Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/HAA806dY8Ay4FY1CVditKcorq-k.roa
File: HAA806dY8Ay4FY1CVditKcorq-k.roa (raw, json)
Hash identifier: ZxHhVO/vXRMTZkNvJSeQvFia9NGWRUxlOl1JwFx07Ow=
Subject key identifier: 1C:00:3C:D3:A7:58:F0:0C:B8:15:8D:42:55:D8:AD:29:CA:2B:AB:E9
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01856ECB7FF6B380D2C0905EA36AB1241F68
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/HAA806dY8Ay4FY1CVditKcorq-k.roa
Signing time: Sun 01 Jan 2023 19:25:08 +0000
ROA not before: Sun 01 Jan 2023 19:25:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62390
IP address blocks: 89.47.232.0/24 maxlen: 24
89.45.12.0/24 maxlen: 24
89.45.12.0/23 maxlen: 23
89.45.13.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Jan 2023 11:07:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:7f:f6:b3:80:d2:c0:90:5e:a3:6a:b1:24:1f:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 19:25:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c003cd3a758f00cb8158d4255d8ad29ca2babe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b1:12:89:98:e7:fd:28:e1:1f:20:c3:82:bd:
b6:3b:a1:e2:6a:2f:96:f0:2d:94:3b:ee:f7:4d:bd:
ff:23:3c:36:1d:d8:7a:a2:06:73:b3:a6:f0:4c:2a:
5b:d7:18:e3:ba:9a:44:a9:a7:93:72:0e:db:ab:4c:
36:52:5a:2c:84:f5:33:36:25:e6:9f:59:21:ba:c4:
4a:04:0d:94:bf:76:7c:bb:8d:35:21:7d:ea:ab:7d:
7f:36:70:e0:6e:d7:11:39:38:86:e6:4c:04:bd:4b:
f8:7d:bd:2c:37:1f:58:ca:c4:b2:2c:8e:91:19:ce:
6b:43:7e:c5:da:45:57:31:f5:1e:e0:b3:69:19:96:
fd:a9:4f:f3:58:c5:ad:9e:64:3e:19:4d:30:44:b3:
c9:e4:96:8b:c7:32:06:d0:cb:5c:cc:ad:11:79:93:
85:d7:2b:42:17:9a:5f:be:22:9e:16:5d:35:0a:94:
aa:75:81:77:d3:26:47:e0:3a:09:98:2d:cf:e7:9e:
90:c6:c8:fe:90:02:8f:79:4f:73:bc:9b:47:e7:19:
e1:a0:25:cc:dd:2e:17:fa:53:cd:ae:0d:56:36:de:
12:1e:2f:d0:52:99:81:c7:c2:5d:27:16:dc:ea:ee:
47:c2:9c:59:33:4b:50:a8:1f:8f:4b:05:93:80:28:
d3:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:00:3C:D3:A7:58:F0:0C:B8:15:8D:42:55:D8:AD:29:CA:2B:AB:E9
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/HAA806dY8Ay4FY1CVditKcorq-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.45.12.0/23
89.47.232.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:78:ed:b3:48:53:bd:ec:a2:d5:49:b0:0d:a4:2f:ed:62:e6:
3c:e7:2c:a0:e6:22:b4:68:e4:b6:de:af:bf:07:a4:f9:6c:12:
2a:6d:2f:4c:aa:79:2a:4f:cc:95:d8:d3:96:64:ee:36:c0:fc:
7f:ea:db:6c:d2:be:16:8e:3d:52:7b:7a:05:0a:c8:e0:14:24:
b2:b8:71:82:9f:74:0d:64:58:be:33:6b:c5:3d:b7:7c:b6:6e:
14:09:4a:ff:09:39:c3:ee:e4:6c:38:3c:9b:11:0b:36:4e:40:
f0:4e:c1:18:08:ca:5d:a0:4b:88:d7:cd:5d:fe:e5:ee:9b:e6:
15:47:31:f3:23:d9:99:4d:17:9a:26:c0:ba:be:59:9e:4c:31:
98:e8:00:f9:a1:8d:45:80:be:1e:b3:84:5d:1d:b9:9b:61:d6:
7e:c8:96:64:10:08:4e:8b:c8:fc:86:7a:0d:f9:03:21:4f:00:
47:ff:98:c9:5c:c7:5e:58:f7:bb:56:58:3a:64:86:cc:49:5d:
81:39:1b:08:cf:ee:2e:c3:bf:2b:8b:3b:34:5b:33:e9:c8:71:
51:b5:aa:dd:d8:0d:99:62:08:81:c7:a7:ba:ee:d6:fd:af:d7:
7c:0f:17:58:38:f6:7e:be:36:e7:3b:05:d0:83:43:d7:f4:63:
d8:8e:25:f3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuy3/2s4DSwJBeo2qxJB9oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwMTAxMTkyNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzAwM2NkM2E3NThmMDBjYjgxNThkNDI1NWQ4YWQyOWNhMmJhYmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLESiZjn/SjhHyDDgr22O6Hiai+W
8C2UO+73Tb3/Izw2Hdh6ogZzs6bwTCpb1xjjuppEqaeTcg7bq0w2UloshPUzNiXm
n1khusRKBA2Uv3Z8u401IX3qq31/NnDgbtcROTiG5kwEvUv4fb0sNx9YysSyLI6R
Gc5rQ37F2kVXMfUe4LNpGZb9qU/zWMWtnmQ+GU0wRLPJ5JaLxzIG0MtczK0ReZOF
1ytCF5pfviKeFl01CpSqdYF30yZH4DoJmC3P556Qxsj+kAKPeU9zvJtH5xnhoCXM
3S4X+lPNrg1WNt4SHi/QUpmBx8JdJxbc6u5HwpxZM0tQqB+PSwWTgCjTwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBwAPNOnWPAMuBWNQlXYrSnKK6vpMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvSEFBODA2ZFk4QXk0RlkxQ1ZkaXRLY29ycS1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBWS0MAwQA
WS/oMA0GCSqGSIb3DQEBCwUAA4IBAQAdeO2zSFO97KLVSbANpC/tYuY85yyg5iK0
aOS23q+/B6T5bBIqbS9MqnkqT8yV2NOWZO42wPx/6tts0r4Wjj1Se3oFCsjgFCSy
uHGCn3QNZFi+M2vFPbd8tm4UCUr/CTnD7uRsODybEQs2TkDwTsEYCMpdoEuI181d
/uXum+YVRzHzI9mZTReaJsC6vlmeTDGY6AD5oY1FgL4es4RdHbmbYdZ+yJZkEAhO
i8j8hnoN+QMhTwBH/5jJXMdeWPe7Vlg6ZIbMSV2BORsIz+4uw78rizs0WzPpyHFR
tard2A2ZYgiBx6e67tb9r9d8DxdYOPZ+vjbnOwXQg0PX9GPYjiXz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:49 2024 by rpki-client on console-ams.rpki-client.org