Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/4f6ee4-fa6e-436e-b349-6ef7e1199698/1/tQ8P5Y3LPYS45UoxS-M9hrRMTR4.roa
File: tQ8P5Y3LPYS45UoxS-M9hrRMTR4.roa (raw, json)
Hash identifier: p2t62c8TyWhmoWluFvVSibkrCB49z4GVkN5fkNrbNNc=
Subject key identifier: B5:0F:0F:E5:8D:CB:3D:84:B8:E5:4A:31:4B:E3:3D:86:B4:4C:4D:1E
Certificate issuer: /CN=dc8e059d5eb77649fbf19b84af35f6891d9c5807
Certificate serial: 018B5BA7F707DE00E139E285EDF31257BB2B
Authority key identifier: DC:8E:05:9D:5E:B7:76:49:FB:F1:9B:84:AF:35:F6:89:1D:9C:58:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3I4FnV63dkn78ZuErzX2iR2cWAc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/4f6ee4-fa6e-436e-b349-6ef7e1199698/1/tQ8P5Y3LPYS45UoxS-M9hrRMTR4.roa
Signing time: Mon 23 Oct 2023 08:30:16 +0000
ROA not before: Mon 23 Oct 2023 08:30:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25081
IP address blocks: 81.89.192.0/20 maxlen: 20
2a04:c940::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5b:a7:f7:07:de:00:e1:39:e2:85:ed:f3:12:57:bb:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc8e059d5eb77649fbf19b84af35f6891d9c5807
Validity
Not Before: Oct 23 08:30:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b50f0fe58dcb3d84b8e54a314be33d86b44c4d1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:60:31:14:90:06:fe:3f:bb:1d:21:f5:24:dd:
3b:0a:00:54:fd:9c:e0:11:f7:1b:6b:ed:0c:d0:da:
3b:61:90:7c:1b:35:de:80:bd:25:8a:c6:24:aa:e2:
aa:2b:1b:9b:8d:d4:32:15:70:cc:2e:2e:9e:df:2e:
5c:6c:34:d5:26:6a:10:bd:4d:b2:f2:d0:20:88:ee:
1c:13:c2:4c:9b:ca:7c:80:3c:f6:ac:16:59:be:33:
ce:33:e5:4c:0c:b7:fb:eb:b8:a7:04:72:cb:c7:25:
25:7e:62:42:95:5a:d0:2f:98:8d:fa:51:6f:94:71:
9d:9a:56:47:4c:db:c9:32:96:dc:4f:3f:ee:c1:14:
46:34:f8:96:b2:5f:63:db:a5:15:8f:32:05:e8:75:
b6:6d:26:3d:d5:d0:87:2b:20:28:a4:f4:1e:93:9e:
4d:ce:d0:70:4c:c7:b8:42:df:95:06:09:19:0c:30:
70:bc:41:1b:7d:24:64:f0:1c:f1:2d:63:18:74:c7:
fd:f0:6f:64:c6:d5:4d:31:7a:bb:5c:37:c1:0d:99:
a3:6e:38:e4:53:c9:21:ca:7a:5b:c6:8b:d1:3d:36:
77:2b:f6:e5:27:ca:a7:06:1e:a7:b9:53:a4:2c:b5:
ef:69:f2:b9:f6:14:0b:3f:8b:e0:a7:83:21:a8:4c:
22:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:0F:0F:E5:8D:CB:3D:84:B8:E5:4A:31:4B:E3:3D:86:B4:4C:4D:1E
X509v3 Authority Key Identifier:
keyid:DC:8E:05:9D:5E:B7:76:49:FB:F1:9B:84:AF:35:F6:89:1D:9C:58:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3I4FnV63dkn78ZuErzX2iR2cWAc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/4f6ee4-fa6e-436e-b349-6ef7e1199698/1/tQ8P5Y3LPYS45UoxS-M9hrRMTR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/4f6ee4-fa6e-436e-b349-6ef7e1199698/1/3I4FnV63dkn78ZuErzX2iR2cWAc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.89.192.0/20
