Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/CoPooAO0tfsYBA01uxo99leg418.roa
File: CoPooAO0tfsYBA01uxo99leg418.roa (raw, json)
Hash identifier: qa4yUX8QPvbOkn/jhr+TVE4vR8RN3mqUTfdu0k3s8IA=
Subject key identifier: 0A:83:E8:A0:03:B4:B5:FB:18:04:0D:35:BB:1A:3D:F6:57:A0:E3:5F
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018E7932539447A3CC75218900D6F0B55C0B
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/CoPooAO0tfsYBA01uxo99leg418.roa
Signing time: Tue 26 Mar 2024 05:18:45 +0000
ROA not before: Tue 26 Mar 2024 05:18:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.46.3.0/24 maxlen: 24
89.47.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Mar 2024 07:56:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:79:32:53:94:47:a3:cc:75:21:89:00:d6:f0:b5:5c:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Mar 26 05:18:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a83e8a003b4b5fb18040d35bb1a3df657a0e35f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:03:4b:8b:74:57:0e:07:70:b3:55:c8:74:83:
fd:53:1e:48:91:6c:61:79:a3:1e:38:81:14:40:fe:
1b:33:ec:26:6c:7d:13:9b:c3:13:b4:a3:da:79:77:
84:f2:f4:05:a1:5b:1c:7f:b4:55:08:ff:32:eb:9c:
38:d0:65:6f:e3:50:02:b2:a0:d3:0f:55:10:92:2f:
bf:ef:fa:54:cf:5e:69:14:d4:fa:d1:34:aa:2d:2d:
c7:ec:c4:37:dc:7e:01:47:01:6c:e7:d2:31:0a:61:
07:11:9f:ee:38:75:7b:4a:9c:70:6d:2f:33:f5:b9:
f0:07:2c:ae:be:de:e3:c1:ee:7b:87:1b:bf:e2:48:
43:ba:b1:ba:1f:72:4c:7e:5b:58:50:5b:41:41:40:
45:8b:26:6d:61:d7:94:1b:c2:0f:13:58:33:c5:cc:
b9:7c:bf:5c:7e:c1:32:30:86:02:6e:d2:e7:27:7c:
c7:d3:f7:80:66:8e:5b:18:61:28:6d:69:d1:24:2a:
93:63:24:af:bc:b8:3c:12:56:d7:b8:b1:8c:d7:26:
7e:2e:1b:5e:1d:f9:ef:97:ca:0c:11:82:1a:28:49:
06:ed:06:64:95:8e:6c:bb:f5:24:ad:69:a2:6b:c9:
07:eb:a6:9c:b6:1d:98:ab:f8:7e:80:db:60:af:fb:
56:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:83:E8:A0:03:B4:B5:FB:18:04:0D:35:BB:1A:3D:F6:57:A0:E3:5F
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/CoPooAO0tfsYBA01uxo99leg418.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
89.46.3.0/24
89.47.116.0/24
Signature Algorithm: sha256WithRSAEncryption
51:1c:82:36:c1:e5:72:d8:fb:ad:18:cc:ed:6a:ef:6e:06:e7:
f7:f0:04:a8:31:8f:05:cb:d1:19:2d:17:6f:fc:62:cc:7e:70:
9b:64:50:4f:18:ff:16:28:18:a8:e3:ec:22:b7:27:19:f5:b9:
72:3f:0b:ea:19:d6:95:fb:48:5c:8a:18:f2:73:54:46:97:1e:
6e:62:66:9e:bf:ec:04:d3:86:2e:b2:5a:0c:f1:82:68:30:f9:
94:4b:48:5a:59:02:35:e8:7f:ad:83:9d:f9:d9:49:69:2d:c0:
8d:bb:16:d2:34:62:c3:b6:71:39:30:1e:a5:61:02:25:a9:82:
98:e4:ad:e3:95:30:a4:58:08:07:6d:f2:b7:cd:10:d3:2f:35:
55:8c:93:13:0b:82:83:a7:f5:bf:e6:eb:ac:91:0a:0b:2f:22:
41:9e:04:15:9f:6f:b3:fd:1f:fe:86:72:17:34:cc:9d:1c:35:
81:b3:cc:48:2d:31:50:8c:e4:a2:af:bb:28:38:03:80:9f:50:
dd:06:cc:5b:ef:89:98:8e:88:24:91:82:33:29:04:ae:60:6e:
df:26:5a:c8:f5:43:11:25:77:62:9d:b9:ea:76:c7:4e:9d:6e:
bc:be:f1:1a:ce:79:9e:80:2c:65:42:83:db:d6:b5:d1:ab:9e:
c4:bb:71:c5
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY55MlOUR6PMdSGJANbwtVwLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMzI2MDUxODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTgzZThhMDAzYjRiNWZiMTgwNDBkMzViYjFhM2RmNjU3YTBlMzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgNLi3RXDgdws1XIdIP9Ux5IkWxh
eaMeOIEUQP4bM+wmbH0Tm8MTtKPaeXeE8vQFoVscf7RVCP8y65w40GVv41ACsqDT
D1UQki+/7/pUz15pFNT60TSqLS3H7MQ33H4BRwFs59IxCmEHEZ/uOHV7SpxwbS8z
9bnwByyuvt7jwe57hxu/4khDurG6H3JMfltYUFtBQUBFiyZtYdeUG8IPE1gzxcy5
fL9cfsEyMIYCbtLnJ3zH0/eAZo5bGGEobWnRJCqTYySvvLg8ElbXuLGM1yZ+Lhte
Hfnvl8oMEYIaKEkG7QZklY5su/UkrWmia8kH66acth2Yq/h+gNtgr/tWnQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAqD6KADtLX7GAQNNbsaPfZXoONfMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvQ29Qb29BTzB0ZnNZQkEwMXV4bzk5bGVnNDE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABZKlED
BAJZKlADBABZLgMDBABZL3QwDQYJKoZIhvcNAQELBQADggEBAFEcgjbB5XLY+60Y
zO1q724G5/fwBKgxjwXL0RktF2/8Ysx+cJtkUE8Y/xYoGKjj7CK3Jxn1uXI/C+oZ
1pX7SFyKGPJzVEaXHm5iZp6/7ATThi6yWgzxgmgw+ZRLSFpZAjXof62DnfnZSWkt
wI27FtI0YsO2cTkwHqVhAiWpgpjkreOVMKRYCAdt8rfNENMvNVWMkxMLgoOn9b/m
66yRCgsvIkGeBBWfb7P9H/6Gchc0zJ0cNYGzzEgtMVCM5KKvuyg4A4CfUN0GzFvv
iZiOiCSRgjMpBK5gbt8mWsj1QxEld2Kduep2x06dbry+8RrOeZ6ALGVCg9vWtdGr
nsS7ccU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:18 2024 by rpki-client on console-fra.rpki-client.org