Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/F0gTLgSx0tlZpY7yFiqKjMWFJhA.roa
File: F0gTLgSx0tlZpY7yFiqKjMWFJhA.roa (raw, json)
Hash identifier: FPOGGJVCfSoA8UMxV7aj35ZxymEQTHEnWuRzmU21OUA=
Subject key identifier: 17:48:13:2E:04:B1:D2:D9:59:A5:8E:F2:16:2A:8A:8C:C5:85:26:10
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 01856EAFF4661463B37819CD9F9077DC4DE4
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/F0gTLgSx0tlZpY7yFiqKjMWFJhA.roa
Signing time: Sun 01 Jan 2023 18:55:03 +0000
ROA not before: Sun 01 Jan 2023 18:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61223
IP address blocks: 89.23.105.0/24 maxlen: 24
89.23.104.0/24 maxlen: 24
89.23.106.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Jul 2023 05:17:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:f4:66:14:63:b3:78:19:cd:9f:90:77:dc:4d:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 1 18:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1748132e04b1d2d959a58ef2162a8a8cc5852610
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:bc:95:ca:e0:20:18:a6:f9:78:01:72:91:60:
fb:3c:8a:63:82:9a:98:6c:b9:ee:97:39:ba:fe:d9:
17:7b:55:55:b9:10:3a:e7:ec:d7:c6:3a:b7:eb:c4:
9f:9d:fb:7f:70:dd:59:2e:d6:1b:ef:af:d8:67:f7:
2b:82:5b:66:b8:2d:b2:9e:d6:62:18:b2:62:56:c9:
5a:5d:81:35:a3:ec:b8:52:09:96:49:19:41:dd:2c:
cf:81:5e:02:37:e0:0a:53:6f:08:8a:7d:10:7a:b8:
e9:06:3b:08:80:ee:e1:b4:44:06:7b:e8:2b:af:98:
94:42:fa:19:22:d7:4b:8f:c5:50:68:3b:ff:47:bd:
1e:f9:cd:65:cd:a7:64:b6:2f:04:a1:65:64:0c:66:
2f:78:87:fc:4a:fb:98:fc:20:0b:58:58:1a:06:63:
ec:e8:f6:b7:7a:39:23:7a:42:b2:f4:c5:93:5a:4f:
cc:87:1b:b9:1e:68:49:24:15:a3:6b:45:9b:cb:b0:
0b:23:51:99:77:1a:3a:26:78:4e:e4:f2:eb:98:7e:
a2:07:30:84:c1:c6:55:20:c1:03:f3:12:cb:af:df:
da:77:5c:95:4b:d4:dc:49:d9:1b:d9:7e:48:e0:b6:
f6:a6:dc:8c:ce:ba:84:83:aa:d7:95:50:71:b7:86:
73:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:48:13:2E:04:B1:D2:D9:59:A5:8E:F2:16:2A:8A:8C:C5:85:26:10
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/F0gTLgSx0tlZpY7yFiqKjMWFJhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.104.0-89.23.106.255
Signature Algorithm: sha256WithRSAEncryption
85:78:a4:f5:4f:0d:bc:89:60:d5:f2:e9:56:2f:ce:ec:e8:bf:
42:e3:65:13:4b:de:75:c3:b6:8d:73:28:e4:39:ad:1b:2e:32:
63:79:c9:ee:86:d8:a2:05:78:df:8d:3f:8c:b7:44:6d:ed:53:
ca:92:68:46:72:e4:d7:49:de:ac:ab:b5:08:1b:eb:3d:bd:d9:
74:86:70:ac:07:c4:76:66:b3:1b:2b:bf:d8:4a:5e:f6:ee:30:
40:2d:e6:d4:25:d6:a9:10:f4:d2:33:3d:c7:67:95:cf:99:6f:
98:e8:ee:e5:31:6d:5c:a0:75:6a:6c:0f:e1:86:d0:6a:74:4c:
a5:4b:e3:ed:76:dd:e9:71:6d:b1:b9:db:67:fe:06:c3:3a:87:
83:3d:b5:a9:ae:0c:9c:16:14:53:4e:16:17:b1:66:89:99:7d:
11:99:72:15:b5:d7:3d:08:c3:fa:2c:dd:ee:13:c4:95:f7:a3:
c7:0f:50:7f:87:41:f3:c9:51:dc:a5:31:b3:11:26:c8:76:a9:
4b:cd:62:42:4f:83:59:ad:8b:bd:3f:86:b3:74:fb:07:5b:5f:
9e:7f:da:64:6a:54:df:39:0c:d4:49:7e:87:3f:f3:94:6d:d9:
56:a8:8b:33:54:8c:4b:eb:ae:1f:a6:0b:dc:8b:8d:b7:68:4a:
ec:97:19:ef
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVur/RmFGOzeBnNn5B33E3kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjMwMTAxMTg1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzQ4MTMyZTA0YjFkMmQ5NTlhNThlZjIxNjJhOGE4Y2M1ODUyNjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7yVyuAgGKb5eAFykWD7PIpjgpqY
bLnulzm6/tkXe1VVuRA65+zXxjq368Sfnft/cN1ZLtYb76/YZ/crgltmuC2yntZi
GLJiVslaXYE1o+y4UgmWSRlB3SzPgV4CN+AKU28Iin0QerjpBjsIgO7htEQGe+gr
r5iUQvoZItdLj8VQaDv/R70e+c1lzadkti8EoWVkDGYveIf8SvuY/CALWFgaBmPs
6Pa3ejkjekKy9MWTWk/Mhxu5HmhJJBWja0Wby7ALI1GZdxo6JnhO5PLrmH6iBzCE
wcZVIMED8xLLr9/ad1yVS9TcSdkb2X5I4Lb2ptyMzrqEg6rXlVBxt4ZzcwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBdIEy4EsdLZWaWO8hYqiozFhSYQMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvRjBnVExnU3gwdGxacFk3eUZpcUtqTVdGSmhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANZF2gD
BABZF2owDQYJKoZIhvcNAQELBQADggEBAIV4pPVPDbyJYNXy6VYvzuzov0LjZRNL
3nXDto1zKOQ5rRsuMmN5ye6G2KIFeN+NP4y3RG3tU8qSaEZy5NdJ3qyrtQgb6z29
2XSGcKwHxHZmsxsrv9hKXvbuMEAt5tQl1qkQ9NIzPcdnlc+Zb5jo7uUxbVygdWps
D+GG0Gp0TKVL4+123elxbbG522f+BsM6h4M9tamuDJwWFFNOFhexZomZfRGZchW1
1z0Iw/os3e4TxJX3o8cPUH+HQfPJUdylMbMRJsh2qUvNYkJPg1mti70/hrN0+wdb
X55/2mRqVN85DNRJfoc/85Rt2VaoizNUjEvrrh+mC9yLjbdoSuyXGe8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:33 2024 by rpki-client on console-ams.rpki-client.org