Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1-lTHbYWd2TMd5ttfx91qp6ql1hY.roa
File: 1-lTHbYWd2TMd5ttfx91qp6ql1hY.roa (raw, json)
Hash identifier: ey7Z/BPhMhyDqfjIjbEJB6dCMtsaTTIHdxMifGvgiT8=
Subject key identifier: FA:54:C7:6D:85:9D:D9:33:1D:E6:DB:5F:C7:DD:6A:A7:AA:A5:D6:16
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018F9AA79381CD60D2F5FCF22FE8B8B87A56
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1-lTHbYWd2TMd5ttfx91qp6ql1hY.roa
Signing time: Tue 21 May 2024 10:17:04 +0000
ROA not before: Tue 21 May 2024 10:17:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.80.0/24 maxlen: 24
89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 21 May 2024 13:38:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9a:a7:93:81:cd:60:d2:f5:fc:f2:2f:e8:b8:b8:7a:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: May 21 10:17:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa54c76d859dd9331de6db5fc7dd6aa7aaa5d616
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d9:c3:af:db:b2:98:aa:9c:c8:9e:cd:c1:b2:
4c:31:ad:81:a4:0e:09:1d:c8:97:75:2e:ca:46:8e:
bd:ef:fb:1a:7a:f1:f4:71:dc:ce:e9:8b:e9:39:3a:
9a:ed:b4:64:51:ff:59:d9:2f:3d:15:7d:a0:66:f1:
a0:17:82:20:db:28:4a:a4:96:d4:53:44:0d:5b:2a:
5f:dc:fa:06:4c:b9:42:93:75:2c:fb:51:a7:ea:67:
a4:8b:8f:1d:aa:1c:65:fe:fa:ea:15:89:ef:87:17:
8b:36:c4:6d:b1:5c:b6:d6:f5:dd:43:6b:e6:70:9f:
12:22:d9:bb:79:b3:69:aa:f9:38:a1:82:c4:63:cd:
29:b6:09:03:75:df:42:29:c0:fc:4d:d4:11:81:82:
f9:db:73:26:d7:3d:44:de:de:8d:f2:f6:27:9f:ad:
98:4d:09:7f:9f:7a:3b:66:b3:cc:49:10:f9:a0:04:
66:ac:86:34:d5:f1:fe:1b:95:6f:d5:51:30:57:c4:
55:d0:62:0d:1e:32:e8:2e:08:3b:98:40:85:b5:b3:
7c:02:8d:c4:c9:f3:ed:a9:fd:68:7a:9e:c0:f6:30:
e2:27:ad:04:df:e4:ff:d1:63:ad:51:63:52:00:24:
ff:27:ab:8d:89:68:c9:5a:1f:ef:44:e1:fc:12:cf:
6d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:54:C7:6D:85:9D:D9:33:1D:E6:DB:5F:C7:DD:6A:A7:AA:A5:D6:16
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1-lTHbYWd2TMd5ttfx91qp6ql1hY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.80.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:a9:77:9c:4a:6b:28:a6:e9:42:47:04:7f:dd:8a:24:d8:f0:
cd:7f:e2:65:be:53:a2:a6:9e:83:2d:bc:c7:f1:e8:5d:ee:60:
13:fe:45:7e:6c:6e:04:c0:da:cd:d7:0c:83:76:11:7d:87:bc:
c2:be:5a:80:ce:6f:a4:48:43:bc:32:63:55:02:e4:ba:2e:9e:
3f:e1:5e:72:dd:f4:f4:6d:02:43:22:d3:e4:0d:96:e6:95:a3:
44:a3:40:17:fc:7d:d1:40:3b:ba:a4:7d:83:38:3c:0c:11:79:
4b:e0:c6:bd:c7:32:6a:b2:47:f6:49:e4:ba:bd:7d:cd:22:92:
92:bd:36:b5:a6:85:db:c2:7c:a5:11:85:b3:6a:a2:83:39:a9:
f4:2d:cb:61:9d:26:bd:70:0c:c2:aa:14:38:b9:33:c5:8e:6b:
fc:07:25:c0:6f:ee:2d:5e:aa:8c:6a:e6:c0:ac:4a:9a:8b:24:
4b:f3:ff:ba:83:af:23:31:78:9f:02:d4:18:38:a1:d8:f5:35:
92:ff:0d:59:1b:a5:07:e7:ef:f6:76:6f:f2:f7:0d:be:8c:ab:
c2:c4:8e:f2:d8:12:a8:ed:57:d9:95:9d:e3:8e:71:65:3b:89:
54:04:10:8c:95:1a:ed:41:fb:fb:84:61:12:c8:a9:66:b2:9c:
d5:7f:53:ed
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY+ap5OBzWDS9fzyL+i4uHpWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwNTIxMTAxNzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTU0Yzc2ZDg1OWRkOTMzMWRlNmRiNWZjN2RkNmFhN2FhYTVkNjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstnDr9uymKqcyJ7NwbJMMa2BpA4J
HciXdS7KRo697/saevH0cdzO6YvpOTqa7bRkUf9Z2S89FX2gZvGgF4Ig2yhKpJbU
U0QNWypf3PoGTLlCk3Us+1Gn6meki48dqhxl/vrqFYnvhxeLNsRtsVy21vXdQ2vm
cJ8SItm7ebNpqvk4oYLEY80ptgkDdd9CKcD8TdQRgYL523Mm1z1E3t6N8vYnn62Y
TQl/n3o7ZrPMSRD5oARmrIY01fH+G5Vv1VEwV8RV0GINHjLoLgg7mECFtbN8Ao3E
yfPtqf1oep7A9jDiJ60E3+T/0WOtUWNSACT/J6uNiWjJWh/vROH8Es9tnQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPpUx22FndkzHebbX8fdaqeqpdYWMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvMS1sVEhiWVdkMlRNZDV0dGZ4OTFxcDZxbDFoWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWIvODRlYjQ0LWJiZGYtNDZjMS1iMDQzLWI0MmYyM2Q4Mjhj
My8xLzhkUnVEajZNcXE3VXBTbTlmWE1JdlI3d0hCMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlkqUDAN
BgkqhkiG9w0BAQsFAAOCAQEAD6l3nEprKKbpQkcEf92KJNjwzX/iZb5Toqaegy28
x/HoXe5gE/5FfmxuBMDazdcMg3YRfYe8wr5agM5vpEhDvDJjVQLkui6eP+Fect30
9G0CQyLT5A2W5pWjRKNAF/x90UA7uqR9gzg8DBF5S+DGvccyarJH9knkur19zSKS
kr02taaF28J8pRGFs2qigzmp9C3LYZ0mvXAMwqoUOLkzxY5r/AclwG/uLV6qjGrm
wKxKmoskS/P/uoOvIzF4nwLUGDih2PU1kv8NWRulB+fv9nZv8vcNvoyrwsSO8tgS
qO1X2ZWd445xZTuJVAQQjJUa7UH7+4RhEsipZrKc1X9T7Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:49 2024 by rpki-client on console-ams.rpki-client.org