Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/GJjaYfCXgp0_baHdvs0lW3MO7_w.roa
File: GJjaYfCXgp0_baHdvs0lW3MO7_w.roa (raw, json)
Hash identifier: 2ITy+y5FdG9KJe5ELJdE3l5PBWs19efVyJg9URdkulU=
Subject key identifier: 18:98:DA:61:F0:97:82:9D:3F:6D:A1:DD:BE:CD:25:5B:73:0E:EF:FC
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018ADAF24DD47474F4CFA253BF569AB96AFE
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/GJjaYfCXgp0_baHdvs0lW3MO7_w.roa
Signing time: Thu 28 Sep 2023 08:40:27 +0000
ROA not before: Thu 28 Sep 2023 08:40:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54339
IP address blocks: 89.42.89.0/24 maxlen: 24
93.113.176.0/24 maxlen: 24
89.46.4.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:da:f2:4d:d4:74:74:f4:cf:a2:53:bf:56:9a:b9:6a:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Sep 28 08:40:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1898da61f097829d3f6da1ddbecd255b730eeffc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a2:0d:7c:1e:7f:0b:ef:3f:71:a3:52:e6:4a:
b2:e4:2a:ae:eb:df:71:8b:46:3d:b6:49:89:69:e2:
a1:02:76:85:19:88:d0:c4:86:f1:9b:77:fc:d4:fa:
35:e3:49:9a:3b:94:80:5e:1a:d0:9b:7c:9e:57:ff:
d7:68:70:2f:c2:71:bf:fb:89:01:bb:e6:1e:2a:eb:
c1:7e:0b:83:17:b7:ef:61:a6:d6:8e:38:36:b8:eb:
4c:c6:94:8a:7d:2f:99:68:f2:32:00:99:7e:fa:3b:
16:4b:95:6e:58:11:43:f3:ff:18:27:94:8b:5f:0e:
eb:d2:c8:5c:c9:fe:60:bc:cd:c0:48:cf:49:1b:4f:
db:a0:11:0e:5c:22:31:83:db:94:d2:1e:c7:29:7b:
0c:34:10:f5:f6:0f:93:63:aa:6b:ba:83:24:2a:66:
2e:81:d7:58:0a:89:b9:af:b0:d1:6c:70:8b:1c:3f:
9f:e3:68:86:7b:5d:29:52:f0:ca:26:04:b5:0c:16:
76:f7:d7:d1:18:78:6e:d1:c5:fe:1b:ee:4c:a7:59:
f4:8a:97:d6:b2:f1:c0:a0:73:db:bb:d4:94:f3:95:
24:67:5f:8f:8a:24:60:aa:22:ee:65:32:23:c3:54:
83:2a:06:5c:7e:e3:dd:1e:24:6d:6e:a5:26:d9:cc:
97:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:98:DA:61:F0:97:82:9D:3F:6D:A1:DD:BE:CD:25:5B:73:0E:EF:FC
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/GJjaYfCXgp0_baHdvs0lW3MO7_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.89.0/24
89.46.4.0/24
93.113.176.0/24
Signature Algorithm: sha256WithRSAEncryption
50:d6:94:ab:10:eb:c3:01:61:0c:1e:8d:2e:c7:c0:eb:65:6c:
87:c4:50:1c:ec:3f:29:56:7f:c7:a4:a7:5c:90:72:ea:3f:f9:
dc:1f:2c:05:30:f7:04:8b:51:4f:95:59:87:12:a3:04:73:24:
2a:8d:ce:d9:51:fa:77:44:d6:26:fb:de:d0:ec:57:47:83:9b:
ff:eb:79:21:67:0c:5a:ad:43:43:ff:c3:75:fe:47:da:52:6b:
39:ab:1f:ed:17:17:ff:45:bb:ef:f9:c9:84:4d:91:81:48:71:
ab:9c:da:31:7d:ee:0b:1a:eb:05:67:30:3c:0d:1d:6f:bf:d3:
d5:82:c9:b6:76:1a:93:e9:9f:3b:a6:1c:7f:e5:63:c9:f9:e4:
c2:20:36:9f:ea:2d:47:90:10:8b:f9:e5:b0:39:bd:40:b4:11:
07:d1:46:be:2c:8c:12:e8:ed:05:38:69:26:43:68:a8:92:24:
69:d4:fd:6a:47:41:43:d8:8f:d9:43:46:20:82:e6:19:3c:61:
6c:71:84:89:fa:30:e1:4e:ce:e4:2a:96:95:04:69:e2:7e:a9:
a1:2a:83:e5:89:92:df:e1:88:81:87:9a:48:e4:6d:90:76:1a:
fc:58:3c:a1:3c:3b:33:e7:b3:dd:d4:af:e8:1a:a5:8b:dc:97:
94:41:2d:9d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYra8k3UdHT0z6JTv1aauWr+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwOTI4MDg0MDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODk4ZGE2MWYwOTc4MjlkM2Y2ZGExZGRiZWNkMjU1YjczMGVlZmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6INfB5/C+8/caNS5kqy5Cqu699x
i0Y9tkmJaeKhAnaFGYjQxIbxm3f81Po140maO5SAXhrQm3yeV//XaHAvwnG/+4kB
u+YeKuvBfguDF7fvYabWjjg2uOtMxpSKfS+ZaPIyAJl++jsWS5VuWBFD8/8YJ5SL
Xw7r0shcyf5gvM3ASM9JG0/boBEOXCIxg9uU0h7HKXsMNBD19g+TY6pruoMkKmYu
gddYCom5r7DRbHCLHD+f42iGe10pUvDKJgS1DBZ299fRGHhu0cX+G+5Mp1n0ipfW
svHAoHPbu9SU85UkZ1+PiiRgqiLuZTIjw1SDKgZcfuPdHiRtbqUm2cyXsQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBiY2mHwl4KdP22h3b7NJVtzDu/8MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvR0pqYVlmQ1hncDBfYmFIZHZzMGxXM01PN193LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSpZAwQA
WS4EAwQAXXGwMA0GCSqGSIb3DQEBCwUAA4IBAQBQ1pSrEOvDAWEMHo0ux8DrZWyH
xFAc7D8pVn/HpKdckHLqP/ncHywFMPcEi1FPlVmHEqMEcyQqjc7ZUfp3RNYm+97Q
7FdHg5v/63khZwxarUND/8N1/kfaUms5qx/tFxf/Rbvv+cmETZGBSHGrnNoxfe4L
GusFZzA8DR1vv9PVgsm2dhqT6Z87phx/5WPJ+eTCIDaf6i1HkBCL+eWwOb1AtBEH
0Ua+LIwS6O0FOGkmQ2iokiRp1P1qR0FD2I/ZQ0YgguYZPGFscYSJ+jDhTs7kKpaV
BGnifqmhKoPliZLf4YiBh5pI5G2Qdhr8WDyhPDsz57Pd1K/oGqWL3JeUQS2d
-----END CERTIFICATE-----
Generated at Mon Oct 9 15:46:45 2023 by rpki-client on console-ams.rpki-client.org