Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/cde790-4e3b-4a4e-b84c-556506702a57/1/IjsoRdnawguzBJ0_8IOP-4P3Pdk.roa
File: IjsoRdnawguzBJ0_8IOP-4P3Pdk.roa (raw, json)
Hash identifier: EExIc8YLCHgaXgrpwJQYKwMWjPGYsyD8WRnk4g/ArIQ=
Subject key identifier: 22:3B:28:45:D9:DA:C2:0B:B3:04:9D:3F:F0:83:8F:FB:83:F7:3D:D9
Certificate issuer: /CN=50c5ca069eaaaaec775ad0a4ea3b47605b728a25
Certificate serial: 01856C65B83ABC82AA1F6F3254AB87BB8C2D
Authority key identifier: 50:C5:CA:06:9E:AA:AA:EC:77:5A:D0:A4:EA:3B:47:60:5B:72:8A:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UMXKBp6qqux3WtCk6jtHYFtyiiU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/cde790-4e3b-4a4e-b84c-556506702a57/1/IjsoRdnawguzBJ0_8IOP-4P3Pdk.roa
Signing time: Sun 01 Jan 2023 08:14:43 +0000
ROA not before: Sun 01 Jan 2023 08:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208785
IP address blocks: 152.89.119.0/24 maxlen: 32
152.89.116.0/24 maxlen: 24
152.89.118.0/24 maxlen: 32
152.89.117.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:b8:3a:bc:82:aa:1f:6f:32:54:ab:87:bb:8c:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50c5ca069eaaaaec775ad0a4ea3b47605b728a25
Validity
Not Before: Jan 1 08:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=223b2845d9dac20bb3049d3ff0838ffb83f73dd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:40:13:f0:f3:f2:3e:56:00:12:69:c0:9b:78:
28:a5:95:bb:6b:c9:98:b2:39:93:bd:04:83:ab:a4:
92:bd:b7:6b:f5:74:d0:b6:3b:26:60:78:cd:04:2a:
10:15:f4:57:2e:dd:cf:8a:b8:e8:22:69:ee:88:11:
3c:65:36:12:65:fe:e0:5e:0e:1b:cd:52:f1:7e:6a:
55:47:b6:15:34:d9:54:f8:73:86:2e:fc:12:98:64:
c1:11:c6:50:57:cf:56:b8:97:ae:8e:81:71:c5:71:
aa:34:5f:83:71:c9:09:c2:d5:ab:2c:c0:f7:bb:1e:
c8:d9:83:ad:ad:ef:9a:2c:55:c3:7e:27:43:0a:88:
ca:b7:89:09:dd:b4:19:65:a0:3a:29:0f:30:66:77:
80:88:62:be:45:6b:f5:8b:14:c4:42:b7:2b:6d:f7:
83:75:e8:08:7f:51:36:c9:2b:ed:92:95:77:2e:8a:
89:6b:b9:8e:d3:17:9b:36:17:d6:82:91:68:a2:cc:
52:ae:67:bc:b8:98:0a:e9:52:af:fe:5a:0d:e4:c4:
64:2e:58:78:e7:9c:94:08:fc:ea:83:5f:f7:b4:f2:
ae:35:08:15:f1:e5:8e:9a:cf:e4:5b:0a:13:3a:2c:
9c:18:14:92:3f:5b:9e:bd:0e:bc:c9:6e:49:04:62:
92:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:3B:28:45:D9:DA:C2:0B:B3:04:9D:3F:F0:83:8F:FB:83:F7:3D:D9
X509v3 Authority Key Identifier:
keyid:50:C5:CA:06:9E:AA:AA:EC:77:5A:D0:A4:EA:3B:47:60:5B:72:8A:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UMXKBp6qqux3WtCk6jtHYFtyiiU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/cde790-4e3b-4a4e-b84c-556506702a57/1/IjsoRdnawguzBJ0_8IOP-4P3Pdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/cde790-4e3b-4a4e-b84c-556506702a57/1/UMXKBp6qqux3WtCk6jtHYFtyiiU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.116.0/22