IPv6:
2a04:c940::/29
Signature Algorithm: sha256WithRSAEncryption
2e:9f:8a:fd:fd:a3:7c:20:5b:08:e2:d2:42:19:ae:bf:4f:6c:
fb:c8:68:89:28:80:7e:c9:cd:c9:6b:e1:95:35:f4:28:7f:f9:
76:39:f3:e5:91:4c:86:9b:9e:d3:ac:9a:12:c6:08:2a:bb:81:
d4:66:1e:08:e1:b1:d6:e8:9b:e3:b6:04:cb:e4:26:4d:de:b8:
e1:31:6d:fc:67:60:3b:77:d7:ce:02:56:7d:dc:d0:12:f4:7d:
4a:58:f3:2c:78:23:39:08:93:72:7d:0a:f4:74:77:f8:39:27:
06:db:b1:13:39:2e:f5:c6:b4:1b:03:68:2f:d9:48:62:d0:7e:
6d:47:5c:c1:f0:1a:08:fd:a5:f6:91:11:5a:21:d6:cf:7e:03:
f7:6e:5a:83:3a:f8:c0:c6:76:13:ac:29:29:ae:ac:f2:da:0f:
d7:1d:db:1e:01:59:e9:82:7b:7e:0e:0f:4d:e6:a9:cb:b4:df:
07:6b:d6:22:f2:e3:25:1e:97:25:7b:2f:5f:61:c0:23:56:30:
74:3e:0d:d9:fa:1c:22:ab:7b:54:c3:fb:65:40:02:a9:7f:a9:
0e:35:66:bb:65:92:41:c8:36:79:dd:81:6b:08:0a:84:c0:a0:
17:c4:d2:ef:20:9c:d5:79:0f:f1:51:a9:c4:7b:50:f8:6d:03:
be:af:ff:e8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYtbp/cH3gDhOeKF7fMSV7srMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjOGUwNTlkNWViNzc2NDlmYmYxOWI4NGFmMzVmNjg5MWQ5
YzU4MDcwHhcNMjMxMDIzMDgzMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTBmMGZlNThkY2IzZDg0YjhlNTRhMzE0YmUzM2Q4NmI0NGM0ZDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmAxFJAG/j+7HSH1JN07CgBU/Zzg
Efcba+0M0No7YZB8GzXegL0lisYkquKqKxubjdQyFXDMLi6e3y5cbDTVJmoQvU2y
8tAgiO4cE8JMm8p8gDz2rBZZvjPOM+VMDLf767inBHLLxyUlfmJClVrQL5iN+lFv
lHGdmlZHTNvJMpbcTz/uwRRGNPiWsl9j26UVjzIF6HW2bSY91dCHKyAopPQek55N
ztBwTMe4Qt+VBgkZDDBwvEEbfSRk8BzxLWMYdMf98G9kxtVNMXq7XDfBDZmjbjjk
U8khynpbxovRPTZ3K/blJ8qnBh6nuVOkLLXvafK59hQLP4vgp4MhqEwilwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLUPD+WNyz2EuOVKMUvjPYa0TE0eMB8GA1UdIwQY
MBaAFNyOBZ1et3ZJ+/GbhK819okdnFgHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0k0Rm5WNjNka243OFp1RXJ6WDJpUjJjV0FjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS80ZjZlZTQtZmE2ZS00MzZlLWIzNDkt
NmVmN2UxMTk5Njk4LzEvdFE4UDVZM0xQWVM0NVVveFMtTTloclJNVFI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS80ZjZlZTQtZmE2ZS00MzZlLWIzNDktNmVmN2UxMTk5Njk4
LzEvM0k0Rm5WNjNka243OFp1RXJ6WDJpUjJjV0FjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEUVnAMA0E
AgACMAcDBQMqBMlAMA0GCSqGSIb3DQEBCwUAA4IBAQAun4r9/aN8IFsI4tJCGa6/
T2z7yGiJKIB+yc3Ja+GVNfQof/l2OfPlkUyGm57TrJoSxggqu4HUZh4I4bHW6Jvj
tgTL5CZN3rjhMW38Z2A7d9fOAlZ93NAS9H1KWPMseCM5CJNyfQr0dHf4OScG27ET
OS71xrQbA2gv2Uhi0H5tR1zB8BoI/aX2kRFaIdbPfgP3blqDOvjAxnYTrCkprqzy
2g/XHdseAVnpgnt+Dg9N5qnLtN8Ha9Yi8uMlHpcley9fYcAjVjB0Pg3Z+hwiq3tU
w/tlQAKpf6kONWa7ZZJByDZ53YFrCAqEwKAXxNLvIJzVeQ/xUanEe1D4bQO+r//o
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:30 2024 by rpki-client on console-fra.rpki-client.org