Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1Paw9NtOGjg271edS5q7sbSq234.roa
File: 1Paw9NtOGjg271edS5q7sbSq234.roa (raw, json)
Hash identifier: wnciBclXfGeYtZmunNEccLiSbVLZVQY+fQiFBlp0pWw=
Subject key identifier: D4:F6:B0:F4:DB:4E:1A:38:36:EF:57:9D:4B:9A:BB:B1:B4:AA:DB:7E
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01924BB1FD80C221EA7C1D1C86EFBD7F63E1
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1Paw9NtOGjg271edS5q7sbSq234.roa
Signing time: Wed 02 Oct 2024 05:26:48 +0000
ROA not before: Wed 02 Oct 2024 05:26:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
93.114.90.0/24 maxlen: 24
93.114.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Oct 2024 07:31:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4b:b1:fd:80:c2:21:ea:7c:1d:1c:86:ef:bd:7f:63:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 2 05:26:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4f6b0f4db4e1a3836ef579d4b9abbb1b4aadb7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:8f:2f:a9:e3:9f:76:8a:eb:85:c7:d4:81:0f:
fc:79:bb:ab:8c:8e:32:9d:90:26:f2:5b:25:7a:25:
27:dd:e9:fb:92:e9:a6:22:ab:92:d8:0e:5f:12:bf:
0d:38:41:18:e9:ec:9f:52:3f:e7:3a:41:0c:d4:43:
ff:9f:b6:c3:7d:3d:1d:81:18:8b:35:a4:35:87:d3:
93:82:0e:e4:80:ac:52:96:80:0b:fd:c3:2f:15:ea:
ae:48:46:6c:92:1a:33:32:56:b9:95:ba:a4:82:68:
0d:04:a4:55:92:7e:87:f9:ae:37:4a:79:49:88:5a:
40:1e:a5:92:59:f3:8d:c1:8f:21:d1:be:4e:88:04:
db:5c:44:bf:d3:9d:72:42:6b:f3:1d:f6:e3:fc:00:
b0:60:4e:2a:5a:74:bf:16:13:78:0f:55:dd:63:28:
9a:4f:86:45:fa:36:df:f2:e5:75:b4:74:09:2b:b0:
e3:c4:da:ce:9a:b8:bf:d5:44:6a:f3:ce:3d:83:ee:
ec:16:46:c5:69:d5:8b:e6:f7:13:41:cf:7c:42:4d:
eb:6a:ea:40:8d:2d:24:09:33:36:02:f1:97:79:16:
db:ef:19:20:c5:c5:08:9b:a9:50:73:e5:89:c1:17:
ee:c9:34:1b:98:28:6c:5c:db:6f:99:a2:62:82:31:
8e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:F6:B0:F4:DB:4E:1A:38:36:EF:57:9D:4B:9A:BB:B1:B4:AA:DB:7E
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1Paw9NtOGjg271edS5q7sbSq234.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
93.114.90.0/23
Signature Algorithm: sha256WithRSAEncryption
70:21:46:db:84:e6:72:80:61:63:41:b9:a4:b7:ea:62:02:96:
ce:6b:ec:7d:3f:ae:5a:03:de:fc:82:c8:11:0b:53:a9:f8:81:
4d:98:af:99:a1:98:35:3e:2f:b5:bf:bc:69:a1:0f:5f:9b:ab:
13:9a:41:8b:9f:d9:23:37:77:54:0d:f5:9b:7a:7d:d7:76:fd:
b3:d5:61:b2:44:ad:3d:b3:91:60:a3:db:fd:e4:98:3e:ab:c9:
91:4e:34:dd:b9:31:a4:9d:0e:ca:60:3c:6b:ec:58:fe:32:1f:
e9:97:24:e2:f6:0b:b3:22:b4:7a:6a:d7:f6:b9:31:c1:be:4e:
39:3c:8a:b5:ee:9e:78:64:68:85:72:79:43:4e:88:14:b7:2e:
16:c9:94:1b:f3:36:81:9e:11:28:c7:d4:c0:68:d3:e8:92:49:
8c:80:40:b1:f7:48:37:47:0e:dc:c4:8d:56:ff:b2:a0:50:be:
8b:cb:68:47:84:04:4b:88:fa:f6:83:27:24:ce:e0:6e:f1:42:
40:93:22:ee:05:12:38:4c:3f:24:69:5d:50:17:0b:06:60:c3:
ba:94:07:11:89:a8:0a:28:cd:f6:a9:77:ee:aa:b7:c9:f1:f3:
6e:98:92:09:2d:3e:e0:4f:8c:30:18:77:94:86:17:05:45:b7:
09:0f:65:44
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZJLsf2AwiHqfB0chu+9f2PhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQxMDAyMDUyNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGY2YjBmNGRiNGUxYTM4MzZlZjU3OWQ0YjlhYmJiMWI0YWFkYjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoY8vqeOfdorrhcfUgQ/8eburjI4y
nZAm8lsleiUn3en7kummIquS2A5fEr8NOEEY6eyfUj/nOkEM1EP/n7bDfT0dgRiL
NaQ1h9OTgg7kgKxSloAL/cMvFequSEZskhozMla5lbqkgmgNBKRVkn6H+a43SnlJ
iFpAHqWSWfONwY8h0b5OiATbXES/051yQmvzHfbj/ACwYE4qWnS/FhN4D1XdYyia
T4ZF+jbf8uV1tHQJK7DjxNrOmri/1URq8849g+7sFkbFadWL5vcTQc98Qk3raupA
jS0kCTM2AvGXeRbb7xkgxcUIm6lQc+WJwRfuyTQbmChsXNtvmaJigjGOUwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNT2sPTbTho4Nu9XnUuau7G0qtt+MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvMVBhdzlOdE9HamcyNzFlZFM1cTdzYlNxMjM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABZKlED
BAJZKlADBAFdclowDQYJKoZIhvcNAQELBQADggEBAHAhRtuE5nKAYWNBuaS36mIC
ls5r7H0/rloD3vyCyBELU6n4gU2Yr5mhmDU+L7W/vGmhD1+bqxOaQYuf2SM3d1QN
9Zt6fdd2/bPVYbJErT2zkWCj2/3kmD6ryZFONN25MaSdDspgPGvsWP4yH+mXJOL2
C7MitHpq1/a5McG+Tjk8irXunnhkaIVyeUNOiBS3LhbJlBvzNoGeESjH1MBo0+iS
SYyAQLH3SDdHDtzEjVb/sqBQvovLaEeEBEuI+vaDJyTO4G7xQkCTIu4FEjhMPyRp
XVAXCwZgw7qUBxGJqAoozfapd+6qt8nx826YkgktPuBPjDAYd5SGFwVFtwkPZUQ=
-----END CERTIFICATE-----
Generated at Fri Oct 4 10:11:12 2024 by rpki-client on console-fra.rpki-client.org