Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/crIG7CQTv9hDDrzFP7NQtHvBby8.roa
File: crIG7CQTv9hDDrzFP7NQtHvBby8.roa (raw, json)
Hash identifier: pq0dkFsXKf1TZ26fSmxO8h+RlkQK+wUFZeuSg7Q2t1s=
Subject key identifier: 72:B2:06:EC:24:13:BF:D8:43:0E:BC:C5:3F:B3:50:B4:7B:C1:6F:2F
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018FE039AF09D5A9F9333A4A15849BA51E43
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/crIG7CQTv9hDDrzFP7NQtHvBby8.roa
Signing time: Mon 03 Jun 2024 22:30:27 +0000
ROA not before: Mon 03 Jun 2024 22:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 89.249.192.0/21 maxlen: 21
185.21.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Jun 2024 17:56:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e0:39:af:09:d5:a9:f9:33:3a:4a:15:84:9b:a5:1e:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jun 3 22:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72b206ec2413bfd8430ebcc53fb350b47bc16f2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b5:90:c8:5a:20:71:2f:87:77:5e:2b:34:9c:
3f:dc:c1:05:a6:90:77:11:71:7c:28:77:72:d7:cd:
ef:81:28:82:e4:e4:3d:62:2a:ba:26:9b:56:79:34:
e7:cb:70:69:4f:27:a1:65:14:0d:99:80:16:88:f2:
87:99:7b:93:22:52:ef:ac:a6:f4:75:f9:a4:93:8d:
00:c0:f0:8c:3c:7c:d0:1e:ce:67:b0:6d:da:82:47:
f6:54:1d:d6:2b:fc:21:c9:b9:e3:6f:18:da:b2:36:
d2:d4:43:ed:6d:a2:2f:4a:30:f2:91:a4:73:16:4c:
45:7d:ce:24:8d:d4:8b:25:0b:e0:e6:6f:9b:24:bb:
fa:2e:4d:de:9d:c4:a0:9a:74:bc:b2:73:56:af:bd:
d2:eb:7e:42:eb:40:88:72:56:e1:a8:37:b1:42:7e:
0a:c6:00:97:2b:63:2c:4a:56:4c:60:35:ca:6f:ac:
cd:46:34:ab:08:ff:64:f1:b4:ba:37:dd:6e:2b:34:
15:87:65:22:04:9e:74:1d:48:7f:2a:78:03:a2:cc:
54:0b:6b:21:bc:3e:05:91:4d:04:c9:5f:34:0a:a8:
4e:cb:fc:18:d0:97:86:83:07:0b:38:2a:e9:59:7d:
db:36:aa:be:87:9b:21:00:e0:f5:2f:ea:0d:b5:a1:
8f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:B2:06:EC:24:13:BF:D8:43:0E:BC:C5:3F:B3:50:B4:7B:C1:6F:2F
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/crIG7CQTv9hDDrzFP7NQtHvBby8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.192.0/21
185.21.253.0/24
Signature Algorithm: sha256WithRSAEncryption
46:f7:c0:81:b3:5c:90:c3:80:23:f4:8a:55:ca:e0:e1:12:63:
cf:c1:73:d2:a0:23:0c:1f:fa:cf:62:f3:fb:3f:b9:b4:5b:ef:
38:d7:49:63:db:11:d8:0a:05:8e:98:b7:e9:a6:9e:8d:0d:82:
17:40:6e:bf:db:ee:e2:f1:09:2a:6f:39:41:b5:89:27:00:bb:
38:06:83:b7:3d:d2:08:8c:9d:5d:4e:aa:8d:e5:84:78:1e:84:
fa:a9:60:ab:58:7e:99:48:e4:c2:99:7a:17:92:f5:50:c6:44:
2d:1f:6a:9c:3a:44:8d:21:99:d6:72:52:aa:49:82:93:1a:95:
04:8e:42:0b:17:3a:59:76:c7:45:96:6c:a5:06:2a:e9:49:3f:
4d:10:8f:cf:1c:60:30:da:20:5b:8d:4b:4e:ce:a0:a9:35:de:
aa:4c:d5:07:12:7a:e1:d8:de:28:38:34:82:9c:ad:33:dd:88:
fd:a8:23:57:e3:e0:4f:2c:eb:bc:8e:f4:27:d0:44:a8:f5:c4:
79:3c:a5:f8:ad:7a:13:cf:db:43:48:6f:7a:aa:25:65:e0:ed:
69:2e:1c:fa:2c:0a:17:23:30:80:a2:e0:41:6f:79:c9:8b:7a:
72:e9:04:b7:50:9d:c2:da:c4:8b:30:75:cf:89:0c:f5:7c:44:
8e:6c:db:69
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/gOa8J1an5MzpKFYSbpR5DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwNjAzMjIzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmIyMDZlYzI0MTNiZmQ4NDMwZWJjYzUzZmIzNTBiNDdiYzE2ZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrWQyFogcS+Hd14rNJw/3MEFppB3
EXF8KHdy183vgSiC5OQ9Yiq6JptWeTTny3BpTyehZRQNmYAWiPKHmXuTIlLvrKb0
dfmkk40AwPCMPHzQHs5nsG3agkf2VB3WK/whybnjbxjasjbS1EPtbaIvSjDykaRz
FkxFfc4kjdSLJQvg5m+bJLv6Lk3encSgmnS8snNWr73S635C60CIclbhqDexQn4K
xgCXK2MsSlZMYDXKb6zNRjSrCP9k8bS6N91uKzQVh2UiBJ50HUh/KngDosxUC2sh
vD4FkU0EyV80CqhOy/wY0JeGgwcLOCrpWX3bNqq+h5shAOD1L+oNtaGPIwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHKyBuwkE7/YQw68xT+zULR7wW8vMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvY3JJRzdDUVR2OWhERHJ6RlA3TlF0SHZCYnk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDWfnAAwQA
uRX9MA0GCSqGSIb3DQEBCwUAA4IBAQBG98CBs1yQw4Aj9IpVyuDhEmPPwXPSoCMM
H/rPYvP7P7m0W+8410lj2xHYCgWOmLfppp6NDYIXQG6/2+7i8QkqbzlBtYknALs4
BoO3PdIIjJ1dTqqN5YR4HoT6qWCrWH6ZSOTCmXoXkvVQxkQtH2qcOkSNIZnWclKq
SYKTGpUEjkILFzpZdsdFlmylBirpST9NEI/PHGAw2iBbjUtOzqCpNd6qTNUHEnrh
2N4oODSCnK0z3Yj9qCNX4+BPLOu8jvQn0ESo9cR5PKX4rXoTz9tDSG96qiVl4O1p
Lhz6LAoXIzCAouBBb3nJi3py6QS3UJ3C2sSLMHXPiQz1fESObNtp
-----END CERTIFICATE-----
Generated at Mon Jun 10 14:41:37 2024 by rpki-client on console.sobornost.net