Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/U9xEPC0YnRI1LsiIu99YWIoP3vE.roa
File: U9xEPC0YnRI1LsiIu99YWIoP3vE.roa (raw, json)
Hash identifier: /oWlZoFLBj2mTtYoIHvGqEwC2YsztwjZPRwUtF21BIc=
Subject key identifier: 53:DC:44:3C:2D:18:9D:12:35:2E:C8:88:BB:DF:58:58:8A:0F:DE:F1
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 0189D3E6FDFE28DC55862EE824C71DA471CB
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/U9xEPC0YnRI1LsiIu99YWIoP3vE.roa
Signing time: Tue 08 Aug 2023 06:47:58 +0000
ROA not before: Tue 08 Aug 2023 06:47:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198404
IP address blocks: 89.140.152.0/24 maxlen: 24
95.39.49.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d3:e6:fd:fe:28:dc:55:86:2e:e8:24:c7:1d:a4:71:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Aug 8 06:47:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53dc443c2d189d12352ec888bbdf58588a0fdef1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ad:5f:24:3b:21:81:53:34:8a:6c:32:54:7d:
a4:da:6c:e2:f1:10:3e:c8:e1:5b:13:92:eb:fa:24:
14:fe:07:77:22:2d:e3:ff:b4:7c:74:8a:7e:fe:ce:
ca:48:17:20:5f:66:e4:62:a9:e4:38:52:1d:4b:72:
aa:52:f0:e9:d4:c6:d6:1c:6e:18:e3:91:fa:ed:9e:
3e:68:e5:70:2f:ab:a0:71:2f:21:8f:1e:76:03:9e:
10:bc:e5:b5:36:e0:8e:77:e2:14:6c:8b:8d:d4:b5:
47:c6:95:5a:62:9b:41:d6:55:6b:6e:00:7c:ba:68:
af:c9:49:66:e5:d4:34:ca:de:e0:25:11:19:9b:58:
c4:10:85:73:61:91:46:fd:63:1c:95:86:88:6c:71:
08:5a:cd:35:35:df:7d:39:75:88:62:90:0b:86:32:
a3:59:a7:70:e2:c6:63:c3:33:a8:93:5c:15:b1:80:
69:22:9b:33:d2:6b:20:11:da:5d:4e:15:17:28:02:
8b:79:39:88:74:4b:1c:91:2b:f9:04:4b:2f:fa:d2:
e2:87:67:c2:c3:a7:3f:7e:c0:b9:d3:26:06:ea:50:
f8:7c:8d:19:d1:71:3b:06:8b:a5:7f:d7:d9:93:40:
29:ba:e6:0e:ff:b6:eb:60:f7:ad:e3:02:4a:dd:44:
8c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:DC:44:3C:2D:18:9D:12:35:2E:C8:88:BB:DF:58:58:8A:0F:DE:F1
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/U9xEPC0YnRI1LsiIu99YWIoP3vE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.140.152.0/24
95.39.49.0/24
Signature Algorithm: sha256WithRSAEncryption
41:e2:4b:ad:91:43:5d:7e:36:15:a8:2b:4c:cf:de:3d:2a:ed:
ff:32:04:d6:35:60:c9:c5:a3:0d:72:9c:ff:a0:71:01:fa:ac:
a9:dd:11:b7:6c:d4:79:6c:94:1d:1c:14:28:78:5e:1d:02:85:
c4:f3:8b:a2:55:60:c9:8a:45:5b:68:f9:4b:20:60:2b:63:d8:
94:88:4c:84:d2:50:4a:0c:9a:e2:cf:fe:ec:5c:c0:e3:d7:0a:
66:35:c6:9f:04:f1:de:0d:67:14:7e:17:ad:37:4e:df:bf:29:
94:c5:10:70:b0:de:55:74:cb:8b:8a:61:ab:93:db:1c:c3:f4:
b2:88:3a:af:4e:3c:d8:e5:8e:f2:38:87:16:ff:14:48:59:2a:
3d:cc:af:c5:fd:94:50:45:68:3f:ad:55:58:e1:51:b9:42:50:
5c:44:b5:e9:e2:1a:fb:44:8e:52:31:88:17:01:6d:03:8f:59:
bc:24:d8:46:95:99:67:b7:ce:af:3d:52:13:c6:0a:95:dc:18:
57:f8:d7:ac:35:45:ab:2b:37:8f:8a:2e:5d:62:d1:03:61:a6:
24:77:73:7c:a8:85:33:4e:93:d4:2f:ca:c9:d6:aa:b0:0d:8d:
3f:ca:cb:8d:22:5d:b7:69:11:ac:b8:79:dc:1b:04:64:39:dc:
2c:e1:2a:6f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnT5v3+KNxVhi7oJMcdpHHLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjMwODA4MDY0NzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2RjNDQzYzJkMTg5ZDEyMzUyZWM4ODhiYmRmNTg1ODhhMGZkZWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAha1fJDshgVM0imwyVH2k2mzi8RA+
yOFbE5Lr+iQU/gd3Ii3j/7R8dIp+/s7KSBcgX2bkYqnkOFIdS3KqUvDp1MbWHG4Y
45H67Z4+aOVwL6ugcS8hjx52A54QvOW1NuCOd+IUbIuN1LVHxpVaYptB1lVrbgB8
umivyUlm5dQ0yt7gJREZm1jEEIVzYZFG/WMclYaIbHEIWs01Nd99OXWIYpALhjKj
Wadw4sZjwzOok1wVsYBpIpsz0msgEdpdThUXKAKLeTmIdEsckSv5BEsv+tLih2fC
w6c/fsC50yYG6lD4fI0Z0XE7Boulf9fZk0ApuuYO/7brYPet4wJK3USMhwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFPcRDwtGJ0SNS7IiLvfWFiKD97xMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvVTl4RVBDMFluUkkxTHNpSXU5OVlXSW9QM3ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWYyYAwQA
XycxMA0GCSqGSIb3DQEBCwUAA4IBAQBB4kutkUNdfjYVqCtMz949Ku3/MgTWNWDJ
xaMNcpz/oHEB+qyp3RG3bNR5bJQdHBQoeF4dAoXE84uiVWDJikVbaPlLIGArY9iU
iEyE0lBKDJriz/7sXMDj1wpmNcafBPHeDWcUfhetN07fvymUxRBwsN5VdMuLimGr
k9scw/SyiDqvTjzY5Y7yOIcW/xRIWSo9zK/F/ZRQRWg/rVVY4VG5QlBcRLXp4hr7
RI5SMYgXAW0Dj1m8JNhGlZlnt86vPVITxgqV3BhX+NesNUWrKzePii5dYtEDYaYk
d3N8qIUzTpPUL8rJ1qqwDY0/ysuNIl23aRGsuHncGwRkOdws4Spv
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:28:02 2024 by rpki-client on console-fra.rpki-client.org