Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/HKAQlX7nIvZ2XQunbtRI48HOlYQ.roa
File: HKAQlX7nIvZ2XQunbtRI48HOlYQ.roa (raw, json)
Hash identifier: tQCpOFAfTpaz1e0eJu3m5aIIqnJ49Xzr28eO1gAzvNU=
Subject key identifier: 1C:A0:10:95:7E:E7:22:F6:76:5D:0B:A7:6E:D4:48:E3:C1:CE:95:84
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018B14FCD5FBADBC6E3745D6C1E11FF916A6
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/HKAQlX7nIvZ2XQunbtRI48HOlYQ.roa
Signing time: Mon 09 Oct 2023 15:09:55 +0000
ROA not before: Mon 09 Oct 2023 15:09:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54339
IP address blocks: 89.42.89.0/24 maxlen: 24
89.42.93.0/24 maxlen: 24
93.113.176.0/24 maxlen: 24
89.46.4.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:14:fc:d5:fb:ad:bc:6e:37:45:d6:c1:e1:1f:f9:16:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 9 15:09:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ca010957ee722f6765d0ba76ed448e3c1ce9584
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:52:bc:87:f5:b1:06:de:15:14:ed:45:d7:da:
9a:b0:f9:63:84:d9:a3:ea:0a:77:ac:65:15:1b:1f:
fe:31:a6:59:eb:12:3f:7c:20:0e:1c:8c:fe:e6:ed:
fe:63:87:15:b5:b8:28:d7:c9:b1:1f:6d:48:bf:40:
c9:32:57:6a:f7:71:72:8c:44:df:a9:d5:86:0f:1c:
7e:81:8d:a4:f0:a9:13:19:b8:c1:52:6c:da:22:0e:
26:62:fc:c2:6c:a1:10:1a:b9:f6:f6:e6:cf:01:82:
75:f5:21:00:7a:f7:3e:d2:f0:99:a7:e0:9e:8b:f1:
e4:30:a3:4b:46:1a:60:0e:c9:58:ba:7f:00:f7:53:
9f:6f:43:4e:71:f1:06:7b:39:cf:87:d3:a2:0d:67:
d5:17:51:03:56:99:2b:ea:04:94:69:0e:db:20:0e:
b5:e8:9e:3c:67:c1:ac:d6:27:1b:1a:50:00:15:83:
db:fe:5b:de:c8:a8:ec:dd:5d:08:17:e8:f9:0d:a9:
df:5e:fd:2a:1c:8a:9d:6c:a5:71:8e:dd:23:25:d2:
e5:65:98:4c:b5:e5:a9:85:5b:1c:ff:5c:68:32:ae:
1a:84:cf:e4:46:03:46:50:b3:47:31:83:7d:d4:31:
9c:da:2b:10:0b:c3:53:00:05:4e:08:e5:a8:20:ae:
59:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:A0:10:95:7E:E7:22:F6:76:5D:0B:A7:6E:D4:48:E3:C1:CE:95:84
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/HKAQlX7nIvZ2XQunbtRI48HOlYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.89.0/24
89.42.93.0/24
89.46.4.0/24
93.113.176.0/24
Signature Algorithm: sha256WithRSAEncryption
30:db:f0:f2:2b:68:88:c8:85:16:e1:47:1b:99:19:7a:ac:b5:
8f:46:50:7f:77:9d:e9:77:1c:67:af:01:83:86:78:a8:46:79:
21:91:6b:9c:2c:a2:8c:f7:72:d4:95:15:97:03:70:b9:c5:e8:
9d:09:00:2e:7e:e7:1f:e5:b3:da:a3:42:4a:5c:90:37:1d:ec:
58:ba:93:97:fc:85:6e:13:41:b4:dc:3c:20:de:06:c4:5c:df:
1c:b8:8b:30:f0:4d:ac:80:a0:d4:1a:25:9e:3f:c1:8e:25:a5:
1b:d3:b5:3e:9a:39:17:c3:fb:52:57:35:37:02:c8:55:b8:7e:
8d:35:97:2a:c2:27:36:75:34:ac:fd:c5:7b:78:05:4b:c9:aa:
27:22:21:05:ae:ea:2d:7e:d1:b6:a3:c4:2c:49:8c:83:4c:55:
d3:8e:58:a1:3d:d1:82:a0:8b:e2:b3:1e:9d:0e:b3:9d:38:68:
8c:72:82:da:e0:df:8a:37:a4:f3:21:d4:4d:c6:82:34:4f:cd:
ec:3b:e1:97:b8:31:91:f2:47:fd:01:77:bd:a4:73:2e:74:98:
56:ed:97:93:fe:13:ad:a2:12:fb:71:a8:cd:06:7d:0b:04:95:
d1:4c:1b:dc:c9:ee:36:37:37:49:c8:4d:57:36:53:47:f1:80:
86:86:1c:d2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYsU/NX7rbxuN0XWweEf+RamMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMDA5MTUwOTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2EwMTA5NTdlZTcyMmY2NzY1ZDBiYTc2ZWQ0NDhlM2MxY2U5NTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA41K8h/WxBt4VFO1F19qasPljhNmj
6gp3rGUVGx/+MaZZ6xI/fCAOHIz+5u3+Y4cVtbgo18mxH21Iv0DJMldq93FyjETf
qdWGDxx+gY2k8KkTGbjBUmzaIg4mYvzCbKEQGrn29ubPAYJ19SEAevc+0vCZp+Ce
i/HkMKNLRhpgDslYun8A91Ofb0NOcfEGeznPh9OiDWfVF1EDVpkr6gSUaQ7bIA61
6J48Z8Gs1icbGlAAFYPb/lveyKjs3V0IF+j5DanfXv0qHIqdbKVxjt0jJdLlZZhM
teWphVsc/1xoMq4ahM/kRgNGULNHMYN91DGc2isQC8NTAAVOCOWoIK5ZYQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBygEJV+5yL2dl0Lp27USOPBzpWEMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvSEtBUWxYN25JdloyWFF1bmJ0Ukk0OEhPbFlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWSpZAwQA
WSpdAwQAWS4EAwQAXXGwMA0GCSqGSIb3DQEBCwUAA4IBAQAw2/DyK2iIyIUW4Ucb
mRl6rLWPRlB/d53pdxxnrwGDhnioRnkhkWucLKKM93LUlRWXA3C5xeidCQAufucf
5bPao0JKXJA3HexYupOX/IVuE0G03Dwg3gbEXN8cuIsw8E2sgKDUGiWeP8GOJaUb
07U+mjkXw/tSVzU3AshVuH6NNZcqwic2dTSs/cV7eAVLyaonIiEFruotftG2o8Qs
SYyDTFXTjlihPdGCoIvisx6dDrOdOGiMcoLa4N+KN6TzIdRNxoI0T83sO+GXuDGR
8kf9AXe9pHMudJhW7ZeT/hOtohL7cajNBn0LBJXRTBvcye42NzdJyE1XNlNH8YCG
hhzS
-----END CERTIFICATE-----
Generated at Thu Oct 26 12:46:58 2023 by rpki-client on console-fra.rpki-client.org