Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/98xDnu6i7L2lR9Ag-LDKRSTP0dI.roa
File: 98xDnu6i7L2lR9Ag-LDKRSTP0dI.roa (raw, json)
Hash identifier: CKwO1dnEZJz4fwr6RO7WjrQFHmVbXaJ2wh/7WFWJyOU=
Subject key identifier: F7:CC:43:9E:EE:A2:EC:BD:A5:47:D0:20:F8:B0:CA:45:24:CF:D1:D2
Certificate issuer: /CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Certificate serial: 01856C813DCCC9FC0AE5B55DC0BA5B28F63A
Authority key identifier: FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/98xDnu6i7L2lR9Ag-LDKRSTP0dI.roa
Signing time: Sun 01 Jan 2023 08:44:47 +0000
ROA not before: Sun 01 Jan 2023 08:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205771
IP address blocks: 89.21.65.0/24 maxlen: 24
128.127.149.0/24 maxlen: 24
128.127.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:81:3d:cc:c9:fc:0a:e5:b5:5d:c0:ba:5b:28:f6:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Validity
Not Before: Jan 1 08:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7cc439eeea2ecbda547d020f8b0ca4524cfd1d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:05:bf:f2:d1:28:8d:7d:33:07:da:ee:43:70:
7f:be:23:7f:5e:54:96:d6:a1:25:74:65:61:4e:76:
e2:ab:08:27:f8:da:f0:29:5a:db:2d:ed:50:e9:8d:
c5:c6:2e:94:8a:4f:d9:f6:21:d8:c2:a3:ae:dc:a2:
dd:2b:2a:14:8e:ba:c1:af:a3:84:7f:da:e3:bf:ce:
ca:2d:7d:c7:0f:17:a6:63:3b:39:00:c0:c6:4b:f8:
76:49:8a:5e:f8:ed:a2:f2:f2:95:30:b4:2e:90:2b:
20:fb:af:5c:57:1f:a3:89:0d:c4:f2:80:61:34:fc:
d2:5b:51:de:cb:fe:45:37:58:3b:f9:c5:82:3d:78:
a3:c4:c0:16:af:8b:99:82:7f:91:26:d8:62:b6:ff:
06:cc:2e:e8:1b:ef:0b:e7:0c:c5:b2:35:35:7f:0f:
f3:61:4a:88:72:41:be:e3:88:74:eb:05:22:69:89:
2c:a9:8b:e7:18:a8:6f:c9:e3:5a:96:39:03:95:10:
38:6c:bb:8e:24:3e:28:99:5a:79:92:38:db:1e:0b:
64:83:b0:0c:9d:3d:ee:5b:0f:db:07:e0:b6:21:37:
21:6b:aa:78:ff:fc:a7:19:61:44:73:12:e5:ee:8c:
32:7a:53:d6:e2:ec:da:af:14:7d:0d:1b:01:48:b9:
51:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:CC:43:9E:EE:A2:EC:BD:A5:47:D0:20:F8:B0:CA:45:24:CF:D1:D2
X509v3 Authority Key Identifier:
keyid:FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/98xDnu6i7L2lR9Ag-LDKRSTP0dI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.21.65.0/24
128.127.149.0-128.127.150.255
Signature Algorithm: sha256WithRSAEncryption
32:1a:d0:62:06:34:61:06:fb:fe:8e:96:46:1c:dc:3e:dd:c4:
55:6e:b6:ef:cd:fe:5e:26:98:0a:d8:85:cb:3f:27:21:b8:ed:
25:0e:b8:a9:6a:8b:6e:de:3d:36:27:5f:86:5d:24:0e:66:67:
7a:49:80:bc:da:43:5f:eb:5b:1c:70:1e:25:f6:50:2f:ee:b6:
99:8b:e5:2d:76:02:99:9d:00:27:8f:d4:a8:6f:14:bb:3f:fa:
55:f6:5c:79:78:98:94:27:02:41:7e:32:37:51:a6:e7:16:c8:
67:33:9d:58:6f:cb:53:01:61:72:2a:2f:27:7a:eb:6b:ec:fc:
4d:4a:89:52:ab:eb:cc:41:b6:0c:51:cb:4f:87:a4:4f:d2:f0:
9b:79:ce:9d:1d:cc:cf:06:9a:53:85:39:ab:bc:92:ae:fa:46:
2b:09:c1:49:f2:73:02:5d:fc:7c:be:ba:c7:ac:00:e5:3c:1a:
99:1b:ac:f0:83:1a:59:b7:24:2e:ce:49:14:63:7f:8a:d4:ae:
b4:4a:a4:41:c9:b1:61:72:4f:16:35:9e:b1:22:b5:95:56:9e:
59:16:9d:07:82:b7:98:87:c9:c8:7e:85:7a:42:5c:1b:63:8a:
e3:46:c8:cc:69:78:fc:f6:93:a3:8d:c5:45:cd:be:99:9f:70:
72:f5:0a:ef
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVsgT3MyfwK5bVdwLpbKPY6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMzdjYzhmMTZiM2M2Y2JkMzM0NmFhM2VkNjE3NzFmM2U4
M2FjOTcwHhcNMjMwMTAxMDg0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2NjNDM5ZWVlYTJlY2JkYTU0N2QwMjBmOGIwY2E0NTI0Y2ZkMWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAW/8tEojX0zB9ruQ3B/viN/XlSW
1qEldGVhTnbiqwgn+NrwKVrbLe1Q6Y3Fxi6Uik/Z9iHYwqOu3KLdKyoUjrrBr6OE
f9rjv87KLX3HDxemYzs5AMDGS/h2SYpe+O2i8vKVMLQukCsg+69cVx+jiQ3E8oBh
NPzSW1Hey/5FN1g7+cWCPXijxMAWr4uZgn+RJthitv8GzC7oG+8L5wzFsjU1fw/z
YUqIckG+44h06wUiaYksqYvnGKhvyeNaljkDlRA4bLuOJD4omVp5kjjbHgtkg7AM
nT3uWw/bB+C2ITcha6p4//ynGWFEcxLl7owyelPW4uzarxR9DRsBSLlRjQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFPfMQ57uouy9pUfQIPiwykUkz9HSMB8GA1UdIwQY
MBaAFP03zI8Ws8bL0zRqo+1hdx8+g6yXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMt
N2UwNWFiNDFiNmU0LzEvOTh4RG51Nmk3TDJsUjlBZy1MREtSU1RQMGRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMtN2UwNWFiNDFiNmU0
LzEvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAWRVBMAwD
BACAf5UDBACAf5YwDQYJKoZIhvcNAQELBQADggEBADIa0GIGNGEG+/6OlkYc3D7d
xFVutu/N/l4mmArYhcs/JyG47SUOuKlqi27ePTYnX4ZdJA5mZ3pJgLzaQ1/rWxxw
HiX2UC/utpmL5S12ApmdACeP1KhvFLs/+lX2XHl4mJQnAkF+MjdRpucWyGcznVhv
y1MBYXIqLyd662vs/E1KiVKr68xBtgxRy0+HpE/S8Jt5zp0dzM8GmlOFOau8kq76
RisJwUnycwJd/Hy+usesAOU8GpkbrPCDGlm3JC7OSRRjf4rUrrRKpEHJsWFyTxY1
nrEitZVWnlkWnQeCt5iHych+hXpCXBtjiuNGyMxpePz2k6ONxUXNvpmfcHL1Cu8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:00 2024 by rpki-client on console-fra.rpki-client.org