Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1rcq5yfY1GN3sQB0JNzp6DGKM24.roa
File: 1rcq5yfY1GN3sQB0JNzp6DGKM24.roa (raw, json)
Hash identifier: r3a1vO0yhepaoQdWZMVNizQ1VldOqi2zW4igJ35VTeI=
Subject key identifier: D6:B7:2A:E7:27:D8:D4:63:77:B1:00:74:24:DC:E9:E8:31:8A:33:6E
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01856ECB7C8AEA4EF39428EEDDA07F9A4EC5
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1rcq5yfY1GN3sQB0JNzp6DGKM24.roa
Signing time: Sun 01 Jan 2023 19:25:07 +0000
ROA not before: Sun 01 Jan 2023 19:25:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60604
IP address blocks: 89.35.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:7c:8a:ea:4e:f3:94:28:ee:dd:a0:7f:9a:4e:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 19:25:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6b72ae727d8d46377b1007424dce9e8318a336e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ab:70:f1:87:63:91:09:f6:91:c1:73:b3:79:
aa:0c:48:f3:65:96:7b:4c:2e:9b:48:8b:e7:f5:c7:
bd:7c:4d:e9:5d:97:eb:53:b9:76:78:a4:01:2b:24:
1c:0d:23:25:5d:d0:25:ea:77:6a:ea:bb:11:d4:ec:
10:2a:e3:53:1a:31:16:47:8f:38:d1:55:b7:02:0f:
33:e4:58:82:26:63:2d:b4:ae:80:fa:0d:2e:03:94:
e9:32:45:b9:0e:ed:7f:40:e6:b9:37:36:f4:b3:c9:
94:dc:90:bd:18:4d:35:9f:7b:c7:0a:06:7f:88:9a:
0b:0e:18:57:f1:77:03:0f:c8:ff:c5:9f:77:b8:96:
9c:93:b0:17:f7:76:70:39:71:3b:20:5b:4c:fe:6e:
b0:57:19:ae:bb:5a:ee:84:95:6e:e4:2d:05:3f:47:
48:21:63:4d:5e:aa:c9:5b:30:82:a3:88:c3:6f:b7:
1e:6e:fe:17:9e:b8:ab:00:d6:a5:d4:e4:ab:81:e3:
78:c0:a2:6b:f1:87:c8:b6:e6:6d:39:ca:dd:32:f2:
8c:9b:21:be:1b:16:03:98:57:ca:40:ee:0a:38:8b:
61:29:f8:96:67:d3:49:14:d5:c7:b1:82:c7:5e:51:
3f:8a:0f:ec:6d:f9:6c:49:c0:9b:ea:dc:45:18:8a:
df:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:B7:2A:E7:27:D8:D4:63:77:B1:00:74:24:DC:E9:E8:31:8A:33:6E
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1rcq5yfY1GN3sQB0JNzp6DGKM24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.158.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:66:e4:c7:ed:a1:b1:bf:ec:43:68:cd:cf:e0:e7:ae:dd:35:
e3:8d:24:79:75:9d:c1:cc:84:74:a9:e6:64:04:0e:05:70:cb:
6e:3d:7c:53:53:89:f8:68:b1:84:cc:25:ff:03:c7:a7:e7:56:
c9:4f:36:ac:01:a8:78:0e:54:fe:46:7f:c2:1c:34:48:4a:5e:
38:cd:57:e0:28:2a:81:a0:ab:b3:5a:cc:06:d6:e8:fb:09:46:
d2:bf:88:df:2c:13:fc:e3:2d:e5:e2:a9:3c:c7:52:d8:93:83:
f1:45:0d:0e:ef:8c:11:b1:99:17:23:21:0f:7c:ff:d6:ec:c4:
c2:b8:e1:f3:04:06:e1:b7:50:df:d1:e0:ec:bb:b3:fb:1b:f2:
97:e3:4f:be:87:81:4b:94:f6:20:24:6c:86:0f:2b:26:05:26:
20:b2:fc:02:04:a1:f3:0d:6f:2c:e2:c4:49:13:39:91:a4:d7:
be:0d:ef:c2:3a:52:a2:a7:d9:c2:8b:d0:b7:66:c2:0c:03:90:
ab:9d:b4:b7:e9:43:8e:ad:90:45:c1:3c:17:be:19:22:6f:f8:
03:e9:01:d4:d4:2d:32:76:c1:34:04:0f:8a:9e:4a:30:80:3c:
96:97:d4:51:87:38:06:73:8b:fa:e4:86:89:8a:f1:ee:a8:7c:
88:c2:e8:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuy3yK6k7zlCju3aB/mk7FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwMTAxMTkyNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmI3MmFlNzI3ZDhkNDYzNzdiMTAwNzQyNGRjZTllODMxOGEzMzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqtw8YdjkQn2kcFzs3mqDEjzZZZ7
TC6bSIvn9ce9fE3pXZfrU7l2eKQBKyQcDSMlXdAl6ndq6rsR1OwQKuNTGjEWR484
0VW3Ag8z5FiCJmMttK6A+g0uA5TpMkW5Du1/QOa5Nzb0s8mU3JC9GE01n3vHCgZ/
iJoLDhhX8XcDD8j/xZ93uJack7AX93ZwOXE7IFtM/m6wVxmuu1ruhJVu5C0FP0dI
IWNNXqrJWzCCo4jDb7cebv4XnrirANal1OSrgeN4wKJr8YfItuZtOcrdMvKMmyG+
GxYDmFfKQO4KOIthKfiWZ9NJFNXHsYLHXlE/ig/sbflsScCb6txFGIrfJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNa3Kucn2NRjd7EAdCTc6egxijNuMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvMXJjcTV5ZlkxR04zc1FCMEpOenA2REdLTTI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSOeMA0G
CSqGSIb3DQEBCwUAA4IBAQBfZuTH7aGxv+xDaM3P4Oeu3TXjjSR5dZ3BzIR0qeZk
BA4FcMtuPXxTU4n4aLGEzCX/A8en51bJTzasAah4DlT+Rn/CHDRISl44zVfgKCqB
oKuzWswG1uj7CUbSv4jfLBP84y3l4qk8x1LYk4PxRQ0O74wRsZkXIyEPfP/W7MTC
uOHzBAbht1Df0eDsu7P7G/KX40++h4FLlPYgJGyGDysmBSYgsvwCBKHzDW8s4sRJ
EzmRpNe+De/COlKip9nCi9C3ZsIMA5CrnbS36UOOrZBFwTwXvhkib/gD6QHU1C0y
dsE0BA+KnkowgDyWl9RRhzgGc4v65IaJivHuqHyIwui6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:18 2024 by rpki-client on console-fra.rpki-client.org