Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/65JLiYO08FMT3FmuIpAGE6sZfCE.roa
File: 65JLiYO08FMT3FmuIpAGE6sZfCE.roa (raw, json)
Hash identifier: o79LV/aILuc8/47kuM0Y0Z47xYmIty21psgeq0iw3oM=
Subject key identifier: EB:92:4B:89:83:B4:F0:53:13:DC:59:AE:22:90:06:13:AB:19:7C:21
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018CC26D23A8BE9B65C0C1FD8F159F87E8F3
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/65JLiYO08FMT3FmuIpAGE6sZfCE.roa
Signing time: Mon 01 Jan 2024 00:29:41 +0000
ROA not before: Mon 01 Jan 2024 00:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41672
IP address blocks: 89.38.228.0/24 maxlen: 24
89.38.229.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Jun 2024 06:06:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:23:a8:be:9b:65:c0:c1:fd:8f:15:9f:87:e8:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 00:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb924b8983b4f05313dc59ae22900613ab197c21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:18:df:7d:c0:58:69:68:5f:33:8f:16:4b:2a:
8d:d1:fc:93:ef:da:51:06:d4:bb:b0:3f:76:50:c4:
57:5c:e5:01:ac:5e:0b:e8:7c:0d:4b:9d:af:32:4a:
d8:c9:e6:5e:e5:23:35:74:3d:cd:62:50:20:e7:a7:
20:9d:6c:d7:80:d4:bd:3b:83:6f:25:08:b3:55:0d:
29:5d:a9:1e:96:e2:91:86:d5:a1:7f:dd:a2:51:45:
e0:c6:a5:38:14:56:5c:14:23:37:34:d4:e0:4b:04:
85:f2:d3:03:4f:23:24:4f:d2:29:9e:f1:06:32:a3:
9e:d8:76:04:df:5e:ff:55:f4:80:c9:df:0b:88:3d:
29:5d:8d:be:28:dd:6a:2c:4b:4d:8b:49:e3:06:f4:
3e:78:42:19:47:05:8d:08:48:1a:9a:bc:6b:94:4d:
fa:a6:2f:de:a5:57:fa:d9:0a:7d:bb:ea:f4:f5:c2:
1b:c9:5e:79:67:94:db:20:ea:e0:e5:20:26:28:84:
ee:13:b4:7a:80:8c:af:04:c3:f6:43:d0:0d:e5:3f:
5a:c1:b2:06:e6:cc:11:9f:a1:92:a4:74:82:98:9a:
5a:44:39:f8:45:11:51:3d:5c:a8:5f:85:e9:32:b6:
36:ba:13:38:a9:95:b2:21:1a:24:94:61:a6:95:85:
92:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:92:4B:89:83:B4:F0:53:13:DC:59:AE:22:90:06:13:AB:19:7C:21
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/65JLiYO08FMT3FmuIpAGE6sZfCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.228.0/23
Signature Algorithm: sha256WithRSAEncryption
22:22:3e:44:80:6e:22:1b:3e:a2:07:38:fa:59:73:72:d5:99:
c5:ee:7e:85:93:90:37:7d:71:fe:13:0a:4a:4b:76:38:2b:a2:
52:c8:ba:ca:b7:05:b4:a2:83:4f:31:a7:49:8c:50:9b:a1:47:
ed:dc:3c:b8:8f:01:a0:d7:d7:54:1d:c4:02:a4:97:bd:5f:0f:
89:12:13:eb:71:c0:52:48:48:92:a4:3f:da:34:b5:0e:db:9b:
54:47:e6:d3:a3:fa:09:a9:ee:cc:1b:bc:79:29:81:18:d2:51:
f5:1c:03:66:ef:29:b4:75:5a:46:5f:94:77:0a:cc:ad:b9:8e:
2a:38:11:6d:03:6c:b4:7a:2d:44:93:c8:98:16:7f:6b:48:a6:
71:d4:15:ec:df:46:b8:1c:3f:6b:17:1e:c1:11:d0:f4:9d:9f:
6f:9b:08:e0:fa:f3:38:fc:c5:e7:47:78:44:d0:af:88:15:24:
53:e3:5b:a3:9e:d2:be:8e:32:4f:d5:c6:05:2a:95:14:8a:e1:
1f:e9:00:cc:87:bd:76:28:f2:7f:ca:4f:29:8a:4f:6a:b2:4a:
c7:ea:65:3d:30:5c:96:00:7f:84:02:e2:f4:3d:e0:c7:d3:3e:
6c:68:70:d7:0f:84:1b:10:c1:b2:08:28:e5:fa:db:12:57:ed:
b0:49:f1:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbSOovptlwMH9jxWfh+jzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTAxMDAyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjkyNGI4OTgzYjRmMDUzMTNkYzU5YWUyMjkwMDYxM2FiMTk3YzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBjffcBYaWhfM48WSyqN0fyT79pR
BtS7sD92UMRXXOUBrF4L6HwNS52vMkrYyeZe5SM1dD3NYlAg56cgnWzXgNS9O4Nv
JQizVQ0pXakeluKRhtWhf92iUUXgxqU4FFZcFCM3NNTgSwSF8tMDTyMkT9IpnvEG
MqOe2HYE317/VfSAyd8LiD0pXY2+KN1qLEtNi0njBvQ+eEIZRwWNCEgamrxrlE36
pi/epVf62Qp9u+r09cIbyV55Z5TbIOrg5SAmKITuE7R6gIyvBMP2Q9AN5T9awbIG
5swRn6GSpHSCmJpaRDn4RRFRPVyoX4XpMrY2uhM4qZWyIRoklGGmlYWSJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOuSS4mDtPBTE9xZriKQBhOrGXwhMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvNjVKTGlZTzA4Rk1UM0ZtdUlwQUdFNnNaZkNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWSbkMA0G
CSqGSIb3DQEBCwUAA4IBAQAiIj5EgG4iGz6iBzj6WXNy1ZnF7n6Fk5A3fXH+EwpK
S3Y4K6JSyLrKtwW0ooNPMadJjFCboUft3Dy4jwGg19dUHcQCpJe9Xw+JEhPrccBS
SEiSpD/aNLUO25tUR+bTo/oJqe7MG7x5KYEY0lH1HANm7ym0dVpGX5R3CsytuY4q
OBFtA2y0ei1Ek8iYFn9rSKZx1BXs30a4HD9rFx7BEdD0nZ9vmwjg+vM4/MXnR3hE
0K+IFSRT41ujntK+jjJP1cYFKpUUiuEf6QDMh712KPJ/yk8pik9qskrH6mU9MFyW
AH+EAuL0PeDH0z5saHDXD4QbEMGyCCjl+tsSV+2wSfEL
-----END CERTIFICATE-----
Generated at Sat Jun 22 06:43:24 2024 by rpki-client on console-fra.rpki-client.org