Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/4UJrEwmuyM-tgdVKW9NKHVor0Do.roa
File: 4UJrEwmuyM-tgdVKW9NKHVor0Do.roa (raw, json)
Hash identifier: VEsNXibzGuczetFzcpvYkliu6LhcPgSLVNTCsYtmPJA=
Subject key identifier: E1:42:6B:13:09:AE:C8:CF:AD:81:D5:4A:5B:D3:4A:1D:5A:2B:D0:3A
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 0189FF567A0BF545876F7D6E2227675354A6
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/4UJrEwmuyM-tgdVKW9NKHVor0Do.roa
Signing time: Wed 16 Aug 2023 17:13:24 +0000
ROA not before: Wed 16 Aug 2023 17:13:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.42.83.0/24 maxlen: 24
89.42.80.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 17 Aug 2023 06:08:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ff:56:7a:0b:f5:45:87:6f:7d:6e:22:27:67:53:54:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Aug 16 17:13:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1426b1309aec8cfad81d54a5bd34a1d5a2bd03a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a1:87:aa:f2:be:34:9f:67:52:c1:4e:97:4e:
fd:43:0e:2f:28:ff:4e:0c:4b:2f:e3:24:ee:4b:7c:
6e:ba:46:11:d1:65:c6:5a:0c:10:9b:23:2d:de:fb:
a4:51:ce:db:73:ae:f5:3d:26:7c:2a:81:ea:ac:ed:
29:65:a4:92:d7:af:70:37:33:7a:e9:e0:33:3d:79:
de:a3:43:89:51:b9:aa:cf:c9:e9:f6:fd:39:5e:f6:
9b:79:c4:2b:66:0c:da:5c:3b:66:d5:e0:b9:d0:56:
da:bf:f7:78:41:7c:84:49:2f:07:ca:99:14:30:d4:
50:d0:c3:5e:44:39:f7:d6:e2:07:1f:0e:44:ec:a2:
d3:3a:86:11:53:28:57:41:5b:c7:c9:6d:53:93:f3:
c3:07:1c:3a:bb:38:e7:e6:a4:42:c0:80:3c:96:4b:
7b:c7:68:86:68:7b:45:8b:a8:a8:0f:69:ab:98:11:
d8:3f:71:f5:5c:d8:d3:9d:2f:81:42:63:c8:71:bf:
e4:b6:ca:ea:15:e4:f3:f7:0f:c5:3f:e7:e6:75:4e:
6a:6c:76:ef:4a:52:d7:d6:37:c7:0f:6b:0a:fb:91:
e2:70:28:47:d5:9f:c3:69:bc:c4:7f:c6:32:84:ec:
50:3d:35:9f:ef:89:5a:63:8f:d9:e3:9d:3d:5a:30:
dc:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:42:6B:13:09:AE:C8:CF:AD:81:D5:4A:5B:D3:4A:1D:5A:2B:D0:3A
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/4UJrEwmuyM-tgdVKW9NKHVor0Do.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.80.0/22
Signature Algorithm: sha256WithRSAEncryption
42:4c:77:45:d1:33:5e:c8:11:f4:a0:64:be:70:b9:49:4f:ec:
75:ad:66:f2:58:4b:3f:df:98:8d:39:d9:62:71:12:ca:9e:95:
a1:a7:16:13:87:4c:75:97:e4:b3:b9:e8:8f:52:49:f3:44:69:
b4:a0:70:7b:94:91:c3:25:a9:10:d2:39:48:7b:7e:9d:d5:4e:
fb:40:99:74:a6:dd:78:05:fa:96:47:b1:59:9c:00:c7:db:af:
f6:26:d5:9d:ba:df:82:32:de:97:32:83:3a:dc:63:b4:7e:68:
28:a5:4a:77:ec:bb:a0:b8:ed:a4:6c:67:a1:de:a2:d2:0b:34:
ff:ae:d3:f1:64:3c:82:f0:0f:25:64:9a:de:37:16:6d:64:9a:
9e:53:61:86:a3:e1:17:5e:d1:af:2f:a7:49:f2:bf:a1:3e:ee:
d5:43:ac:e7:18:e3:58:eb:d4:4f:9d:f1:ac:c3:9f:f5:01:1a:
d7:9b:15:03:94:be:a7:2d:0a:f5:0a:5d:95:2c:77:01:06:b2:
db:77:ea:46:45:3a:41:bc:2f:03:8a:ba:a0:4d:a5:d2:6f:c0:
08:04:2c:5c:1a:e3:6c:f2:f5:3d:1c:b1:58:90:38:0f:38:ba:
a9:b6:12:6f:2a:58:ee:a9:3d:74:fe:86:bf:bb:1c:a9:3e:e1:
9a:e2:a4:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYn/VnoL9UWHb31uIidnU1SmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwODE2MTcxMzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTQyNmIxMzA5YWVjOGNmYWQ4MWQ1NGE1YmQzNGExZDVhMmJkMDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKGHqvK+NJ9nUsFOl079Qw4vKP9O
DEsv4yTuS3xuukYR0WXGWgwQmyMt3vukUc7bc671PSZ8KoHqrO0pZaSS169wNzN6
6eAzPXneo0OJUbmqz8np9v05XvabecQrZgzaXDtm1eC50Fbav/d4QXyESS8HypkU
MNRQ0MNeRDn31uIHHw5E7KLTOoYRUyhXQVvHyW1Tk/PDBxw6uzjn5qRCwIA8lkt7
x2iGaHtFi6ioD2mrmBHYP3H1XNjTnS+BQmPIcb/ktsrqFeTz9w/FP+fmdU5qbHbv
SlLX1jfHD2sK+5HicChH1Z/DabzEf8YyhOxQPTWf74laY4/Z4509WjDcDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOFCaxMJrsjPrYHVSlvTSh1aK9A6MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvNFVKckV3bXV5TS10Z2RWS1c5TktIVm9yMERvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWSpQMA0G
CSqGSIb3DQEBCwUAA4IBAQBCTHdF0TNeyBH0oGS+cLlJT+x1rWbyWEs/35iNOdli
cRLKnpWhpxYTh0x1l+SzueiPUknzRGm0oHB7lJHDJakQ0jlIe36d1U77QJl0pt14
BfqWR7FZnADH26/2JtWdut+CMt6XMoM63GO0fmgopUp37LuguO2kbGeh3qLSCzT/
rtPxZDyC8A8lZJreNxZtZJqeU2GGo+EXXtGvL6dJ8r+hPu7VQ6znGONY69RPnfGs
w5/1ARrXmxUDlL6nLQr1Cl2VLHcBBrLbd+pGRTpBvC8DirqgTaXSb8AIBCxcGuNs
8vU9HLFYkDgPOLqpthJvKljuqT10/oa/uxypPuGa4qRb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:49 2024 by rpki-client on console-ams.rpki-client.org