:fe:1d:ad:a5:16:63:19:
69:a2:41:25:4b:ac:03:c1:81:9e:8d:90:c6:78:79:
9d:c3:47:94:dc:41:16:c5:a1:01:f1:75:47:a1:45:
ee:05:0a:52:b3:f4:53:4c:c0:da:2a:d7:c5:7d:02:
6f:40:75:fc:a6:34:9e:7b:06:f0:10:22:c7:69:da:
25:a6:2f:0b:fa:8d:c6:62:82:c7:79:53:70:aa:20:
77:d2:e8:89:d8:2b:3e:28:e3:25:07:8f:44:dd:ae:
24:3d:9e:84:39:f3:78:1d:e0:79:e7:dc:2f:0d:8d:
0f:7a:6b:2b:dc:6c:fd:78:69:b0:7c:ee:ec:92:0c:
fa:cb:0f:4c:84:5e:a3:36:bb:a5:3e:73:34:a3:85:
c2:e7:7e:ee:cc:dc:c8:30:3e:41:96:81:e6:84:a7:
e2:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:BB:44:71:50:41:FB:0D:E1:BC:FF:A8:56:3A:6E:39:CA:D1:F7:6A
X509v3 Authority Key Identifier:
keyid:89:C3:17:70:DB:72:98:95:C6:C3:FD:93:37:5E:5C:D5:61:3E:F3:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/icMXcNtymJXGw_2TN15c1WE-82o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/57b7a3-a739-4262-8b01-0c3d4e31eba4/1/c7tEcVBB-w3hvP-oVjpuOcrR92o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/57b7a3-a739-4262-8b01-0c3d4e31eba4/1/icMXcNtymJXGw_2TN15c1WE-82o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.80.0/22
IPv6:
2a03:82e0::/32
Signature Algorithm: sha256WithRSAEncryption
2f:35:40:f1:6a:cc:99:19:66:5f:f5:a6:08:83:63:e3:28:7d:
62:fd:92:12:4f:de:8e:b8:47:b8:7c:24:ed:6c:8b:5d:1c:b8:
6a:4e:79:28:96:cd:29:df:60:24:2d:52:c1:37:54:58:15:37:
26:42:73:f7:de:69:5b:4d:64:0e:16:de:63:91:e9:ca:65:0b:
c8:e8:b8:1b:40:3d:26:31:d2:62:eb:e1:f6:8b:66:a4:ea:a5:
47:61:4d:49:67:9a:32:f1:fb:05:f0:24:e5:3b:39:1e:e6:9d:
b1:46:f3:58:31:71:66:83:44:8f:13:ac:80:c1:53:77:9e:c1:
c3:51:64:34:69:7a:f4:ae:50:7d:4f:6c:04:de:b4:c4:69:a9:
4d:42:03:8f:44:48:69:8c:2c:f9:41:5f:dd:fe:b9:25:a3:23:
1c:7f:10:68:ec:a3:91:00:b5:2f:04:8a:2b:f9:f3:22:fb:75:
00:f9:ac:0e:3b:f4:e4:9a:98:a9:8f:bf:c4:d3:ff:c4:fc:bf:
e4:59:70:08:96:10:a3:6e:52:48:15:f1:b6:9c:82:28:09:bf:
e6:87:e3:a3:e9:3e:31:88:83:1f:f1:5a:26:69:2b:f9:27:66:
f4:bd:ce:b3:e7:48:24:ed:d4:1b:b1:cc:ad:ef:2d:b5:b0:8e:
e7:02:59:1f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyVac16ZRwL2Nd6i8cwcmpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YzMxNzcwZGI3Mjk4OTVjNmMzZmQ5MzM3NWU1Y2Q1NjEz
ZWYzNmEwHhcNMjMwMTAyMTE1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2JiNDQ3MTUwNDFmYjBkZTFiY2ZmYTg1NjNhNmUzOWNhZDFmNzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvCqwTn4d/Z+05IjmkyYNyNnbjV3
kvN/GeaebLLMiwedieDcmIBnF+iz0RYf76eAbt0jLiJax0DxbJSRCZI3CEUDvj8D
ZDvB1Q+VXLqrhEW1pbPBvsPk48CA0IsM+mfTDP4draUWYxlpokElS6wDwYGejZDG
eHmdw0eU3EEWxaEB8XVHoUXuBQpSs/RTTMDaKtfFfQJvQHX8pjSeewbwECLHadol
pi8L+o3GYoLHeVNwqiB30uiJ2Cs+KOMlB49E3a4kPZ6EOfN4HeB559wvDY0Pemsr
3Gz9eGmwfO7skgz6yw9MhF6jNrulPnM0o4XC537uzNzIMD5BloHmhKfiMQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHO7RHFQQfsN4bz/qFY6bjnK0fdqMB8GA1UdIwQY
MBaAFInDF3DbcpiVxsP9kzdeXNVhPvNqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWNNWGNOdHltSlhHd18yVE4xNWMxV0UtODJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi81N2I3YTMtYTczOS00MjYyLThiMDEt
MGMzZDRlMzFlYmE0LzEvYzd0RWNWQkItdzNodlAtb1ZqcHVPY3JSOTJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi81N2I3YTMtYTczOS00MjYyLThiMDEtMGMzZDRlMzFlYmE0
LzEvaWNNWGNOdHltSlhHd18yVE4xNWMxV0UtODJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVlQMA0E
AgACMAcDBQAqA4LgMA0GCSqGSIb3DQEBCwUAA4IBAQAvNUDxasyZGWZf9aYIg2Pj
KH1i/ZIST96OuEe4fCTtbItdHLhqTnkols0p32AkLVLBN1RYFTcmQnP33mlbTWQO
Ft5jkenKZQvI6LgbQD0mMdJi6+H2i2ak6qVHYU1JZ5oy8fsF8CTlOzke5p2xRvNY
MXFmg0SPE6yAwVN3nsHDUWQ0aXr0rlB9T2wE3rTEaalNQgOPREhpjCz5QV/d/rkl
oyMcfxBo7KORALUvBIor+fMi+3UA+awOO/Tkmpipj7/E0//E/L/kWXAIlhCjblJI
FfG2nIIoCb/mh+Oj6T4xiIMf8VomaSv5J2b0vc6z50gk7dQbscyt7y21sI7nAlkf
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:39 2024 by rpki-client on console-ams.rpki-client.org