Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1FHgHYea9fa-GXNuTAZL24czvZs.roa
File: 1FHgHYea9fa-GXNuTAZL24czvZs.roa (raw, json)
Hash identifier: HmtqMxQN1ETY9rdwOan2qZL/YuDvuf92jbBWc/rgmRM=
Subject key identifier: D4:51:E0:1D:87:9A:F5:F6:BE:19:73:6E:4C:06:4B:DB:87:33:BD:9B
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 0190E35433F77440A024D6B6944BC4EBA1F1
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1FHgHYea9fa-GXNuTAZL24czvZs.roa
Signing time: Wed 24 Jul 2024 06:01:04 +0000
ROA not before: Wed 24 Jul 2024 06:01:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
93.113.180.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Jul 2024 05:22:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e3:54:33:f7:74:40:a0:24:d6:b6:94:4b:c4:eb:a1:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jul 24 06:01:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d451e01d879af5f6be19736e4c064bdb8733bd9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:84:a4:f3:b5:e6:52:a3:dc:9f:3c:69:7d:60:
6c:d7:1f:aa:eb:d1:7e:11:4d:3f:1a:8d:82:16:90:
7a:c8:ce:3d:01:33:6f:e3:ab:77:54:fc:3c:46:40:
3e:e2:2d:2d:6c:3f:c0:83:2f:e0:7b:e2:71:94:75:
07:d5:2e:4a:15:da:15:a3:3e:e6:35:5f:ac:f9:49:
5a:fd:4a:4e:51:34:76:59:73:7b:a2:25:93:74:07:
f3:a3:fe:26:a9:9e:74:86:42:c3:a9:bb:2a:b8:1c:
19:34:25:b2:ae:c5:18:5c:2b:66:06:76:99:42:70:
df:38:11:66:62:da:fc:7c:3f:06:83:88:2d:aa:89:
e1:b1:76:26:24:20:13:e8:b7:45:47:21:6c:7c:00:
29:26:79:33:e5:67:fd:ac:47:46:3f:e4:3c:8e:a1:
64:f8:48:1a:09:cb:2e:6f:a9:df:55:0e:c5:54:e6:
b7:5e:dc:b7:e8:c7:76:b1:80:bc:a3:dd:53:da:31:
fd:8c:d6:03:55:73:07:47:e2:1a:e8:27:59:6b:9c:
7a:2d:ec:4f:80:2a:9e:67:65:72:68:d3:2d:04:4d:
83:b4:4e:9a:45:10:70:2d:8b:c5:d8:33:02:8b:9c:
2c:f1:6a:ec:78:2c:20:e2:11:a6:45:46:1a:0f:ee:
53:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:51:E0:1D:87:9A:F5:F6:BE:19:73:6E:4C:06:4B:DB:87:33:BD:9B
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1FHgHYea9fa-GXNuTAZL24czvZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
93.113.180.0/24
Signature Algorithm: sha256WithRSAEncryption
23:d6:b0:f3:07:c6:3b:a5:97:cd:2e:19:d7:b0:72:94:af:37:
9a:b3:19:fd:9f:91:a8:e9:8a:28:b5:8e:48:a0:e4:7a:9c:af:
1e:69:65:18:6e:c7:ff:e9:d8:c5:51:b8:5f:b1:aa:ee:69:c9:
4c:16:9d:11:27:0c:e7:3d:a3:a4:ca:a6:ee:44:72:71:d2:d6:
9d:49:6d:91:e0:bd:49:a0:39:fc:03:ef:d4:fc:c9:9a:a2:8a:
4f:98:38:02:5f:73:a4:89:aa:5e:3c:37:4f:ee:3b:4a:e6:74:
5e:0c:98:f4:2a:8b:62:01:9c:6b:42:d2:09:74:bd:fe:f0:99:
65:cf:f1:6e:c8:99:9f:ba:5b:6d:fe:53:d9:e3:e4:f1:6d:24:
b3:d7:32:57:75:48:3e:0a:e3:36:51:b3:7b:1c:e2:0b:4b:87:
7b:f3:94:bb:06:24:2f:c7:b8:f5:48:8d:be:0e:85:41:71:80:
a5:89:a6:33:47:c6:7c:6b:8f:4e:5e:58:54:45:bb:a2:8a:be:
34:0d:ca:01:c6:8a:b0:b6:ed:49:2a:82:b7:13:f5:a5:4a:59:
de:b2:05:98:90:38:d6:68:e6:31:3a:2c:32:0d:59:55:24:ed:
ff:60:e9:83:c3:22:9d:9b:72:bd:f9:9e:a5:79:3c:b2:10:06:
13:8b:d5:6f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZDjVDP3dECgJNa2lEvE66HxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwNzI0MDYwMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDUxZTAxZDg3OWFmNWY2YmUxOTczNmU0YzA2NGJkYjg3MzNiZDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYSk87XmUqPcnzxpfWBs1x+q69F+
EU0/Go2CFpB6yM49ATNv46t3VPw8RkA+4i0tbD/Agy/ge+JxlHUH1S5KFdoVoz7m
NV+s+Ula/UpOUTR2WXN7oiWTdAfzo/4mqZ50hkLDqbsquBwZNCWyrsUYXCtmBnaZ
QnDfOBFmYtr8fD8Gg4gtqonhsXYmJCAT6LdFRyFsfAApJnkz5Wf9rEdGP+Q8jqFk
+EgaCcsub6nfVQ7FVOa3Xty36Md2sYC8o91T2jH9jNYDVXMHR+Ia6CdZa5x6LexP
gCqeZ2VyaNMtBE2DtE6aRRBwLYvF2DMCi5ws8WrseCwg4hGmRUYaD+5TtQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNRR4B2HmvX2vhlzbkwGS9uHM72bMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvMUZIZ0hZZWE5ZmEtR1hOdVRBWkwyNGN6dlpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABZKlED
BAJZKlADBABdcbQwDQYJKoZIhvcNAQELBQADggEBACPWsPMHxjull80uGdewcpSv
N5qzGf2fkajpiii1jkig5Hqcrx5pZRhux//p2MVRuF+xqu5pyUwWnREnDOc9o6TK
pu5EcnHS1p1JbZHgvUmgOfwD79T8yZqiik+YOAJfc6SJql48N0/uO0rmdF4MmPQq
i2IBnGtC0gl0vf7wmWXP8W7ImZ+6W23+U9nj5PFtJLPXMld1SD4K4zZRs3sc4gtL
h3vzlLsGJC/HuPVIjb4OhUFxgKWJpjNHxnxrj05eWFRFu6KKvjQNygHGirC27Ukq
grcT9aVKWd6yBZiQONZo5jE6LDINWVUk7f9g6YPDIp2bcr35nqV5PLIQBhOL1W8=
-----END CERTIFICATE-----
Generated at Thu Jul 25 07:42:31 2024 by rpki-client on console-ams.rpki-client.org