Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/HORxob0th9jO1Y0bOOipzZDTwN4.roa
File: HORxob0th9jO1Y0bOOipzZDTwN4.roa (raw, json)
Hash identifier: 1Dpyp9JCYMcEUn4ppByxFz6LEEXkK74+y0iy5/Y7Bmw=
Subject key identifier: 1C:E4:71:A1:BD:2D:87:D8:CE:D5:8D:1B:38:E8:A9:CD:90:D3:C0:DE
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018E035F6A44A0C05BEAAD15B9C6DA635FA5
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/HORxob0th9jO1Y0bOOipzZDTwN4.roa
Signing time: Sun 03 Mar 2024 08:12:48 +0000
ROA not before: Sun 03 Mar 2024 08:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.46.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Mar 2024 10:14:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:03:5f:6a:44:a0:c0:5b:ea:ad:15:b9:c6:da:63:5f:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Mar 3 08:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ce471a1bd2d87d8ced58d1b38e8a9cd90d3c0de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e3:8b:6e:1b:aa:ab:a0:30:63:ff:44:a4:6f:
b1:12:7c:85:a7:e3:66:7a:41:d9:4c:0c:22:8c:0a:
d3:b5:a9:92:29:f1:41:c7:d3:db:25:d3:32:37:78:
07:87:ff:bd:6a:4b:cf:83:7e:26:28:b2:dd:64:cf:
68:73:03:1d:e9:27:00:e6:dd:91:a7:b8:d9:97:aa:
ae:06:22:d1:a4:0f:be:e5:86:96:9c:61:13:db:6b:
d6:64:1b:56:9c:a5:97:4d:3e:26:8d:9a:8c:f4:04:
53:d0:12:6f:cf:3f:31:78:5f:51:ae:a8:36:53:dc:
5e:db:dd:4d:05:44:90:a4:df:b7:04:63:a4:c1:a3:
98:4d:d7:a3:ba:95:2f:87:10:7f:1c:1d:99:a7:f4:
64:57:4c:33:93:36:d7:fd:f5:e5:b9:b8:da:0f:07:
78:04:87:1c:59:ff:4d:9e:04:f0:6c:51:3c:cc:a3:
58:5e:34:67:4a:b7:fe:e5:3f:bb:90:0f:9a:b8:38:
16:e9:9d:ec:b2:94:5b:42:89:46:8a:04:14:80:ce:
6b:77:95:c8:1c:66:6e:72:32:10:0a:10:7d:3c:40:
4f:c2:2f:0d:f9:d4:e8:40:bf:69:93:05:e8:36:c5:
16:2e:92:14:f2:d3:78:b1:ac:1b:ff:75:e0:c8:31:
c3:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:E4:71:A1:BD:2D:87:D8:CE:D5:8D:1B:38:E8:A9:CD:90:D3:C0:DE
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/HORxob0th9jO1Y0bOOipzZDTwN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
89.46.3.0/24
Signature Algorithm: sha256WithRSAEncryption
73:58:65:bf:b3:57:66:5b:6e:61:1c:1e:5a:93:d1:61:75:4d:
05:cd:7b:52:35:71:59:70:7c:5b:7f:95:8b:39:7b:33:d4:07:
39:77:d1:8f:a9:65:9d:82:2f:7a:e2:06:43:e3:e9:8b:dc:55:
86:43:fb:9b:8d:7e:f0:78:95:18:9f:fa:ca:ce:f5:b3:24:8a:
ac:49:cb:5f:4c:8a:09:eb:55:e4:0d:37:ff:0c:7f:00:81:56:
2f:b2:c3:5e:07:0c:c1:b7:f4:e4:96:37:66:12:0c:62:d5:8b:
11:a7:d3:f2:e4:67:7a:5c:3b:ea:67:55:10:18:78:e7:be:69:
76:60:9a:47:9e:15:c7:53:87:c1:1f:ed:63:81:aa:1f:3c:10:
8a:05:60:05:f6:dd:94:dd:04:7e:88:77:41:0f:ae:07:8c:d6:
da:b6:4b:a0:d5:c2:06:9a:e8:58:80:d0:06:40:f7:ed:5b:58:
8a:87:b8:8d:39:e1:cf:d5:7c:f0:82:80:a9:63:a1:83:36:47:
b9:4b:5f:c6:ae:37:53:4f:e1:70:66:48:39:7d:51:b3:5d:20:
55:8d:8d:70:2e:cf:68:47:d5:65:c6:94:e4:0d:53:6f:eb:12:
40:d2:92:54:e1:85:48:77:d1:4e:28:8f:39:99:d0:9f:72:f4:
c3:7c:bf:4e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY4DX2pEoMBb6q0VucbaY1+lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMzAzMDgxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2U0NzFhMWJkMmQ4N2Q4Y2VkNThkMWIzOGU4YTljZDkwZDNjMGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuOLbhuqq6AwY/9EpG+xEnyFp+Nm
ekHZTAwijArTtamSKfFBx9PbJdMyN3gHh/+9akvPg34mKLLdZM9ocwMd6ScA5t2R
p7jZl6quBiLRpA++5YaWnGET22vWZBtWnKWXTT4mjZqM9ART0BJvzz8xeF9Rrqg2
U9xe291NBUSQpN+3BGOkwaOYTdejupUvhxB/HB2Zp/RkV0wzkzbX/fXlubjaDwd4
BIccWf9NngTwbFE8zKNYXjRnSrf+5T+7kA+auDgW6Z3sspRbQolGigQUgM5rd5XI
HGZucjIQChB9PEBPwi8N+dToQL9pkwXoNsUWLpIU8tN4sawb/3XgyDHD4wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBzkcaG9LYfYztWNGzjoqc2Q08DeMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvSE9SeG9iMHRoOWpPMVkwYk9PaXB6WkRUd040LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABZKlED
BAJZKlADBABZLgMwDQYJKoZIhvcNAQELBQADggEBAHNYZb+zV2ZbbmEcHlqT0WF1
TQXNe1I1cVlwfFt/lYs5ezPUBzl30Y+pZZ2CL3riBkPj6YvcVYZD+5uNfvB4lRif
+srO9bMkiqxJy19MignrVeQNN/8MfwCBVi+yw14HDMG39OSWN2YSDGLVixGn0/Lk
Z3pcO+pnVRAYeOe+aXZgmkeeFcdTh8Ef7WOBqh88EIoFYAX23ZTdBH6Id0EPrgeM
1tq2S6DVwgaa6FiA0AZA9+1bWIqHuI054c/VfPCCgKljoYM2R7lLX8auN1NP4XBm
SDl9UbNdIFWNjXAuz2hH1WXGlOQNU2/rEkDSklThhUh30U4ojzmZ0J9y9MN8v04=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org