Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/Bq8n1vA4Ki50NTPKkQjn4WIo0eI.roa
File: Bq8n1vA4Ki50NTPKkQjn4WIo0eI.roa (raw, json)
Hash identifier: K0BInA3JCab0MXfI2izAJi2+NlOyNEbfQbXZECyRjQM=
Subject key identifier: 06:AF:27:D6:F0:38:2A:2E:74:35:33:CA:91:08:E7:E1:62:28:D1:E2
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 01887466C461B313283FEA395C8581407106
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/Bq8n1vA4Ki50NTPKkQjn4WIo0eI.roa
Signing time: Thu 01 Jun 2023 00:41:11 +0000
ROA not before: Thu 01 Jun 2023 00:41:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.37.128.0/24 maxlen: 24
94.177.113.0/24 maxlen: 24
94.177.118.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:74:66:c4:61:b3:13:28:3f:ea:39:5c:85:81:40:71:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jun 1 00:41:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06af27d6f0382a2e743533ca9108e7e16228d1e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:37:dd:7e:5a:8c:e2:a6:5e:53:57:14:fc:ed:
8e:10:26:1f:f6:ef:35:1e:bb:9c:41:92:1f:e3:ef:
94:0d:14:a2:4a:9b:d5:d0:cc:27:1d:f5:a4:f8:bf:
7b:76:98:c9:e6:6e:58:c5:15:44:64:b4:8d:c5:51:
0a:da:2d:63:23:b6:13:38:54:06:fd:6f:eb:28:a2:
1f:81:a7:72:fc:74:5d:3e:cb:97:50:67:96:b0:0c:
0a:42:cc:ab:16:57:d1:38:71:16:28:74:ae:87:93:
72:cb:49:fd:19:7a:3c:1f:b0:56:d3:8f:a7:32:e6:
88:11:96:48:d8:47:40:5f:7d:e7:a0:0a:11:0d:c7:
c0:ae:d9:ad:bc:3b:9c:bd:41:a2:b5:93:7b:74:43:
ee:53:a0:59:ab:67:71:a4:35:1f:9d:eb:cf:1e:0a:
29:96:6f:cc:23:99:67:02:d5:ca:c1:27:85:c0:75:
90:24:04:4c:ec:70:80:5f:39:a9:6e:1c:53:2c:8e:
7e:bc:1b:6a:84:cf:64:54:d9:fb:34:2a:d3:24:1d:
ef:3a:af:34:5b:24:70:39:90:33:84:b6:3b:47:2e:
bf:c1:e7:6e:6e:52:44:66:3a:34:ab:93:fa:53:62:
99:81:3e:9a:49:9b:39:bf:50:76:5c:6a:58:99:35:
b4:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:AF:27:D6:F0:38:2A:2E:74:35:33:CA:91:08:E7:E1:62:28:D1:E2
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/Bq8n1vA4Ki50NTPKkQjn4WIo0eI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.128.0/24
94.177.113.0/24
94.177.118.0/24
Signature Algorithm: sha256WithRSAEncryption
41:cf:82:c3:4f:88:6a:fd:29:d8:0a:20:5a:86:ea:8b:fc:d7:
fd:55:ee:4d:8d:3a:65:46:31:fd:dd:df:36:cc:5b:3a:86:b4:
1c:3c:68:7a:c0:a4:dd:c2:47:cf:06:97:58:d1:a8:2e:e7:2f:
48:e5:38:d8:44:5d:98:43:a0:5e:8f:3f:83:1e:46:00:65:c0:
b7:0a:1f:bc:f6:a7:04:a5:0c:1a:fe:0c:35:77:ce:b1:27:2d:
d1:45:e4:54:4f:de:47:09:70:10:2c:74:b4:91:4b:6c:a8:a5:
d4:9b:5a:c3:c3:bc:9c:0a:a0:f4:e6:66:05:45:e1:47:a8:ae:
08:d7:39:1b:0b:1b:69:ee:b7:e2:ba:0d:a1:14:34:6c:1a:8a:
aa:a9:fe:7d:72:f3:d6:2c:1f:de:17:35:f4:ae:21:64:e1:ac:
e3:bd:de:24:77:8b:bf:c9:e9:e0:16:95:20:bb:a2:6e:c8:ef:
04:79:e6:ae:3f:ce:c9:9b:ba:61:06:39:9b:aa:ba:b8:73:02:
29:4b:69:31:6f:29:c3:0b:d4:aa:73:47:f4:d2:82:f3:c9:92:
8d:c9:17:0c:c6:68:20:a3:e1:92:6f:ce:a5:64:7e:20:9a:56:
2b:b7:31:9e:5f:e6:74:eb:66:95:7a:a7:c6:66:7e:d5:71:42:
d7:f4:98:a2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYh0ZsRhsxMoP+o5XIWBQHEGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwNjAxMDA0MTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmFmMjdkNmYwMzgyYTJlNzQzNTMzY2E5MTA4ZTdlMTYyMjhkMWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1jfdflqM4qZeU1cU/O2OECYf9u81
HrucQZIf4++UDRSiSpvV0MwnHfWk+L97dpjJ5m5YxRVEZLSNxVEK2i1jI7YTOFQG
/W/rKKIfgady/HRdPsuXUGeWsAwKQsyrFlfROHEWKHSuh5Nyy0n9GXo8H7BW04+n
MuaIEZZI2EdAX33noAoRDcfArtmtvDucvUGitZN7dEPuU6BZq2dxpDUfnevPHgop
lm/MI5lnAtXKwSeFwHWQJARM7HCAXzmpbhxTLI5+vBtqhM9kVNn7NCrTJB3vOq80
WyRwOZAzhLY7Ry6/wedublJEZjo0q5P6U2KZgT6aSZs5v1B2XGpYmTW0EQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAavJ9bwOCoudDUzypEI5+FiKNHiMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvQnE4bjF2QTRLaTUwTlRQS2tRam40V0lvMGVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSWAAwQA
XrFxAwQAXrF2MA0GCSqGSIb3DQEBCwUAA4IBAQBBz4LDT4hq/SnYCiBahuqL/Nf9
Ve5NjTplRjH93d82zFs6hrQcPGh6wKTdwkfPBpdY0agu5y9I5TjYRF2YQ6Bejz+D
HkYAZcC3Ch+89qcEpQwa/gw1d86xJy3RReRUT95HCXAQLHS0kUtsqKXUm1rDw7yc
CqD05mYFReFHqK4I1zkbCxtp7rfiug2hFDRsGoqqqf59cvPWLB/eFzX0riFk4azj
vd4kd4u/yengFpUgu6JuyO8EeeauP87Jm7phBjmbqrq4cwIpS2kxbynDC9Sqc0f0
0oLzyZKNyRcMxmggo+GSb86lZH4gmlYrtzGeX+Z062aVeqfGZn7VcULX9Jii
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:04 2023 by rpki-client on console-fra.rpki-client.org