Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/48qPgYY0q1mpHvwpMHDNl6tb-hQ.roa
File: 48qPgYY0q1mpHvwpMHDNl6tb-hQ.roa (raw, json)
Hash identifier: dsiASsmNL5FXVjOz6RBriF+qJPIXnodg0395yyWiAIQ=
Subject key identifier: E3:CA:8F:81:86:34:AB:59:A9:1E:FC:29:30:70:CD:97:AB:5B:FA:14
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018D645A00A175E80CF1668B6338945010B0
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/48qPgYY0q1mpHvwpMHDNl6tb-hQ.roa
Signing time: Thu 01 Feb 2024 11:07:16 +0000
ROA not before: Thu 01 Feb 2024 11:07:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.46.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 18:48:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:64:5a:00:a1:75:e8:0c:f1:66:8b:63:38:94:50:10:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Feb 1 11:07:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3ca8f818634ab59a91efc293070cd97ab5bfa14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a3:b1:21:ef:32:74:3c:27:88:fa:e4:e8:ce:
29:0e:d3:78:21:33:ee:87:d3:42:13:cc:8a:e3:c0:
5f:55:2d:95:be:6b:c0:1e:4c:1e:2c:07:5c:31:a2:
d8:08:94:9d:fc:a1:e8:8c:29:6a:45:41:e8:e0:12:
23:5f:c4:cb:9a:67:c7:42:7f:65:f7:10:2a:d6:74:
40:55:ee:02:7a:90:72:03:e4:89:2a:ad:3b:4a:58:
68:c9:90:ff:ae:52:6f:f9:dc:75:8b:ba:20:88:2e:
89:f5:1c:e2:7c:e0:4b:54:95:a7:8b:e6:6f:ff:49:
db:51:fa:24:48:b6:56:9c:b6:2e:ea:35:3c:71:30:
c9:18:0b:83:cd:7e:5a:1d:31:9b:c7:44:7f:52:ef:
0d:8a:bc:41:77:50:93:8e:6d:f6:06:45:86:b0:2a:
0f:25:94:9e:aa:6d:8a:85:7b:0e:ab:b3:4c:61:46:
1b:a4:21:a4:08:05:5c:d2:c5:05:7e:0d:18:ae:db:
75:e6:58:15:b4:14:8c:3f:bb:35:22:af:36:aa:14:
40:fa:f5:14:29:b5:ef:ec:96:f7:e7:ad:b8:40:bd:
fd:ed:25:6c:44:12:6e:01:6f:8f:3f:73:28:23:3f:
fc:b1:a3:df:b9:be:d7:53:46:4f:27:ff:ac:47:e1:
d0:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:CA:8F:81:86:34:AB:59:A9:1E:FC:29:30:70:CD:97:AB:5B:FA:14
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/48qPgYY0q1mpHvwpMHDNl6tb-hQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
89.46.3.0/24
Signature Algorithm: sha256WithRSAEncryption
79:d4:a6:fc:b3:51:68:83:42:d8:b6:ad:2c:02:09:77:9f:32:
d6:c6:a0:ff:a8:e7:1d:a8:c1:fe:1d:5c:0a:8b:db:70:43:aa:
f6:9e:b7:76:25:41:b5:96:c5:59:fd:15:0a:e0:64:37:05:9c:
76:89:29:86:78:3c:6d:89:f9:0a:a5:28:dc:dd:83:9a:fa:12:
89:3f:13:1e:a2:8d:b0:8b:92:f7:9b:78:ae:8a:f1:d7:71:7e:
5d:2c:49:4e:cd:53:85:86:95:6d:44:80:e1:6c:c4:fb:7c:98:
ba:ae:63:d1:7d:f7:72:90:3d:16:48:15:f9:f2:b3:17:83:29:
58:82:14:0c:6b:c1:19:9c:df:14:52:f4:80:27:3a:02:09:68:
52:e5:80:20:55:6c:8c:28:9f:60:24:0f:21:b5:d0:ca:f0:5b:
13:43:cc:9c:94:e6:2f:e7:91:ad:62:5e:97:ea:db:8c:71:9f:
57:4e:48:ed:c4:b2:bd:13:21:2c:03:cd:55:c7:43:69:81:d1:
88:a6:3b:da:d1:dd:fa:29:91:62:d6:fa:8f:49:10:90:70:9b:
64:70:51:b3:4d:66:50:08:5a:26:1f:47:fa:bf:35:e8:e5:65:
20:61:ff:5a:ab:44:c9:47:f3:d7:f5:09:f7:88:39:4e:8b:a3:
36:2d:00:f6
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY1kWgChdegM8WaLYziUUBCwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMjAxMTEwNzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2NhOGY4MTg2MzRhYjU5YTkxZWZjMjkzMDcwY2Q5N2FiNWJmYTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKOxIe8ydDwniPrk6M4pDtN4ITPu
h9NCE8yK48BfVS2VvmvAHkweLAdcMaLYCJSd/KHojClqRUHo4BIjX8TLmmfHQn9l
9xAq1nRAVe4CepByA+SJKq07SlhoyZD/rlJv+dx1i7ogiC6J9RzifOBLVJWni+Zv
/0nbUfokSLZWnLYu6jU8cTDJGAuDzX5aHTGbx0R/Uu8NirxBd1CTjm32BkWGsCoP
JZSeqm2KhXsOq7NMYUYbpCGkCAVc0sUFfg0Yrtt15lgVtBSMP7s1Iq82qhRA+vUU
KbXv7Jb35624QL397SVsRBJuAW+PP3MoIz/8saPfub7XU0ZPJ/+sR+HQtwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOPKj4GGNKtZqR78KTBwzZerW/oUMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvNDhxUGdZWTBxMW1wSHZ3cE1IRE5sNnRiLWhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABZKlED
BAJZKlADBABZLgMwDQYJKoZIhvcNAQELBQADggEBAHnUpvyzUWiDQti2rSwCCXef
MtbGoP+o5x2owf4dXAqL23BDqvaet3YlQbWWxVn9FQrgZDcFnHaJKYZ4PG2J+Qql
KNzdg5r6Eok/Ex6ijbCLkvebeK6K8ddxfl0sSU7NU4WGlW1EgOFsxPt8mLquY9F9
93KQPRZIFfnysxeDKViCFAxrwRmc3xRS9IAnOgIJaFLlgCBVbIwon2AkDyG10Mrw
WxNDzJyU5i/nka1iXpfq24xxn1dOSO3Esr0TISwDzVXHQ2mB0YimO9rR3fopkWLW
+o9JEJBwm2RwUbNNZlAIWiYfR/q/NejlZSBh/1qrRMlH89f1CfeIOU6LozYtAPY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:18 2024 by rpki-client on console-fra.rpki-client.org