Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/5_XoETR4u3ZbK8hLs3JMLzMV05o.roa
File: 5_XoETR4u3ZbK8hLs3JMLzMV05o.roa (raw, json)
Hash identifier: ALtzcG+CSgZUaOdzmCskl+g3lSdZyH3rLTP/zq2jA3o=
Subject key identifier: E7:F5:E8:11:34:78:BB:76:5B:2B:C8:4B:B3:72:4C:2F:33:15:D3:9A
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018965DDF3623C330D4C8ECCF8054D44CA7D
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/5_XoETR4u3ZbK8hLs3JMLzMV05o.roa
Signing time: Mon 17 Jul 2023 21:59:51 +0000
ROA not before: Mon 17 Jul 2023 21:59:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 89.42.84.0/24 maxlen: 24
89.42.85.0/24 maxlen: 24
89.42.87.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:65:dd:f3:62:3c:33:0d:4c:8e:cc:f8:05:4d:44:ca:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jul 17 21:59:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7f5e8113478bb765b2bc84bb3724c2f3315d39a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:3d:16:86:f7:ef:a7:f3:fe:63:b3:01:a5:f4:
1e:c6:ca:e5:0b:26:a4:9c:5a:69:23:af:39:05:95:
da:ad:66:db:9a:56:05:c0:86:fd:1b:a7:7a:95:a6:
de:ea:af:7d:e2:81:1f:cb:1f:4a:1d:e2:83:c8:63:
79:93:37:d5:92:f0:b8:9c:95:e4:af:50:96:16:1e:
ff:25:65:fc:23:87:cb:a0:72:bc:a3:77:04:82:de:
a5:c4:f3:bf:74:aa:c7:58:80:75:e3:26:76:df:5a:
14:4f:c8:b2:29:fd:2b:79:d4:5a:40:0d:c1:3f:35:
76:ee:41:12:73:db:ec:b9:83:dc:c9:85:1e:19:e4:
ed:7c:c9:2d:88:07:c9:bb:d8:1c:04:28:bd:b5:af:
43:a2:50:23:9f:f4:10:37:84:be:0d:c9:8e:7f:40:
e6:af:b3:fd:72:d0:cf:a1:16:ce:81:d5:63:54:0a:
f5:15:76:db:d7:61:ab:e9:51:1b:ad:b3:e3:fc:20:
f8:a8:ac:9e:ca:dc:54:71:e0:b8:25:f8:98:69:32:
de:cf:d6:e4:d4:91:59:dc:bd:76:f3:2c:c3:d5:36:
9c:1b:7b:d2:62:76:85:43:eb:f0:ad:df:7f:d3:57:
d8:96:da:eb:d1:3b:60:42:48:df:2b:73:d9:85:7c:
b7:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:F5:E8:11:34:78:BB:76:5B:2B:C8:4B:B3:72:4C:2F:33:15:D3:9A
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/5_XoETR4u3ZbK8hLs3JMLzMV05o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.84.0/23
89.42.87.0/24
Signature Algorithm: sha256WithRSAEncryption
84:6e:8a:96:c1:b7:c1:09:80:f9:40:73:4c:de:c5:98:e2:35:
e9:d8:b3:38:1f:30:11:d7:62:1b:38:d0:58:33:73:c1:c9:b9:
16:ad:16:10:a6:77:44:93:53:52:fb:c0:21:0a:96:7c:8b:9c:
6c:d2:fb:dc:b1:1d:3c:40:97:42:28:df:e0:f5:b2:c9:f1:ac:
14:51:68:8b:65:cb:3a:6d:1e:28:c6:bc:e4:87:ca:9a:5a:41:
fa:72:a1:1e:17:8c:4f:55:20:a8:a2:50:93:2d:f2:01:76:26:
23:41:6b:90:cf:47:dd:09:e2:29:54:9f:7e:ef:6e:10:95:91:
91:98:18:10:dd:74:77:fc:8e:e9:f4:6c:ec:f2:f9:d2:9c:83:
a1:f2:e3:b2:34:b5:8a:c1:d6:66:cd:49:5a:fd:d8:9c:0c:5c:
d6:9b:55:8e:67:66:55:70:d5:c5:0f:8c:16:ca:fd:50:d0:6b:
14:3b:11:2c:3a:60:8f:d0:7f:24:f4:9a:71:32:5d:4f:74:35:
23:dc:16:d5:77:09:ba:0c:4e:92:65:f6:dd:81:5d:9c:6f:a1:
ab:76:5a:0d:aa:fc:1e:18:01:d5:94:e3:b4:6f:b8:3d:aa:06:
2c:cc:7b:b4:fc:da:7a:94:96:e5:17:3c:fb:88:08:51:65:f8:
52:a3:06:34
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYll3fNiPDMNTI7M+AVNRMp9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwNzE3MjE1OTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2Y1ZTgxMTM0NzhiYjc2NWIyYmM4NGJiMzcyNGMyZjMzMTVkMzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlz0Whvfvp/P+Y7MBpfQexsrlCyak
nFppI685BZXarWbbmlYFwIb9G6d6labe6q994oEfyx9KHeKDyGN5kzfVkvC4nJXk
r1CWFh7/JWX8I4fLoHK8o3cEgt6lxPO/dKrHWIB14yZ231oUT8iyKf0redRaQA3B
PzV27kESc9vsuYPcyYUeGeTtfMktiAfJu9gcBCi9ta9DolAjn/QQN4S+DcmOf0Dm
r7P9ctDPoRbOgdVjVAr1FXbb12Gr6VEbrbPj/CD4qKyeytxUceC4JfiYaTLez9bk
1JFZ3L128yzD1TacG3vSYnaFQ+vwrd9/01fYltrr0TtgQkjfK3PZhXy3UwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOf16BE0eLt2WyvIS7NyTC8zFdOaMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvNV9Yb0VUUjR1M1piSzhoTHMzSk1Mek1WMDVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBWSpUAwQA
WSpXMA0GCSqGSIb3DQEBCwUAA4IBAQCEboqWwbfBCYD5QHNM3sWY4jXp2LM4HzAR
12IbONBYM3PBybkWrRYQpndEk1NS+8AhCpZ8i5xs0vvcsR08QJdCKN/g9bLJ8awU
UWiLZcs6bR4oxrzkh8qaWkH6cqEeF4xPVSCoolCTLfIBdiYjQWuQz0fdCeIpVJ9+
724QlZGRmBgQ3XR3/I7p9Gzs8vnSnIOh8uOyNLWKwdZmzUla/dicDFzWm1WOZ2ZV
cNXFD4wWyv1Q0GsUOxEsOmCP0H8k9JpxMl1PdDUj3BbVdwm6DE6SZfbdgV2cb6Gr
dloNqvweGAHVlOO0b7g9qgYszHu0/Np6lJblFzz7iAhRZfhSowY0
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:03 2023 by rpki-client on console-fra.rpki-client.org