Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/DKLdeNhLEORJKTRgikqOscPGNeA.roa
File: DKLdeNhLEORJKTRgikqOscPGNeA.roa (raw, json)
Hash identifier: 6r6MJWbBJhy+CxFmL3ZHXqsswjWa70nWvq8UpSVLfeU=
Subject key identifier: 0C:A2:DD:78:D8:4B:10:E4:49:29:34:60:8A:4A:8E:B1:C3:C6:35:E0
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018E5634CE9A5B039B2BAD4AA6C0BD1A4AA3
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/DKLdeNhLEORJKTRgikqOscPGNeA.roa
Signing time: Tue 19 Mar 2024 10:14:45 +0000
ROA not before: Tue 19 Mar 2024 10:14:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.80.0/24 maxlen: 24
89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.46.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Mar 2024 06:33:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:56:34:ce:9a:5b:03:9b:2b:ad:4a:a6:c0:bd:1a:4a:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Mar 19 10:14:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ca2dd78d84b10e4492934608a4a8eb1c3c635e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:66:48:df:55:2a:8a:6e:58:25:71:ef:a1:0e:
11:61:80:ae:32:b6:ec:28:01:5c:8d:b2:09:db:90:
17:ba:24:99:e9:0d:e8:07:fa:c4:7b:a8:62:c2:59:
e7:3e:ae:f9:ce:c8:0b:b4:b6:e2:86:4b:2c:97:85:
fe:18:c5:d9:56:c2:e5:01:1d:c6:73:7f:8c:21:a5:
88:2d:44:77:b3:23:89:ee:56:b3:88:52:0f:9b:f1:
aa:8d:6b:d2:87:4e:e6:be:9e:03:11:16:f5:d5:a6:
5d:ce:c7:ee:a6:cb:a2:4c:a2:a3:c3:59:a4:81:52:
9b:e7:6e:09:c0:9a:ba:99:f5:d5:7f:30:46:ac:e2:
dc:9b:12:7f:1f:3a:41:4c:fa:e9:3b:fb:57:e0:98:
a8:84:98:c2:e9:b6:07:7f:34:26:1c:88:77:8b:f3:
ed:c3:da:70:3e:08:b9:65:73:66:55:a1:a4:df:63:
d5:59:2a:ea:72:69:e6:6f:d3:67:16:14:cf:63:17:
a4:58:36:02:ed:6e:fd:13:a9:91:ba:9a:90:09:2a:
fe:fc:0c:d4:c7:53:18:d8:05:be:2c:34:fb:b5:cd:
13:b6:9c:7a:e9:76:fc:05:74:29:d4:81:cd:0d:d9:
31:89:9b:78:ff:b9:6d:bc:e5:46:e5:2e:ae:df:47:
a2:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:A2:DD:78:D8:4B:10:E4:49:29:34:60:8A:4A:8E:B1:C3:C6:35:E0
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/DKLdeNhLEORJKTRgikqOscPGNeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.80.0/22
89.46.3.0/24
Signature Algorithm: sha256WithRSAEncryption
27:c9:b6:a9:57:9a:04:d4:24:d5:d0:bc:99:9d:3d:f7:84:4a:
17:d8:f7:27:61:54:6d:27:3a:ac:c0:95:2a:ff:cd:85:7e:20:
cf:56:34:b8:54:e8:9b:d1:59:9d:96:b2:b6:1e:86:84:21:54:
cf:1d:72:4d:5d:cf:57:bd:c1:ba:d4:7a:f8:04:b3:0e:2f:44:
96:c6:aa:1c:c7:70:3b:56:a0:7c:15:5f:cb:cc:e0:f8:89:46:
43:00:e6:ec:b3:94:64:29:ac:7a:7a:eb:66:4c:32:91:92:5a:
ac:94:12:cb:10:04:cb:6f:9f:ac:98:47:a1:f1:d7:36:19:0a:
96:4e:e5:91:76:be:84:b8:d4:76:d4:a5:70:cb:fb:d5:0a:c0:
3a:50:e6:c3:bc:d2:01:e7:12:15:59:3b:f8:88:b4:25:61:28:
25:53:06:0b:1a:fb:fc:b0:d3:d6:35:b6:6f:72:8b:ae:49:dd:
05:29:7e:1b:53:d2:80:e9:e7:e7:39:02:4f:fe:a6:66:bf:b2:
38:e4:4d:75:f9:51:07:21:27:d3:1b:8b:10:20:40:c0:61:c6:
e6:d1:a8:f3:c8:02:cb:5e:28:6e:fe:3b:f0:2e:47:b8:05:1a:
31:33:23:06:17:49:91:e0:84:15:31:bc:c9:81:42:06:e1:62:
71:6a:8f:a1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY5WNM6aWwObK61KpsC9GkqjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMzE5MTAxNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2EyZGQ3OGQ4NGIxMGU0NDkyOTM0NjA4YTRhOGViMWMzYzYzNWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGZI31Uqim5YJXHvoQ4RYYCuMrbs
KAFcjbIJ25AXuiSZ6Q3oB/rEe6hiwlnnPq75zsgLtLbihkssl4X+GMXZVsLlAR3G
c3+MIaWILUR3syOJ7laziFIPm/GqjWvSh07mvp4DERb11aZdzsfupsuiTKKjw1mk
gVKb524JwJq6mfXVfzBGrOLcmxJ/HzpBTPrpO/tX4JiohJjC6bYHfzQmHIh3i/Pt
w9pwPgi5ZXNmVaGk32PVWSrqcmnmb9NnFhTPYxekWDYC7W79E6mRupqQCSr+/AzU
x1MY2AW+LDT7tc0Ttpx66Xb8BXQp1IHNDdkxiZt4/7ltvOVG5S6u30eiCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAyi3XjYSxDkSSk0YIpKjrHDxjXgMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvREtMZGVOaExFT1JKS1RSZ2lrcU9zY1BHTmVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWSpQAwQA
WS4DMA0GCSqGSIb3DQEBCwUAA4IBAQAnybapV5oE1CTV0LyZnT33hEoX2PcnYVRt
JzqswJUq/82FfiDPVjS4VOib0VmdlrK2HoaEIVTPHXJNXc9XvcG61Hr4BLMOL0SW
xqocx3A7VqB8FV/LzOD4iUZDAObss5RkKax6eutmTDKRklqslBLLEATLb5+smEeh
8dc2GQqWTuWRdr6EuNR21KVwy/vVCsA6UObDvNIB5xIVWTv4iLQlYSglUwYLGvv8
sNPWNbZvcouuSd0FKX4bU9KA6efnOQJP/qZmv7I45E11+VEHISfTG4sQIEDAYcbm
0ajzyALLXihu/jvwLke4BRoxMyMGF0mR4IQVMbzJgUIG4WJxao+h
Generated at Wed Mar 20 09:30:08 2024 by rpki-client on console-ams.rpki-client.org