Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/eOA5QvJB1-32nc5Sm8cknEF9wWg.roa
File: eOA5QvJB1-32nc5Sm8cknEF9wWg.roa (raw, json)
Hash identifier: C+bX1ToaHw+QXdCPt1s08U5099+HdMMul3fOD4w2ERk=
Subject key identifier: 78:E0:39:42:F2:41:D7:ED:F6:9D:CE:52:9B:C7:24:9C:41:7D:C1:68
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018EDB47E984E7F77F0A9E57057C8037623A
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/eOA5QvJB1-32nc5Sm8cknEF9wWg.roa
Signing time: Sun 14 Apr 2024 06:25:06 +0000
ROA not before: Sun 14 Apr 2024 06:25:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.46.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Apr 2024 06:06:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:db:47:e9:84:e7:f7:7f:0a:9e:57:05:7c:80:37:62:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Apr 14 06:25:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78e03942f241d7edf69dce529bc7249c417dc168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7a:13:ec:59:86:a7:37:e1:bd:9e:53:a5:04:
d2:16:4b:7f:d0:64:4e:5f:31:98:6a:9f:db:03:d8:
f7:1a:77:e3:f9:0b:5c:e8:39:c8:9e:35:d5:a5:3f:
9d:36:d8:60:0b:3a:d1:66:44:32:f3:58:c5:1c:2c:
39:d3:f0:b3:d1:2b:e0:45:26:67:d9:ef:d6:f1:25:
4e:50:d7:77:25:03:d8:b4:0a:54:2e:f9:c7:3a:65:
a1:d5:94:7a:1c:7e:27:35:cb:b7:c9:26:f2:33:0a:
1f:63:8c:05:48:d3:60:38:df:02:f6:62:53:fa:49:
3c:11:f0:5a:03:8e:a2:ef:08:c2:5a:15:8a:be:fc:
8c:8e:b8:a4:c6:6f:01:f8:8a:fb:25:6e:db:c2:44:
6b:dc:0e:78:7f:96:24:5f:d0:c4:e7:a3:ff:21:4a:
6e:7e:88:74:55:c5:33:55:40:06:89:02:c8:95:01:
70:6d:c4:df:f2:01:d9:1d:82:09:a4:6b:53:86:9b:
7a:92:77:c6:58:63:08:0b:b9:85:27:f5:27:9b:51:
b4:1d:fc:69:92:d5:ce:9b:b4:ff:da:d7:47:63:0e:
58:62:d6:32:2d:45:7a:0b:7e:6b:60:a4:1d:75:cf:
6c:b3:6e:6b:14:9f:3b:fa:30:c5:f0:90:4f:88:cd:
c0:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:E0:39:42:F2:41:D7:ED:F6:9D:CE:52:9B:C7:24:9C:41:7D:C1:68
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/eOA5QvJB1-32nc5Sm8cknEF9wWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
89.46.3.0/24
Signature Algorithm: sha256WithRSAEncryption
44:01:70:93:1e:b1:ac:1d:b9:15:2a:26:db:a6:1a:e1:be:2f:
ba:b8:5c:37:0f:83:f9:b1:89:47:87:6f:ae:94:43:04:95:e9:
01:25:d7:20:ab:a6:79:33:44:b0:f1:3c:5b:fe:0e:2f:6a:ba:
26:c8:1b:0b:3d:4b:aa:8d:b7:78:c7:b2:1d:aa:d5:73:98:77:
61:0b:ed:33:56:d5:de:87:22:01:95:5a:b8:05:97:cf:18:ce:
d4:e0:1b:b7:57:24:16:69:e7:34:04:d9:4c:ea:80:ff:91:87:
0d:1c:0a:82:79:58:60:02:41:ad:34:fb:b6:ed:b3:ce:00:ea:
1a:31:2e:42:de:ae:0c:96:d0:5c:51:6e:16:54:a5:9c:33:b5:
51:77:95:d7:8b:9e:c0:87:94:3e:2e:cd:bc:bb:57:cc:00:ef:
92:6a:50:2f:ef:56:d7:e3:4d:07:1b:70:89:47:bf:0f:a7:37:
2c:fd:31:c0:52:bc:39:4b:81:f0:21:43:06:40:e3:44:11:a3:
19:f0:d8:47:7f:c7:1f:c8:f5:a6:f2:7a:5f:9e:e2:03:1e:f9:
b3:2a:74:f7:04:2f:1b:12:b5:63:fb:a9:43:a2:8e:33:7f:0c:
85:73:b1:b6:43:dc:f1:0b:c3:0a:7e:e3:1e:fe:3a:f6:17:f1:
47:cd:e5:b3
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY7bR+mE5/d/Cp5XBXyAN2I6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwNDE0MDYyNTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGUwMzk0MmYyNDFkN2VkZjY5ZGNlNTI5YmM3MjQ5YzQxN2RjMTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXoT7FmGpzfhvZ5TpQTSFkt/0GRO
XzGYap/bA9j3Gnfj+Qtc6DnInjXVpT+dNthgCzrRZkQy81jFHCw50/Cz0SvgRSZn
2e/W8SVOUNd3JQPYtApULvnHOmWh1ZR6HH4nNcu3ySbyMwofY4wFSNNgON8C9mJT
+kk8EfBaA46i7wjCWhWKvvyMjrikxm8B+Ir7JW7bwkRr3A54f5YkX9DE56P/IUpu
foh0VcUzVUAGiQLIlQFwbcTf8gHZHYIJpGtThpt6knfGWGMIC7mFJ/Unm1G0Hfxp
ktXOm7T/2tdHYw5YYtYyLUV6C35rYKQddc9ss25rFJ87+jDF8JBPiM3AQwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHjgOULyQdft9p3OUpvHJJxBfcFoMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvZU9BNVF2SkIxLTMybmM1U204Y2tuRUY5d1dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABZKlED
BAJZKlADBABZLgMwDQYJKoZIhvcNAQELBQADggEBAEQBcJMesawduRUqJtumGuG+
L7q4XDcPg/mxiUeHb66UQwSV6QEl1yCrpnkzRLDxPFv+Di9quibIGws9S6qNt3jH
sh2q1XOYd2EL7TNW1d6HIgGVWrgFl88YztTgG7dXJBZp5zQE2UzqgP+Rhw0cCoJ5
WGACQa00+7bts84A6hoxLkLergyW0FxRbhZUpZwztVF3ldeLnsCHlD4uzby7V8wA
75JqUC/vVtfjTQcbcIlHvw+nNyz9McBSvDlLgfAhQwZA40QRoxnw2Ed/xx/I9aby
el+e4gMe+bMqdPcELxsStWP7qUOijjN/DIVzsbZD3PELwwp+4x7+OvYX8UfN5bM=
-----END CERTIFICATE-----
Generated at Mon Apr 29 11:06:52 2024 by rpki-client on console-fra.rpki-client.org