Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1kJ2u4qb8DYoEb0KG4q7fWvxHQw.roa
File: 1kJ2u4qb8DYoEb0KG4q7fWvxHQw.roa (raw, json)
Hash identifier: dBur/mVPAgoNi3axGYitPsn4x9UJwI8FKyIKy1YyZJg=
Subject key identifier: D6:42:76:BB:8A:9B:F0:36:28:11:BD:0A:1B:8A:BB:7D:6B:F1:1D:0C
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018B41AF435E6BEF15AE3FA66DD7E11FA1C0
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1kJ2u4qb8DYoEb0KG4q7fWvxHQw.roa
Signing time: Wed 18 Oct 2023 07:28:06 +0000
ROA not before: Wed 18 Oct 2023 07:28:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.82.0/23 maxlen: 23
89.42.84.0/24 maxlen: 24
89.42.80.0/23 maxlen: 23
89.46.0.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:41:af:43:5e:6b:ef:15:ae:3f:a6:6d:d7:e1:1f:a1:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 18 07:28:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d64276bb8a9bf0362811bd0a1b8abb7d6bf11d0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:35:c6:d9:58:ad:ec:b4:7c:21:b1:d9:60:5c:
4a:bb:ab:b8:81:f8:fd:fc:ca:2c:96:90:f5:97:5e:
cc:ab:60:eb:ae:81:f1:9e:18:3a:00:30:58:f1:b9:
ab:84:5a:cb:57:11:ce:63:c6:7a:4f:3c:29:d8:7f:
51:3f:ce:0b:c2:55:c4:c2:6c:03:05:33:d8:60:2c:
63:f4:3b:d1:ab:ca:81:f1:16:f8:83:1c:e4:ee:08:
64:9d:8f:33:69:b4:d2:89:ab:47:5c:ad:d2:1c:b9:
0b:a1:b1:f5:9a:0d:70:ac:3d:5c:56:e1:d8:78:c6:
64:97:b1:49:a4:4d:5f:2e:83:65:7e:0b:35:20:7a:
1f:cd:9e:57:7a:06:c3:72:66:75:4d:d9:60:43:2d:
51:31:d0:24:02:b7:01:b7:0a:95:b3:58:bb:22:1e:
95:84:6c:a7:a0:cc:e2:53:91:61:92:cb:24:59:89:
11:d2:2d:df:d8:55:8c:b2:9c:62:f9:8b:6a:04:67:
09:40:88:9f:b5:e5:f2:ef:80:7d:24:81:be:16:79:
fb:62:cd:83:80:04:69:2a:69:4d:6b:9a:bb:a9:35:
b2:c3:01:f4:a4:e1:3d:59:61:5d:54:b8:33:1e:d1:
f8:fc:f7:2c:be:a0:1d:d7:7f:02:5e:c5:78:ed:1b:
d8:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:42:76:BB:8A:9B:F0:36:28:11:BD:0A:1B:8A:BB:7D:6B:F1:1D:0C
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1kJ2u4qb8DYoEb0KG4q7fWvxHQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.80.0-89.42.84.255
89.46.0.0/24
Signature Algorithm: sha256WithRSAEncryption
15:2a:29:74:fc:5a:c4:2d:2f:21:02:17:76:a9:7b:9f:af:24:
4e:94:82:07:6d:b7:38:4e:d2:a5:42:8f:74:66:fe:d9:dd:4d:
ac:0b:0a:1d:2a:8a:e0:0d:1a:60:33:a0:83:73:58:d4:3f:bb:
14:2f:6f:5d:ab:73:08:60:ca:9e:09:a6:ca:f8:db:9d:da:34:
ca:c2:4e:cd:f1:d0:7a:9b:4f:7a:8a:bb:68:12:ae:8f:d7:30:
85:59:c6:c5:e6:d4:9f:2e:70:42:cf:de:41:07:bd:78:bc:51:
42:ac:7c:cb:6f:e2:a6:26:12:dc:49:89:73:da:19:13:e6:15:
12:e8:8a:12:e0:ea:60:d8:4f:97:bd:10:84:b1:ae:c7:2f:a5:
c7:8c:ca:dc:b8:27:6b:64:17:17:88:42:da:b6:a0:52:65:f7:
0d:af:a6:2a:63:56:5a:f3:b7:bf:14:9d:52:91:c8:e7:6e:7e:
28:c3:b7:c0:af:a0:f9:d2:62:84:2a:34:b2:ee:87:e4:f7:2a:
3f:5b:71:fe:4b:6a:58:80:13:6e:76:61:1e:c8:a5:9a:3e:dc:
c9:da:ac:13:9c:6e:03:8f:98:8e:11:4c:4e:b5:c3:7d:bf:d2:
29:3a:02:e5:4a:cd:29:77:7f:4e:db:d2:07:8c:57:3b:33:5a:
85:43:cb:c0
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYtBr0Nea+8Vrj+mbdfhH6HAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMDE4MDcyODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjQyNzZiYjhhOWJmMDM2MjgxMWJkMGExYjhhYmI3ZDZiZjExZDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzXG2Vit7LR8IbHZYFxKu6u4gfj9
/MoslpD1l17Mq2DrroHxnhg6ADBY8bmrhFrLVxHOY8Z6Tzwp2H9RP84LwlXEwmwD
BTPYYCxj9DvRq8qB8Rb4gxzk7ghknY8zabTSiatHXK3SHLkLobH1mg1wrD1cVuHY
eMZkl7FJpE1fLoNlfgs1IHofzZ5XegbDcmZ1TdlgQy1RMdAkArcBtwqVs1i7Ih6V
hGynoMziU5FhksskWYkR0i3f2FWMspxi+YtqBGcJQIifteXy74B9JIG+Fnn7Ys2D
gARpKmlNa5q7qTWywwH0pOE9WWFdVLgzHtH4/PcsvqAd138CXsV47RvYmwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNZCdruKm/A2KBG9ChuKu31r8R0MMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvMWtKMnU0cWI4RFlvRWIwS0c0cTdmV3Z4SFF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBARZKlAD
BABZKlQDBABZLgAwDQYJKoZIhvcNAQELBQADggEBABUqKXT8WsQtLyECF3ape5+v
JE6UggdttzhO0qVCj3Rm/tndTawLCh0qiuANGmAzoINzWNQ/uxQvb12rcwhgyp4J
psr4253aNMrCTs3x0HqbT3qKu2gSro/XMIVZxsXm1J8ucELP3kEHvXi8UUKsfMtv
4qYmEtxJiXPaGRPmFRLoihLg6mDYT5e9EISxrscvpceMyty4J2tkFxeIQtq2oFJl
9w2vpipjVlrzt78UnVKRyOdufijDt8CvoPnSYoQqNLLuh+T3Kj9bcf5LaliAE252
YR7IpZo+3MnarBOcbgOPmI4RTE61w32/0ik6AuVKzSl3f07b0geMVzszWoVDy8A=
-----END CERTIFICATE-----
Generated at Thu Oct 19 08:05:49 2023 by rpki-client on console-ams.rpki-client.org