Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/2CFYOvBV9P1661sUPfzGMdh_RFA.roa
File: 2CFYOvBV9P1661sUPfzGMdh_RFA.roa (raw, json)
Hash identifier: W5XJ45wR0dfL2asBFOxB6Iy4drSuj3afZaZfaYwS/DY=
Subject key identifier: D8:21:58:3A:F0:55:F4:FD:7A:EB:5B:14:3D:FC:C6:31:D8:7F:44:50
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01898A954B0BBEA1B4EF277FCC2B980F5E55
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/2CFYOvBV9P1661sUPfzGMdh_RFA.roa
Signing time: Tue 25 Jul 2023 01:06:26 +0000
ROA not before: Tue 25 Jul 2023 01:06:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203511
IP address blocks: 89.42.92.0/24 maxlen: 24
89.33.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Aug 2023 05:33:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8a:95:4b:0b:be:a1:b4:ef:27:7f:cc:2b:98:0f:5e:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jul 25 01:06:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d821583af055f4fd7aeb5b143dfcc631d87f4450
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fa:63:e5:0d:f5:0f:34:53:5a:25:d6:ef:97:
b3:df:71:c2:e1:f7:d0:c6:4b:d2:65:3f:72:cb:3a:
91:93:b9:9b:d2:ba:74:d1:63:22:a5:8d:2c:fe:19:
16:ae:e3:eb:cd:b6:4a:7e:12:ca:d0:e3:83:4a:43:
77:0c:a1:da:01:a5:39:d3:f1:00:d6:69:5a:96:d0:
e2:34:0f:22:dc:13:b7:0c:cd:b0:93:9a:df:57:f4:
c1:1d:75:49:0c:8b:2b:d1:7c:6b:92:ef:f9:1d:a8:
85:3f:2e:0b:cc:ef:7b:49:f1:27:42:19:a6:1b:17:
9d:56:23:6b:3e:bf:61:a6:88:e3:43:de:0d:6d:b8:
96:39:e6:16:72:53:58:4b:9e:83:41:40:bc:4f:7b:
bb:cc:e3:27:a4:26:f7:49:e1:f0:82:7f:90:82:55:
60:0d:13:f0:61:2d:c9:1b:dd:2f:67:26:76:c5:7e:
8b:66:dd:60:bd:c8:c5:04:e3:1f:8a:c7:cc:2a:af:
e0:c2:1a:61:f1:e0:28:0d:48:a9:90:c5:00:5a:24:
47:28:95:12:3d:9c:99:7a:c8:5c:e5:b0:99:ee:2c:
6d:c8:ae:7f:7a:01:a1:a9:7c:37:9c:ae:8e:e2:60:
b9:17:5e:26:18:f9:9b:b6:c5:dd:68:eb:0d:0b:9d:
9e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:21:58:3A:F0:55:F4:FD:7A:EB:5B:14:3D:FC:C6:31:D8:7F:44:50
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/2CFYOvBV9P1661sUPfzGMdh_RFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.192.0/24
89.42.92.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:80:aa:5c:61:f8:2d:5f:01:c2:3f:af:f2:70:4c:56:10:c4:
f2:12:b1:9e:ce:05:b9:18:08:8f:14:be:65:04:81:58:55:59:
42:ea:a3:29:e4:dc:00:71:03:25:ac:ee:dd:58:34:6d:d8:3c:
1b:6d:bd:e9:88:03:3a:49:0d:d1:07:a8:cd:22:f6:27:bf:6a:
d6:c4:76:ae:78:4e:22:10:eb:55:6f:82:aa:79:fa:90:29:b6:
ef:3a:fb:a1:08:2a:1f:9a:0f:23:32:de:69:97:eb:65:39:0f:
1e:c7:c4:d7:29:d5:de:5a:a9:4c:1d:b4:6f:08:fe:81:13:96:
b2:7e:bd:75:b7:5c:cf:45:3f:e3:26:bd:03:aa:6a:7f:25:34:
c3:3b:ff:8e:14:a6:2a:e7:4b:9e:eb:f8:03:f8:9b:ab:6a:e1:
3b:2d:a1:42:c6:3f:2d:3a:7d:66:da:99:87:0a:d5:39:f5:40:
95:b9:7d:ad:92:d4:ed:ec:47:98:5f:f2:68:dd:54:8d:57:dc:
9a:86:93:2f:70:a3:88:2f:b1:25:26:56:5f:cf:7b:4e:a3:5e:
05:20:37:8f:81:d5:cd:7b:a6:63:c4:46:ba:a2:c5:3b:38:cb:
dd:38:a3:ab:4b:48:68:1f:c7:28:4d:ee:fa:27:8e:cb:c3:75:
1a:79:1b:dd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYmKlUsLvqG07yd/zCuYD15VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwNzI1MDEwNjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODIxNTgzYWYwNTVmNGZkN2FlYjViMTQzZGZjYzYzMWQ4N2Y0NDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/pj5Q31DzRTWiXW75ez33HC4ffQ
xkvSZT9yyzqRk7mb0rp00WMipY0s/hkWruPrzbZKfhLK0OODSkN3DKHaAaU50/EA
1mlaltDiNA8i3BO3DM2wk5rfV/TBHXVJDIsr0Xxrku/5HaiFPy4LzO97SfEnQhmm
GxedViNrPr9hpojjQ94NbbiWOeYWclNYS56DQUC8T3u7zOMnpCb3SeHwgn+QglVg
DRPwYS3JG90vZyZ2xX6LZt1gvcjFBOMfisfMKq/gwhph8eAoDUipkMUAWiRHKJUS
PZyZeshc5bCZ7ixtyK5/egGhqXw3nK6O4mC5F14mGPmbtsXdaOsNC52eewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNghWDrwVfT9eutbFD38xjHYf0RQMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvMkNGWU92QlY5UDE2NjFzVVBmekdNZGhfUkZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSHAAwQA
WSpcMA0GCSqGSIb3DQEBCwUAA4IBAQBLgKpcYfgtXwHCP6/ycExWEMTyErGezgW5
GAiPFL5lBIFYVVlC6qMp5NwAcQMlrO7dWDRt2Dwbbb3piAM6SQ3RB6jNIvYnv2rW
xHaueE4iEOtVb4KqefqQKbbvOvuhCCofmg8jMt5pl+tlOQ8ex8TXKdXeWqlMHbRv
CP6BE5ayfr11t1zPRT/jJr0Dqmp/JTTDO/+OFKYq50ue6/gD+JurauE7LaFCxj8t
On1m2pmHCtU59UCVuX2tktTt7EeYX/Jo3VSNV9yahpMvcKOIL7ElJlZfz3tOo14F
IDePgdXNe6ZjxEa6osU7OMvdOKOrS0hoH8coTe76J47Lw3UaeRvd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:49 2024 by rpki-client on console-ams.rpki-client.org