Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/BQSQN-BlRt-5opreAFWr1eO0bTs.roa
File: BQSQN-BlRt-5opreAFWr1eO0bTs.roa (raw, json)
Hash identifier: t0qfGYAve58O9/Fvh9SB8q5ccCsQ1laWidZauHa7WJ8=
Subject key identifier: 05:04:90:37:E0:65:46:DF:B9:A2:9A:DE:00:55:AB:D5:E3:B4:6D:3B
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 0189FA7044A2033559EE6BAD7D015D077C47
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/BQSQN-BlRt-5opreAFWr1eO0bTs.roa
Signing time: Tue 15 Aug 2023 18:23:28 +0000
ROA not before: Tue 15 Aug 2023 18:23:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.42.83.0/24 maxlen: 24
89.42.80.0/24 maxlen: 24
89.42.80.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 16 Aug 2023 17:13:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fa:70:44:a2:03:35:59:ee:6b:ad:7d:01:5d:07:7c:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Aug 15 18:23:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05049037e06546dfb9a29ade0055abd5e3b46d3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:3e:35:65:e8:58:ae:e4:6f:f8:a9:99:b7:b9:
24:0a:31:64:04:f0:ff:ab:f1:76:85:b4:56:47:20:
47:b1:81:a2:f3:df:99:d8:a7:65:c9:c4:ee:76:ce:
6c:8c:72:63:c7:8d:d4:15:8c:09:ed:a2:77:06:b8:
9c:74:e1:76:86:3e:45:8c:ae:f1:77:5b:dd:d4:62:
0c:8a:f4:6f:92:f2:81:55:93:c1:21:e7:78:73:4d:
4f:a8:e5:eb:fd:97:83:3d:c7:a3:9d:8b:c6:ca:94:
0b:5f:a5:13:87:e9:30:36:f2:9e:31:d3:e0:54:97:
8c:66:20:4a:e1:b8:43:5d:e0:3a:82:da:21:69:1f:
d0:29:d3:6d:99:9d:2c:68:ff:52:a0:99:5d:f8:01:
0b:84:94:8d:9e:2f:2d:a0:7d:f9:41:4c:77:3b:70:
f5:8d:9e:00:3f:67:08:a2:8c:48:b8:5d:5e:06:9d:
9b:0f:13:d4:f7:a5:1e:9a:10:67:3f:5d:b0:0a:7c:
c1:59:e7:cf:34:da:77:1b:d8:8c:9b:a4:d8:5e:c8:
1f:f7:86:0f:56:38:69:94:0c:56:83:1f:c9:02:f3:
44:6b:47:6a:25:59:89:e6:25:07:4e:7d:e1:7b:f8:
46:46:7a:85:a9:a8:26:ce:36:0c:5e:ac:a9:55:fa:
3d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:04:90:37:E0:65:46:DF:B9:A2:9A:DE:00:55:AB:D5:E3:B4:6D:3B
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/BQSQN-BlRt-5opreAFWr1eO0bTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.80.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:74:54:8f:77:5d:16:c6:41:d4:fd:da:fa:61:70:5c:a2:d7:
b9:c6:db:73:83:04:61:db:9a:7e:0f:11:06:71:c4:1c:e5:20:
ca:d8:c2:65:97:20:cd:d8:ef:37:1b:ff:ef:c0:d5:d9:eb:5b:
d8:77:c8:5a:87:99:b8:82:78:ef:9d:19:31:cb:1b:30:d0:3e:
74:01:f9:d0:9d:f4:33:df:eb:8e:09:ad:bc:6a:71:fb:fa:5a:
3a:0b:1b:82:df:6c:75:a0:f6:7e:d2:5d:1a:6e:dd:70:c4:70:
d5:ec:16:4e:37:22:63:c9:dd:10:6f:13:52:f2:ae:b4:40:67:
8a:11:6f:c4:2a:5e:a8:2d:f8:8d:fd:91:77:aa:ce:ac:00:2d:
e5:57:38:cd:8e:c0:96:f6:97:80:8a:3a:89:ea:36:fc:0c:4a:
2b:14:b6:0c:01:c1:30:61:1f:b3:60:01:f5:83:2d:ab:5e:f1:
e2:15:d0:6e:17:13:e8:12:5a:4e:a4:ac:e1:13:62:94:4b:c0:
3e:c5:3d:af:b1:9f:ad:f8:23:fc:93:3c:15:04:23:e7:27:b5:
0f:c3:79:a0:3b:a5:ac:ac:05:a9:ef:50:5b:e4:31:7d:f4:0d:
3d:41:4c:41:4c:65:b8:c4:5d:5c:66:67:6e:d4:98:01:b0:7b:
b7:08:b0:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYn6cESiAzVZ7mutfQFdB3xHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwODE1MTgyMzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTA0OTAzN2UwNjU0NmRmYjlhMjlhZGUwMDU1YWJkNWUzYjQ2ZDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhD41ZehYruRv+KmZt7kkCjFkBPD/
q/F2hbRWRyBHsYGi89+Z2KdlycTuds5sjHJjx43UFYwJ7aJ3BricdOF2hj5FjK7x
d1vd1GIMivRvkvKBVZPBIed4c01PqOXr/ZeDPcejnYvGypQLX6UTh+kwNvKeMdPg
VJeMZiBK4bhDXeA6gtohaR/QKdNtmZ0saP9SoJld+AELhJSNni8toH35QUx3O3D1
jZ4AP2cIooxIuF1eBp2bDxPU96UemhBnP12wCnzBWefPNNp3G9iMm6TYXsgf94YP
VjhplAxWgx/JAvNEa0dqJVmJ5iUHTn3he/hGRnqFqagmzjYMXqypVfo9/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAUEkDfgZUbfuaKa3gBVq9XjtG07MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvQlFTUU4tQmxSdC01b3ByZUFGV3IxZU8wYlRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWSpQMA0G
CSqGSIb3DQEBCwUAA4IBAQAadFSPd10WxkHU/dr6YXBcote5xttzgwRh25p+DxEG
ccQc5SDK2MJllyDN2O83G//vwNXZ61vYd8hah5m4gnjvnRkxyxsw0D50AfnQnfQz
3+uOCa28anH7+lo6CxuC32x1oPZ+0l0abt1wxHDV7BZONyJjyd0QbxNS8q60QGeK
EW/EKl6oLfiN/ZF3qs6sAC3lVzjNjsCW9peAijqJ6jb8DEorFLYMAcEwYR+zYAH1
gy2rXvHiFdBuFxPoElpOpKzhE2KUS8A+xT2vsZ+t+CP8kzwVBCPnJ7UPw3mgO6Ws
rAWp71Bb5DF99A09QUxBTGW4xF1cZmdu1JgBsHu3CLD4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:49 2024 by rpki-client on console-ams.rpki-client.org