Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Dc_p5oH8mjEhkqfTHJ1P-7ihfQM.roa
File: Dc_p5oH8mjEhkqfTHJ1P-7ihfQM.roa (raw, json)
Hash identifier: hoTYG0qYlh0HTpxhXikX5j1x/L0UWoOvF/8WMdI2s+4=
Subject key identifier: 0D:CF:E9:E6:81:FC:9A:31:21:92:A7:D3:1C:9D:4F:FB:B8:A1:7D:03
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018CC26D31B732C4D02EE7CB266526D36C7D
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Dc_p5oH8mjEhkqfTHJ1P-7ihfQM.roa
Signing time: Mon 01 Jan 2024 00:29:45 +0000
ROA not before: Mon 01 Jan 2024 00:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398465
IP address blocks: 89.47.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Mar 2024 05:18:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:31:b7:32:c4:d0:2e:e7:cb:26:65:26:d3:6c:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 00:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0dcfe9e681fc9a312192a7d31c9d4ffbb8a17d03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e9:5f:03:ef:dc:e5:a4:3d:a3:d5:ee:6a:f2:
23:18:1e:f0:86:e6:f4:09:85:ac:28:cf:f0:93:45:
89:41:a7:dd:ff:2d:9b:30:e9:0b:59:93:b4:4e:db:
1d:62:25:b1:52:6c:c1:a4:61:4e:51:5f:1b:9d:2c:
25:2b:d9:fd:13:d4:9e:4f:08:ab:7e:1a:40:df:70:
93:fe:cf:fd:d1:23:d1:c5:36:5c:dd:ab:ef:ae:f4:
18:1a:da:f8:56:8a:f5:35:a0:59:7b:da:50:f9:0d:
91:0a:b1:54:65:cc:3c:53:67:3e:26:b0:84:50:51:
79:a8:88:dc:ab:5b:52:fa:f0:2a:38:18:d9:dc:1e:
c3:dd:e7:63:56:67:77:b1:a5:65:ee:16:a4:8a:e0:
dd:7a:7c:1b:57:34:e6:f2:d6:17:9d:34:85:62:24:
53:00:fd:4a:f6:b1:b8:ad:9c:d7:62:67:a0:81:f4:
e6:81:cf:aa:39:59:6b:c8:ca:9c:b2:98:39:6e:0b:
16:71:54:38:75:0f:5f:c7:d5:2d:75:b6:b4:4b:0f:
e2:ab:df:52:f0:6e:fd:c9:03:da:0d:b3:d2:da:51:
e6:64:89:26:76:d8:db:98:82:54:8d:4d:14:5f:b8:
2a:23:36:d8:f7:e1:9f:1c:b7:03:97:78:2d:25:47:
7e:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:CF:E9:E6:81:FC:9A:31:21:92:A7:D3:1C:9D:4F:FB:B8:A1:7D:03
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Dc_p5oH8mjEhkqfTHJ1P-7ihfQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.47.116.0/24
Signature Algorithm: sha256WithRSAEncryption
80:16:fd:f6:84:82:93:e4:7a:30:c6:fd:51:58:c5:f6:a0:f1:
5f:59:2f:74:21:c8:5d:c7:ad:98:84:95:dc:a1:7f:87:00:c3:
4e:8d:73:74:f3:fc:ec:55:e7:8c:2f:26:69:e4:d9:1a:bb:00:
7f:33:e6:bc:38:4f:34:c6:db:f6:8a:54:14:c3:e8:51:2c:9c:
0f:1b:c1:54:3d:3d:62:61:5c:cf:95:f9:9d:04:0a:ee:a2:57:
31:47:14:2c:50:98:64:03:85:50:76:ba:e5:b0:65:da:44:14:
a1:3e:2f:da:bb:fe:01:c3:44:de:34:c9:ca:5c:b4:63:a9:0b:
09:30:80:2f:5a:cd:c1:6a:2d:f8:f4:60:72:86:6e:69:3a:7f:
27:d7:15:7a:b1:5d:c1:eb:d9:e6:0e:5a:27:01:85:00:ed:7a:
69:c2:cd:c5:60:38:41:3a:87:79:59:35:c0:16:74:de:97:ed:
c7:3a:33:ab:4e:24:45:f4:4f:7b:b7:8b:f5:46:1e:0d:40:da:
2b:b6:e6:38:13:5b:f8:be:b7:e5:d4:71:83:9a:03:1e:cc:50:
a7:90:ee:b3:0d:ee:67:de:ff:c5:3f:ad:6e:22:21:df:18:e6:
96:23:aa:c0:f3:68:b3:ff:6f:3b:98:5d:a6:6a:a4:49:23:b8:
39:f7:15:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbTG3MsTQLufLJmUm02x9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTAxMDAyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGNmZTllNjgxZmM5YTMxMjE5MmE3ZDMxYzlkNGZmYmI4YTE3ZDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOlfA+/c5aQ9o9XuavIjGB7whub0
CYWsKM/wk0WJQafd/y2bMOkLWZO0TtsdYiWxUmzBpGFOUV8bnSwlK9n9E9SeTwir
fhpA33CT/s/90SPRxTZc3avvrvQYGtr4Vor1NaBZe9pQ+Q2RCrFUZcw8U2c+JrCE
UFF5qIjcq1tS+vAqOBjZ3B7D3edjVmd3saVl7hakiuDdenwbVzTm8tYXnTSFYiRT
AP1K9rG4rZzXYmeggfTmgc+qOVlryMqcspg5bgsWcVQ4dQ9fx9Utdba0Sw/iq99S
8G79yQPaDbPS2lHmZIkmdtjbmIJUjU0UX7gqIzbY9+GfHLcDl3gtJUd+rQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA3P6eaB/JoxIZKn0xydT/u4oX0DMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvRGNfcDVvSDhtakVoa3FmVEhKMVAtN2loZlFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS90MA0G
CSqGSIb3DQEBCwUAA4IBAQCAFv32hIKT5Howxv1RWMX2oPFfWS90Ichdx62YhJXc
oX+HAMNOjXN08/zsVeeMLyZp5NkauwB/M+a8OE80xtv2ilQUw+hRLJwPG8FUPT1i
YVzPlfmdBAruolcxRxQsUJhkA4VQdrrlsGXaRBShPi/au/4Bw0TeNMnKXLRjqQsJ
MIAvWs3Bai349GByhm5pOn8n1xV6sV3B69nmDlonAYUA7Xppws3FYDhBOod5WTXA
FnTel+3HOjOrTiRF9E97t4v1Rh4NQNortuY4E1v4vrfl1HGDmgMezFCnkO6zDe5n
3v/FP61uIiHfGOaWI6rA82iz/287mF2maqRJI7g59xWi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:18 2024 by rpki-client on console-fra.rpki-client.org