Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/W6-AqZMGGjja5v12rBet9ermGWI.roa
File: W6-AqZMGGjja5v12rBet9ermGWI.roa (raw, json)
Hash identifier: 0jFlnhGE9M+EJ8IAVFg2LK6DNaqaKRy8RZAWe1uG748=
Subject key identifier: 5B:AF:80:A9:93:06:1A:38:DA:E6:FD:76:AC:17:AD:F5:EA:E6:19:62
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 0185770FC9E2C21775E7DDA60AFC4768D4EB
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/W6-AqZMGGjja5v12rBet9ermGWI.roa
Signing time: Tue 03 Jan 2023 09:56:41 +0000
ROA not before: Tue 03 Jan 2023 09:56:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51189
IP address blocks: 89.252.252.0/22 maxlen: 22
89.252.252.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:77:0f:c9:e2:c2:17:75:e7:dd:a6:0a:fc:47:68:d4:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Jan 3 09:56:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5baf80a993061a38dae6fd76ac17adf5eae61962
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:d8:31:ae:76:83:69:91:61:2f:60:79:a9:fd:
75:59:78:3a:31:48:aa:0f:79:fe:6a:8f:70:6c:fa:
77:1a:d3:95:44:a0:37:08:fc:08:01:db:7a:70:f1:
56:2a:e7:22:e6:88:04:58:94:10:80:3b:ed:94:cf:
f2:da:d6:37:7d:58:87:dc:7c:2c:35:45:3e:e9:0c:
93:ea:69:16:e9:fe:b9:8c:78:cb:a6:26:1f:69:e6:
5b:44:5d:8f:59:f0:f4:47:d6:ba:17:a2:73:9f:b2:
a6:ce:bf:99:28:aa:6f:b7:b3:cf:8e:24:67:fc:b5:
75:a6:f5:88:90:36:1c:67:30:8a:89:2a:30:92:ee:
0e:1c:bb:fd:e1:3a:31:99:a9:c2:1e:f2:cc:96:53:
15:a6:85:9f:8b:2c:a0:da:dd:12:67:dc:1b:47:9f:
6f:10:15:be:e7:86:15:42:86:68:6d:af:b8:7e:1d:
41:13:f9:6a:99:16:bb:c1:94:c0:c0:35:14:91:c8:
56:07:2b:e3:9b:db:34:35:96:69:99:4c:8f:6a:3b:
7a:76:1a:3e:c5:1d:85:d1:3b:bd:de:0d:a4:8b:09:
ce:68:f9:09:ef:03:b3:eb:52:41:5e:09:46:df:b6:
c0:d7:34:f2:1a:54:b8:8f:36:37:5d:4c:0c:2f:b7:
cc:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:AF:80:A9:93:06:1A:38:DA:E6:FD:76:AC:17:AD:F5:EA:E6:19:62
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/W6-AqZMGGjja5v12rBet9ermGWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.252.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:cf:cf:53:7d:49:80:89:f0:4c:f4:6c:66:7b:b1:79:cf:99:
8d:c3:4b:c0:f8:7a:ea:c6:ed:44:5b:bd:f1:b1:a5:8e:ad:ca:
77:8b:55:1f:73:39:95:29:bc:cd:4c:bd:a4:9c:f1:30:e0:34:
5c:7c:76:ce:7f:67:c4:34:af:05:e1:fd:10:5e:ba:19:57:00:
9e:b5:17:b6:38:29:2e:0c:18:aa:a3:79:56:82:1e:dd:9c:50:
bb:15:7d:ec:dc:f7:51:7a:db:e2:d6:20:a7:9b:8b:40:1f:c5:
02:66:a7:e2:76:4c:3a:91:89:72:ea:48:ea:76:fb:06:cc:93:
29:e5:59:e0:32:0c:8b:5b:83:08:f6:a0:a1:73:19:cc:04:13:
b7:4b:2c:90:fe:f7:f0:1f:e9:b9:36:f7:a0:4c:75:b6:fe:4f:
a9:ae:ef:9d:e7:88:e8:f6:dc:a1:69:6e:5f:75:c5:9f:1e:ba:
72:67:c6:1e:46:e4:db:f4:be:b0:af:30:5d:4a:9b:51:b3:b6:
b3:45:5b:9a:38:e5:26:d1:a2:ce:2f:21:d8:4c:3e:ab:6f:6c:
d8:94:31:1a:fa:16:9b:0b:16:a6:e1:02:42:40:f2:f5:af:8e:
ce:7a:26:65:c0:a9:eb:e8:31:f2:22:92:01:e2:54:a7:24:a5:
45:2d:43:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYV3D8niwhd1592mCvxHaNTrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjMwMTAzMDk1NjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmFmODBhOTkzMDYxYTM4ZGFlNmZkNzZhYzE3YWRmNWVhZTYxOTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9dgxrnaDaZFhL2B5qf11WXg6MUiq
D3n+ao9wbPp3GtOVRKA3CPwIAdt6cPFWKuci5ogEWJQQgDvtlM/y2tY3fViH3Hws
NUU+6QyT6mkW6f65jHjLpiYfaeZbRF2PWfD0R9a6F6Jzn7Kmzr+ZKKpvt7PPjiRn
/LV1pvWIkDYcZzCKiSowku4OHLv94ToxmanCHvLMllMVpoWfiyyg2t0SZ9wbR59v
EBW+54YVQoZoba+4fh1BE/lqmRa7wZTAwDUUkchWByvjm9s0NZZpmUyPajt6dho+
xR2F0Tu93g2kiwnOaPkJ7wOz61JBXglG37bA1zTyGlS4jzY3XUwML7fMawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFuvgKmTBho42ub9dqwXrfXq5hliMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvVzYtQXFaTUdHamphNXYxMnJCZXQ5ZXJtR1dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWfz8MA0G
CSqGSIb3DQEBCwUAA4IBAQC6z89TfUmAifBM9Gxme7F5z5mNw0vA+Hrqxu1EW73x
saWOrcp3i1UfczmVKbzNTL2knPEw4DRcfHbOf2fENK8F4f0QXroZVwCetRe2OCku
DBiqo3lWgh7dnFC7FX3s3PdRetvi1iCnm4tAH8UCZqfidkw6kYly6kjqdvsGzJMp
5VngMgyLW4MI9qChcxnMBBO3SyyQ/vfwH+m5NvegTHW2/k+pru+d54jo9tyhaW5f
dcWfHrpyZ8YeRuTb9L6wrzBdSptRs7azRVuaOOUm0aLOLyHYTD6rb2zYlDEa+hab
Cxam4QJCQPL1r47OeiZlwKnr6DHyIpIB4lSnJKVFLUPg
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:00:52 2024 by rpki-client on console.sobornost.net