Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/BnCGzwPBTIqN7CD2SttvQKX-Lm8.roa
File: BnCGzwPBTIqN7CD2SttvQKX-Lm8.roa (raw, json)
Hash identifier: VGQNacIK1Y83NZ72dcxeuy7zTN1+Sza6mCG9sube9Do=
Subject key identifier: 06:70:86:CF:03:C1:4C:8A:8D:EC:20:F6:4A:DB:6F:40:A5:FE:2E:6F
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018F32B8E2411AAE488D2EEB093D3AAD9BE9
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/BnCGzwPBTIqN7CD2SttvQKX-Lm8.roa
Signing time: Wed 01 May 2024 05:55:28 +0000
ROA not before: Wed 01 May 2024 05:55:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.42.82.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
89.47.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 May 2024 06:57:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:32:b8:e2:41:1a:ae:48:8d:2e:eb:09:3d:3a:ad:9b:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: May 1 05:55:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=067086cf03c14c8a8dec20f64adb6f40a5fe2e6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:72:07:e7:63:92:73:03:a7:ba:42:f5:6c:75:
10:2b:3e:16:31:5d:6e:80:51:2a:94:68:71:37:f1:
f2:b2:8b:63:9e:1c:92:e7:8f:5f:97:c9:45:4d:87:
54:65:ff:9b:7e:87:82:42:18:dd:1f:b2:5f:56:11:
54:9c:4d:92:eb:20:07:dd:5e:fa:08:fb:22:f6:4f:
e9:88:61:65:57:9b:f5:4e:2f:da:d0:94:66:a3:da:
67:50:7f:05:c8:1b:2b:19:3a:90:68:41:3c:93:1f:
45:dd:5c:19:15:a0:6f:aa:62:63:a1:a0:d5:a4:3c:
dd:a6:cf:23:6f:eb:99:74:40:b7:81:59:2a:af:e7:
6f:d7:d1:4b:68:9f:1c:80:9d:d7:52:8a:80:8b:a7:
9d:8e:d2:2a:d4:6c:3d:e0:53:ac:70:75:34:ce:cb:
c5:14:7d:f8:a9:9a:7b:0f:73:26:30:0b:bf:43:68:
db:20:9b:5d:fc:db:e6:ad:1c:d2:3d:56:ad:74:b4:
c7:0a:ec:3f:71:94:57:e6:5e:e0:d9:9e:03:88:5d:
a2:e6:b6:22:8f:ef:a6:fa:7d:75:16:39:d2:2b:72:
e3:53:1e:46:08:d0:7f:94:e2:86:39:99:ff:e6:0a:
89:f2:a3:3f:e5:67:c5:96:1a:43:e3:40:72:c9:e3:
02:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:70:86:CF:03:C1:4C:8A:8D:EC:20:F6:4A:DB:6F:40:A5:FE:2E:6F
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/BnCGzwPBTIqN7CD2SttvQKX-Lm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
89.46.3.0/24
89.47.126.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:84:87:a4:b5:d7:4b:8b:90:44:2b:11:35:b5:21:46:ad:31:
6a:07:d8:89:c1:4a:a5:98:2e:26:af:6c:e4:19:ff:dd:66:e2:
2c:9a:ed:a1:fd:1d:71:87:fd:a9:9e:b7:b4:09:19:31:2c:2a:
1f:e1:fe:fa:2b:5e:e2:08:f1:01:65:74:cd:da:43:df:1f:77:
40:f6:17:74:3d:e5:ff:a0:24:a2:9f:bc:ac:b5:e6:1c:22:aa:
fd:78:a5:9a:e8:02:18:e9:4a:6b:af:8b:17:ed:ef:ba:ca:d3:
ba:4c:c7:e0:ab:6b:23:84:c4:fb:aa:65:64:3e:17:4d:a9:f6:
9b:88:8e:f0:d0:8c:8c:07:21:38:cc:4f:12:d2:22:f0:ee:bf:
74:77:53:35:cd:e1:e1:b6:b6:0f:e3:90:00:b9:89:95:1a:a1:
94:51:45:f0:d2:05:36:99:5b:95:ca:b8:73:a3:23:16:06:f0:
dc:6e:43:3a:95:1c:e9:0e:2d:4d:b9:76:49:13:89:2f:f6:c4:
b3:6c:fa:1b:90:ba:b9:78:48:8e:90:85:02:79:85:f5:18:b0:
34:e9:3b:c2:44:77:56:3f:cf:c5:24:d9:89:a8:e8:f2:7a:09:
1c:9c:64:41:ea:1f:f4:0e:e2:21:73:1d:c2:41:17:bd:6d:a7:
85:de:45:4a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY8yuOJBGq5IjS7rCT06rZvpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwNTAxMDU1NTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjcwODZjZjAzYzE0YzhhOGRlYzIwZjY0YWRiNmY0MGE1ZmUyZTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2XIH52OScwOnukL1bHUQKz4WMV1u
gFEqlGhxN/HysotjnhyS549fl8lFTYdUZf+bfoeCQhjdH7JfVhFUnE2S6yAH3V76
CPsi9k/piGFlV5v1Ti/a0JRmo9pnUH8FyBsrGTqQaEE8kx9F3VwZFaBvqmJjoaDV
pDzdps8jb+uZdEC3gVkqr+dv19FLaJ8cgJ3XUoqAi6edjtIq1Gw94FOscHU0zsvF
FH34qZp7D3MmMAu/Q2jbIJtd/NvmrRzSPVatdLTHCuw/cZRX5l7g2Z4DiF2i5rYi
j++m+n11FjnSK3LjUx5GCNB/lOKGOZn/5gqJ8qM/5WfFlhpD40ByyeMCEQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAZwhs8DwUyKjewg9krbb0Cl/i5vMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvQm5DR3p3UEJUSXFON0NEMlN0dHZRS1gtTG04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABZKlED
BAJZKlADBABZLgMDBABZL34wDQYJKoZIhvcNAQELBQADggEBAA6Eh6S110uLkEQr
ETW1IUatMWoH2InBSqWYLiavbOQZ/91m4iya7aH9HXGH/amet7QJGTEsKh/h/vor
XuII8QFldM3aQ98fd0D2F3Q95f+gJKKfvKy15hwiqv14pZroAhjpSmuvixft77rK
07pMx+CrayOExPuqZWQ+F02p9puIjvDQjIwHITjMTxLSIvDuv3R3UzXN4eG2tg/j
kAC5iZUaoZRRRfDSBTaZW5XKuHOjIxYG8NxuQzqVHOkOLU25dkkTiS/2xLNs+huQ
url4SI6QhQJ5hfUYsDTpO8JEd1Y/z8Uk2Ymo6PJ6CRycZEHqH/QO4iFzHcJBF71t
p4XeRUo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:18 2024 by rpki-client on console-fra.rpki-client.org