Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/DRbCmyuYPyuBiY0EVKVKtrztaqo.roa
File: DRbCmyuYPyuBiY0EVKVKtrztaqo.roa (raw, json)
Hash identifier: 7IoA9j2ncV4IMrxBVubqyxbXXRP3eYCwsk8HlDiPz6I=
Subject key identifier: 0D:16:C2:9B:2B:98:3F:2B:81:89:8D:04:54:A5:4A:B6:BC:ED:6A:AA
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 0186EBAF1D83A06BCA1509DA8AB5B142A2D8
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/DRbCmyuYPyuBiY0EVKVKtrztaqo.roa
Signing time: Thu 16 Mar 2023 18:29:27 +0000
ROA not before: Thu 16 Mar 2023 18:29:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 393427
IP address blocks: 89.37.128.0/24 maxlen: 24
176.223.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Mar 2023 21:43:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:eb:af:1d:83:a0:6b:ca:15:09:da:8a:b5:b1:42:a2:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Mar 16 18:29:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d16c29b2b983f2b81898d0454a54ab6bced6aaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:da:32:8c:da:2b:0a:c9:a2:57:b6:50:0f:41:
c6:70:55:3d:33:51:32:df:26:f4:77:cf:6c:fb:ef:
01:fc:9c:82:f2:91:9d:90:7b:58:a1:18:1c:99:6a:
42:68:7f:59:d3:ff:94:d9:ee:08:07:98:12:17:31:
65:1d:a1:68:2f:5a:06:54:4d:26:23:51:56:97:c7:
d5:9e:8e:aa:5b:ab:2c:7e:fc:fb:5a:a8:c0:39:e9:
50:83:ca:c0:12:e0:48:37:fd:f6:e5:fe:4d:f1:46:
94:6d:85:9a:c1:99:a1:0f:88:23:c8:d8:d5:50:45:
4d:f1:31:94:8e:5d:f7:8d:77:4a:10:0b:43:44:af:
da:29:6e:c6:1c:71:13:6c:f8:9c:c0:af:32:79:d7:
81:ba:ff:69:24:3b:e7:c4:ca:eb:b6:85:df:5e:07:
78:a7:c0:66:fe:0f:24:59:6e:6c:5c:05:b5:a2:a3:
38:0f:95:e6:4d:f0:2f:26:d8:3d:33:2a:55:71:4d:
26:68:8c:40:49:9e:d5:19:b9:70:fa:f7:c1:2b:4a:
3c:89:d5:b1:84:d1:ab:bc:f3:0d:ea:a2:d2:d0:62:
f8:28:43:d5:5c:5b:b7:d1:ea:41:63:01:03:fe:03:
d2:de:f0:f9:10:a6:cf:f7:10:6e:37:65:ef:ab:31:
7a:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:16:C2:9B:2B:98:3F:2B:81:89:8D:04:54:A5:4A:B6:BC:ED:6A:AA
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/DRbCmyuYPyuBiY0EVKVKtrztaqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.128.0/24
176.223.190.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:7f:69:e2:e4:6b:20:1b:5d:ae:60:e5:1d:f6:00:92:3f:0d:
3a:e8:37:12:e4:70:3c:aa:04:ae:5e:81:d1:59:cd:c6:06:87:
d7:e1:87:03:6b:45:f7:c0:50:1f:2a:eb:d3:86:c9:68:58:5b:
90:9b:c7:cc:96:fc:d3:2d:55:44:ba:f1:5b:48:69:bf:44:e2:
30:60:12:b9:97:10:d0:23:12:90:0d:87:28:82:7a:57:fc:93:
6a:fe:95:f0:62:d3:ad:1f:f3:ff:13:83:b2:d1:36:51:80:19:
62:fd:b8:2c:4d:38:15:d1:4e:12:72:9a:53:3d:59:11:3b:ff:
83:0a:5c:aa:6b:d8:27:05:c4:27:d1:4f:13:39:a1:7b:d7:e7:
fb:ca:9f:28:07:f7:c1:cb:ae:a8:a8:55:13:f8:88:8e:ba:df:
e2:17:e1:8a:57:8d:d9:60:45:22:4f:64:66:ab:5e:82:b3:24:
00:d8:10:8f:01:1c:6f:22:37:6f:7f:50:be:fd:e0:98:53:17:
ba:04:d0:0c:0c:a0:8d:c2:c2:d2:74:68:4e:48:60:c0:90:92:
fd:f4:09:91:c0:bd:ab:f3:57:7c:ac:b2:2a:c2:5b:2c:02:a1:
11:8c:90:0c:62:9e:98:15:8c:9e:cf:54:ef:79:2b:29:55:74:
6a:bb:11:0a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYbrrx2DoGvKFQnairWxQqLYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwMzE2MTgyOTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDE2YzI5YjJiOTgzZjJiODE4OThkMDQ1NGE1NGFiNmJjZWQ2YWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNoyjNorCsmiV7ZQD0HGcFU9M1Ey
3yb0d89s++8B/JyC8pGdkHtYoRgcmWpCaH9Z0/+U2e4IB5gSFzFlHaFoL1oGVE0m
I1FWl8fVno6qW6ssfvz7WqjAOelQg8rAEuBIN/325f5N8UaUbYWawZmhD4gjyNjV
UEVN8TGUjl33jXdKEAtDRK/aKW7GHHETbPicwK8yedeBuv9pJDvnxMrrtoXfXgd4
p8Bm/g8kWW5sXAW1oqM4D5XmTfAvJtg9MypVcU0maIxASZ7VGblw+vfBK0o8idWx
hNGrvPMN6qLS0GL4KEPVXFu30epBYwED/gPS3vD5EKbP9xBuN2XvqzF6cwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA0WwpsrmD8rgYmNBFSlSra87WqqMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvRFJiQ215dVlQeXVCaVkwRVZLVkt0cnp0YXFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSWAAwQA
sN++MA0GCSqGSIb3DQEBCwUAA4IBAQBcf2ni5GsgG12uYOUd9gCSPw066DcS5HA8
qgSuXoHRWc3GBofX4YcDa0X3wFAfKuvThsloWFuQm8fMlvzTLVVEuvFbSGm/ROIw
YBK5lxDQIxKQDYcognpX/JNq/pXwYtOtH/P/E4Oy0TZRgBli/bgsTTgV0U4ScppT
PVkRO/+DClyqa9gnBcQn0U8TOaF71+f7yp8oB/fBy66oqFUT+IiOut/iF+GKV43Z
YEUiT2Rmq16CsyQA2BCPARxvIjdvf1C+/eCYUxe6BNAMDKCNwsLSdGhOSGDAkJL9
9AmRwL2r81d8rLIqwlssAqERjJAMYp6YFYyez1TveSspVXRquxEK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:48 2024 by rpki-client on console-ams.rpki-client.org