Signature Algorithm: sha256WithRSAEncryption
68:3e:47:fc:fa:e7:14:ad:1b:80:f1:4e:d2:d1:ba:8a:20:27:
e3:63:99:ed:de:29:df:cf:58:9b:60:44:c1:99:45:de:5d:fe:
c8:61:e1:4f:82:e9:97:38:2f:f4:c2:30:56:be:ea:b3:1e:42:
89:c1:a9:b7:68:51:e8:77:c8:5e:35:8c:d8:a8:d0:3e:cb:cd:
7d:2e:0a:3e:ab:fe:3c:51:c2:a2:4c:9b:a4:92:3d:3a:ad:4c:
dd:6a:97:13:8a:61:55:91:fd:c5:a6:68:eb:10:42:1b:34:90:
81:22:db:77:ed:36:28:83:43:50:56:3e:f9:de:e6:0d:8d:c8:
fd:25:f0:d9:e1:95:21:b1:0a:f9:75:f7:f3:cc:37:f4:2d:32:
54:b3:dd:3f:e2:82:a2:fb:0a:99:50:48:85:1b:ce:e1:16:94:
53:a0:8a:67:c3:99:dc:eb:07:2c:f6:d4:7c:28:18:74:0a:9e:
6b:76:33:6e:38:07:17:fa:f6:4c:0b:f4:a4:19:26:34:bf:72:
01:b3:9c:8d:80:27:aa:ac:17:ce:31:ac:92:34:4a:28:66:3e:
1e:a8:47:7c:a4:a9:1c:f2:1b:6f:01:06:4a:c3:39:20:c6:2c:
87:4c:45:b9:39:26:97:2d:91:9f:cf:dd:42:b1:0c:92:2e:cf:
8b:7e:94:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsZbg6vIKqH28yVKuHu4wtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYzVjYTA2OWVhYWFhZWM3NzVhZDBhNGVhM2I0NzYwNWI3
MjhhMjUwHhcNMjMwMTAxMDgxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjNiMjg0NWQ5ZGFjMjBiYjMwNDlkM2ZmMDgzOGZmYjgzZjczZGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkAT8PPyPlYAEmnAm3gopZW7a8mY
sjmTvQSDq6SSvbdr9XTQtjsmYHjNBCoQFfRXLt3PirjoImnuiBE8ZTYSZf7gXg4b
zVLxfmpVR7YVNNlU+HOGLvwSmGTBEcZQV89WuJeujoFxxXGqNF+DcckJwtWrLMD3
ux7I2YOtre+aLFXDfidDCojKt4kJ3bQZZaA6KQ8wZneAiGK+RWv1ixTEQrcrbfeD
degIf1E2ySvtkpV3LoqJa7mO0xebNhfWgpFoosxSrme8uJgK6VKv/loN5MRkLlh4
55yUCPzqg1/3tPKuNQgV8eWOms/kWwoTOiycGBSSP1uevQ68yW5JBGKS3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCI7KEXZ2sILswSdP/CDj/uD9z3ZMB8GA1UdIwQY
MBaAFFDFygaeqqrsd1rQpOo7R2BbcoolMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU1YS0JwNnFxdXgzV3RDazZqdEhZRnR5aWlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9jZGU3OTAtNGUzYi00YTRlLWI4NGMt
NTU2NTA2NzAyYTU3LzEvSWpzb1JkbmF3Z3V6QkowXzhJT1AtNFAzUGRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9jZGU3OTAtNGUzYi00YTRlLWI4NGMtNTU2NTA2NzAyYTU3
LzEvVU1YS0JwNnFxdXgzV3RDazZqdEhZRnR5aWlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmFl0MA0G
CSqGSIb3DQEBCwUAA4IBAQBoPkf8+ucUrRuA8U7S0bqKICfjY5nt3infz1ibYETB
mUXeXf7IYeFPgumXOC/0wjBWvuqzHkKJwam3aFHod8heNYzYqNA+y819Lgo+q/48
UcKiTJukkj06rUzdapcTimFVkf3FpmjrEEIbNJCBItt37TYog0NQVj753uYNjcj9
JfDZ4ZUhsQr5dffzzDf0LTJUs90/4oKi+wqZUEiFG87hFpRToIpnw5nc6wcs9tR8
KBh0Cp5rdjNuOAcX+vZMC/SkGSY0v3IBs5yNgCeqrBfOMaySNEooZj4eqEd8pKkc
8htvAQZKwzkgxiyHTEW5OSaXLZGfz91CsQySLs+LfpQE
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:30:53 2024 by rpki-client on console.sobornost.net