Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/6kQhzeexs07FIT_dsCZ9K9Citzg.roa
File: 6kQhzeexs07FIT_dsCZ9K9Citzg.roa (raw, json)
Hash identifier: Ww9nbLvec5SZfetE1fDV39o0fSikxpMnT3Udclh9oEE=
Subject key identifier: EA:44:21:CD:E7:B1:B3:4E:C5:21:3F:DD:B0:26:7D:2B:D0:A2:B7:38
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018D12FA5D64A07864F8EF90B25F9692F190
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/6kQhzeexs07FIT_dsCZ9K9Citzg.roa
Signing time: Tue 16 Jan 2024 15:53:34 +0000
ROA not before: Tue 16 Jan 2024 15:53:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51791
IP address blocks: 89.42.82.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 07:38:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:12:fa:5d:64:a0:78:64:f8:ef:90:b2:5f:96:92:f1:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 16 15:53:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea4421cde7b1b34ec5213fddb0267d2bd0a2b738
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c9:e1:e9:ed:7a:d7:fa:98:2b:ee:df:0c:4a:
2b:a7:95:60:b5:2a:da:1b:d3:13:13:07:7c:ce:46:
24:c7:c8:1f:87:f5:1a:8b:c9:4b:fe:5d:d4:39:4b:
e4:ec:c8:97:f4:e0:e7:1d:11:6a:9d:83:8d:c5:c2:
42:94:82:06:36:6a:d4:88:41:d5:2a:4c:24:67:a0:
a3:16:ab:a9:85:b0:77:08:11:62:2b:34:be:1f:99:
e2:92:be:ca:36:e3:77:05:c4:ac:80:46:5f:9a:f5:
2a:ba:da:ec:81:c8:75:72:9c:de:3b:d4:57:98:ea:
10:f1:42:c7:ed:e2:53:2f:7d:22:db:0d:2c:31:00:
e9:59:64:2b:93:58:0e:e9:d6:7e:96:c5:5f:85:9a:
9e:84:c1:87:ae:ec:4d:f6:c3:bc:b1:5d:28:ab:ba:
16:48:66:8a:87:95:a9:21:40:e0:b5:c7:1e:eb:22:
01:e5:51:5b:95:a5:30:9b:6e:2e:19:df:36:52:ae:
97:63:88:e5:70:72:fa:57:30:af:f3:b3:09:96:22:
c4:c5:3d:bb:ce:8a:07:d3:07:6a:ea:1a:89:9d:98:
e2:f3:ec:06:c0:7d:4b:90:82:23:ed:76:02:c7:6b:
6a:af:5e:60:5d:88:a8:71:49:d7:ab:7a:76:e0:c1:
38:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:44:21:CD:E7:B1:B3:4E:C5:21:3F:DD:B0:26:7D:2B:D0:A2:B7:38
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/6kQhzeexs07FIT_dsCZ9K9Citzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.82.0/24
Signature Algorithm: sha256WithRSAEncryption
18:ff:5f:50:33:cc:2c:2d:bc:b0:68:5d:bb:8a:4b:56:0d:62:
41:74:56:8b:fa:e9:54:eb:6d:a5:a5:3a:55:34:6d:16:5d:dd:
45:71:ec:30:65:d5:da:4f:d1:46:a8:67:c6:f5:15:a9:87:4c:
4e:d1:3f:bd:4e:85:16:72:97:81:f1:27:2e:c3:53:3b:5e:93:
86:2f:cc:06:df:c6:2c:c8:27:0e:a8:6f:0d:60:f4:07:c9:41:
6f:e4:5f:54:24:44:62:03:6a:32:3f:5a:6e:ef:13:6f:5f:d7:
c3:c3:20:c8:4c:14:1f:a1:33:09:63:c3:36:7e:ab:d4:14:6d:
1b:99:8b:2d:60:92:9d:ab:8b:be:64:f2:80:71:c7:c1:12:0e:
f4:4f:45:b7:4e:ff:21:11:a4:63:27:9b:8b:4d:47:74:00:db:
69:e0:35:6b:a3:88:ce:96:1a:44:1e:1a:cf:3c:87:71:aa:c0:
4f:9b:59:dd:65:7c:5c:40:9d:8f:bf:89:f0:6a:58:7c:5b:01:
e0:a7:e0:91:81:41:75:ef:64:51:17:d7:29:d9:22:07:33:d6:
0b:f4:52:c6:74:e5:aa:53:93:a0:f0:b8:72:eb:2e:4b:19:51:
9d:0a:fa:53:56:33:c2:cd:a5:a1:9a:88:77:2c:80:ea:f2:e3:
bb:92:19:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0S+l1koHhk+O+Qsl+WkvGQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTE2MTU1MzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTQ0MjFjZGU3YjFiMzRlYzUyMTNmZGRiMDI2N2QyYmQwYTJiNzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8nh6e161/qYK+7fDEorp5VgtSra
G9MTEwd8zkYkx8gfh/Uai8lL/l3UOUvk7MiX9ODnHRFqnYONxcJClIIGNmrUiEHV
KkwkZ6CjFquphbB3CBFiKzS+H5nikr7KNuN3BcSsgEZfmvUqutrsgch1cpzeO9RX
mOoQ8ULH7eJTL30i2w0sMQDpWWQrk1gO6dZ+lsVfhZqehMGHruxN9sO8sV0oq7oW
SGaKh5WpIUDgtcce6yIB5VFblaUwm24uGd82Uq6XY4jlcHL6VzCv87MJliLExT27
zooH0wdq6hqJnZji8+wGwH1LkIIj7XYCx2tqr15gXYiocUnXq3p24ME4lQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOpEIc3nsbNOxSE/3bAmfSvQorc4MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvNmtRaHplZXhzMDdGSVRfZHNDWjlLOUNpdHpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSpSMA0G
CSqGSIb3DQEBCwUAA4IBAQAY/19QM8wsLbywaF27iktWDWJBdFaL+ulU622lpTpV
NG0WXd1FcewwZdXaT9FGqGfG9RWph0xO0T+9ToUWcpeB8Scuw1M7XpOGL8wG38Ys
yCcOqG8NYPQHyUFv5F9UJERiA2oyP1pu7xNvX9fDwyDITBQfoTMJY8M2fqvUFG0b
mYstYJKdq4u+ZPKAccfBEg70T0W3Tv8hEaRjJ5uLTUd0ANtp4DVro4jOlhpEHhrP
PIdxqsBPm1ndZXxcQJ2Pv4nwalh8WwHgp+CRgUF172RRF9cp2SIHM9YL9FLGdOWq
U5Og8Lhy6y5LGVGdCvpTVjPCzaWhmoh3LIDq8uO7khl8
-----END CERTIFICATE-----
Generated at Thu Feb 1 10:43:26 2024 by rpki-client on console-fra.rpki-client.org