Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/kXsh-yVsOlXOrFm48oU1Qepsgbw.roa
File: kXsh-yVsOlXOrFm48oU1Qepsgbw.roa (raw, json)
Hash identifier: RXnhNPlQWjQxs8dxTrNwd9FeaCyk6MAPW4SzO7ClpZA=
Subject key identifier: 91:7B:21:FB:25:6C:3A:55:CE:AC:59:B8:F2:85:35:41:EA:6C:81:BC
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018CC56EFF382F00D30A23628D22EE19E555
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/kXsh-yVsOlXOrFm48oU1Qepsgbw.roa
Signing time: Mon 01 Jan 2024 14:30:35 +0000
ROA not before: Mon 01 Jan 2024 14:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61138
IP address blocks: 89.47.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Feb 2024 18:53:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:ff:38:2f:00:d3:0a:23:62:8d:22:ee:19:e5:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jan 1 14:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=917b21fb256c3a55ceac59b8f2853541ea6c81bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:80:98:1c:7e:de:70:23:99:3b:09:09:71:da:
02:55:a4:39:50:85:de:d2:ec:47:8f:b9:db:33:12:
ae:81:d0:fd:9f:23:92:72:14:95:7e:37:7a:2a:01:
7d:69:42:a3:5b:b1:55:2c:04:e0:19:e6:fe:ee:38:
ba:00:0c:27:71:19:a2:3b:23:d2:04:2a:44:45:7c:
3e:62:34:15:15:5b:e4:55:3a:3e:c2:e0:41:6d:11:
5e:e3:44:2f:06:9e:c2:84:f9:60:1e:6f:27:35:22:
b0:35:d2:da:19:b2:8f:a0:d8:e3:fb:71:65:b0:61:
8d:28:26:36:99:6e:96:a7:7d:d2:82:83:6f:02:26:
31:d9:64:07:1e:f9:e2:54:91:9c:54:e5:6b:30:57:
37:c4:35:c3:ea:99:f7:d5:6e:d7:3d:68:51:3a:e8:
27:f9:57:ca:f4:df:c2:b8:67:16:22:b7:22:63:b3:
fd:e4:ca:f9:e6:0b:57:10:a6:42:27:5e:2d:a8:f8:
da:52:ba:65:22:04:65:a5:c1:c5:e5:35:db:ae:0c:
a1:4a:f6:e2:0f:91:df:0e:54:cf:16:83:db:fe:16:
ec:31:d5:1a:e3:95:c7:7f:75:ec:cd:6f:68:02:8d:
80:fd:0f:4e:34:9f:7c:8c:de:46:aa:70:bc:c8:73:
e9:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:7B:21:FB:25:6C:3A:55:CE:AC:59:B8:F2:85:35:41:EA:6C:81:BC
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/kXsh-yVsOlXOrFm48oU1Qepsgbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.47.249.0/24
Signature Algorithm: sha256WithRSAEncryption
50:cb:fc:f5:56:ba:d3:05:c6:86:c5:ab:67:44:8d:9e:82:5a:
d5:17:40:86:fd:c2:45:b9:cc:e1:48:41:90:c2:a2:f6:18:f1:
fa:33:8d:a6:fe:0c:76:3d:a1:ac:7c:07:14:1b:9a:20:20:b5:
13:45:a4:73:99:e4:48:21:be:8e:f8:ab:2b:02:55:be:8d:ad:
c0:dc:50:f4:47:8c:f8:c1:9e:54:0a:93:ba:08:5d:d7:7a:96:
19:64:4d:a4:76:06:5b:7e:da:1c:a3:26:d6:b0:83:7d:58:cd:
2f:49:6f:fe:1f:0d:78:e7:9c:f0:fe:ea:b2:65:ed:3b:94:f6:
11:6d:43:7e:63:78:b0:63:33:cb:fb:a4:d1:35:3f:e7:75:c4:
e9:df:69:c1:21:a1:32:4c:3d:e1:26:6d:7f:a3:39:38:cd:47:
41:f2:fe:3e:d9:92:26:a4:1d:ef:66:f7:8a:a4:56:61:49:ec:
1b:81:f9:18:99:8f:8c:7a:43:02:8e:99:69:9d:1a:db:ad:ef:
d2:32:bb:f5:f3:65:6c:f0:25:62:f1:b7:4f:22:88:25:fa:c7:
66:8c:c7:9b:46:00:69:13:fe:d4:20:0b:d9:4c:6b:10:62:a2:
d6:76:16:d0:6a:bf:61:7c:e0:5f:a4:9b:6d:9c:e0:88:b3:e8:
04:0b:01:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbv84LwDTCiNijSLuGeVVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwMTAxMTQzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTdiMjFmYjI1NmMzYTU1Y2VhYzU5YjhmMjg1MzU0MWVhNmM4MWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4CYHH7ecCOZOwkJcdoCVaQ5UIXe
0uxHj7nbMxKugdD9nyOSchSVfjd6KgF9aUKjW7FVLATgGeb+7ji6AAwncRmiOyPS
BCpERXw+YjQVFVvkVTo+wuBBbRFe40QvBp7ChPlgHm8nNSKwNdLaGbKPoNjj+3Fl
sGGNKCY2mW6Wp33SgoNvAiYx2WQHHvniVJGcVOVrMFc3xDXD6pn31W7XPWhROugn
+VfK9N/CuGcWIrciY7P95Mr55gtXEKZCJ14tqPjaUrplIgRlpcHF5TXbrgyhSvbi
D5HfDlTPFoPb/hbsMdUa45XHf3XszW9oAo2A/Q9ONJ98jN5GqnC8yHPpJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJF7IfslbDpVzqxZuPKFNUHqbIG8MB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEva1hzaC15VnNPbFhPckZtNDhvVTFRZXBzZ2J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS/5MA0G
CSqGSIb3DQEBCwUAA4IBAQBQy/z1VrrTBcaGxatnRI2eglrVF0CG/cJFuczhSEGQ
wqL2GPH6M42m/gx2PaGsfAcUG5ogILUTRaRzmeRIIb6O+KsrAlW+ja3A3FD0R4z4
wZ5UCpO6CF3XepYZZE2kdgZbftocoybWsIN9WM0vSW/+Hw1455zw/uqyZe07lPYR
bUN+Y3iwYzPL+6TRNT/ndcTp32nBIaEyTD3hJm1/ozk4zUdB8v4+2ZImpB3vZveK
pFZhSewbgfkYmY+MekMCjplpnRrbre/SMrv182Vs8CVi8bdPIogl+sdmjMebRgBp
E/7UIAvZTGsQYqLWdhbQar9hfOBfpJttnOCIs+gECwHn
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:15 2024 by rpki-client on console-fra.rpki-client.org