Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/I-ikHl2ArkObk80TzXr2OiINvQ4.roa
File: I-ikHl2ArkObk80TzXr2OiINvQ4.roa (raw, json)
Hash identifier: 54jylmodfcBUxNHYKsKwvXmrJz04rgx3GfhhqAqeFnM=
Subject key identifier: 23:E8:A4:1E:5D:80:AE:43:9B:93:CD:13:CD:7A:F6:3A:22:0D:BD:0E
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 0192586B6FB34EDC95FC844066945AB39E4F
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/I-ikHl2ArkObk80TzXr2OiINvQ4.roa
Signing time: Fri 04 Oct 2024 16:44:48 +0000
ROA not before: Fri 04 Oct 2024 16:44:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
93.114.90.0/24 maxlen: 24
93.114.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Oct 2024 08:18:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:58:6b:6f:b3:4e:dc:95:fc:84:40:66:94:5a:b3:9e:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 4 16:44:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23e8a41e5d80ae439b93cd13cd7af63a220dbd0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b6:b3:ab:51:dd:42:a1:29:80:5f:98:53:17:
72:9c:ff:8c:8d:b1:8d:47:62:ae:31:9a:4f:d0:cc:
a8:7c:f8:3b:90:71:1a:51:de:45:0f:2e:a2:57:fc:
c3:aa:86:22:2c:e8:00:e5:75:57:dc:58:61:6b:21:
cb:cf:ce:93:52:6f:21:41:52:4c:f9:b9:61:3a:67:
80:33:47:af:d5:a7:94:09:b2:67:ea:cd:34:82:8c:
6f:11:8f:1f:e4:01:7d:21:23:b4:57:3f:cf:b4:0b:
8f:9a:18:ce:92:f2:42:fa:5a:1b:71:6e:f8:d7:08:
10:b5:e9:eb:76:8d:7c:08:01:87:cd:43:0b:c5:0f:
60:02:1f:99:d5:2a:7a:70:78:bc:4b:04:92:57:c8:
41:a1:6c:6c:3f:69:f6:47:3e:c5:37:cd:af:aa:46:
52:5e:3b:ff:97:3c:36:e2:2d:c1:34:54:68:42:74:
86:a7:6a:b4:0b:4a:c7:af:ca:8b:7a:86:88:28:6c:
66:30:d5:61:41:73:a9:e8:fa:78:42:da:a5:37:46:
67:7c:2f:60:55:b8:ec:5b:48:3d:6a:c2:ed:37:63:
2e:a8:da:bd:98:76:95:58:d5:1e:27:70:a8:1a:2c:
a7:e5:d2:c4:0e:bd:21:df:58:9b:2a:34:ae:01:da:
68:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:E8:A4:1E:5D:80:AE:43:9B:93:CD:13:CD:7A:F6:3A:22:0D:BD:0E
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/I-ikHl2ArkObk80TzXr2OiINvQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
93.114.90.0/23
Signature Algorithm: sha256WithRSAEncryption
38:68:d2:32:30:b1:f1:33:e0:68:8b:6e:00:f0:2d:15:13:e2:
ba:5e:5f:b6:a0:c1:b0:0e:5c:20:ec:14:7b:2c:f8:a4:58:3e:
d8:a6:55:d2:bb:e9:21:3c:a7:3d:d7:fe:7d:5c:9e:41:b5:e8:
7f:29:8b:13:b3:1e:c6:66:bf:3d:89:52:26:81:16:2d:c9:0a:
ab:49:57:f0:77:b6:7a:5b:77:a2:56:df:3c:0a:93:de:0b:cb:
c6:d5:8b:ea:5a:18:3b:06:42:12:f2:ec:43:19:00:71:64:36:
e6:a1:51:6a:47:d9:af:a7:0c:a1:95:58:c3:91:d9:cd:05:14:
40:0c:c8:95:a9:f6:25:f8:17:a7:1d:1f:a8:2e:41:ff:64:9d:
43:a0:27:04:53:b5:f6:5e:9e:22:36:a5:c3:72:29:6b:7e:5b:
b4:5f:e4:1d:c8:6f:51:bb:cc:79:c8:a1:93:78:43:32:a8:6d:
6e:9d:1a:85:f9:b5:01:94:bd:1f:16:ea:c8:65:c7:6d:75:f8:
e2:3d:4a:ab:46:6d:be:56:93:01:e7:0f:67:d6:5d:dc:5b:2b:
9e:41:6a:ee:05:b8:c2:8b:d3:cc:71:91:45:bb:1e:06:7c:5c:
fa:de:e1:20:fb:39:bd:50:14:54:b7:78:6d:bf:dc:2b:6a:f8:
b3:b0:bf:da
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZJYa2+zTtyV/IRAZpRas55PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQxMDA0MTY0NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2U4YTQxZTVkODBhZTQzOWI5M2NkMTNjZDdhZjYzYTIyMGRiZDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7azq1HdQqEpgF+YUxdynP+MjbGN
R2KuMZpP0MyofPg7kHEaUd5FDy6iV/zDqoYiLOgA5XVX3FhhayHLz86TUm8hQVJM
+blhOmeAM0ev1aeUCbJn6s00goxvEY8f5AF9ISO0Vz/PtAuPmhjOkvJC+lobcW74
1wgQtenrdo18CAGHzUMLxQ9gAh+Z1Sp6cHi8SwSSV8hBoWxsP2n2Rz7FN82vqkZS
Xjv/lzw24i3BNFRoQnSGp2q0C0rHr8qLeoaIKGxmMNVhQXOp6Pp4QtqlN0ZnfC9g
VbjsW0g9asLtN2MuqNq9mHaVWNUeJ3CoGiyn5dLEDr0h31ibKjSuAdpoIQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCPopB5dgK5Dm5PNE8169joiDb0OMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvSS1pa0hsMkFya09iazgwVHpYcjJPaUlOdlE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABZKlED
BAJZKlADBAFdclowDQYJKoZIhvcNAQELBQADggEBADho0jIwsfEz4GiLbgDwLRUT
4rpeX7agwbAOXCDsFHss+KRYPtimVdK76SE8pz3X/n1cnkG16H8pixOzHsZmvz2J
UiaBFi3JCqtJV/B3tnpbd6JW3zwKk94Ly8bVi+paGDsGQhLy7EMZAHFkNuahUWpH
2a+nDKGVWMOR2c0FFEAMyJWp9iX4F6cdH6guQf9knUOgJwRTtfZeniI2pcNyKWt+
W7Rf5B3Ib1G7zHnIoZN4QzKobW6dGoX5tQGUvR8W6shlx211+OI9SqtGbb5WkwHn
D2fWXdxbK55Bau4FuMKL08xxkUW7HgZ8XPre4SD7Ob1QFFS3eG2/3Ctq+LOwv9o=
-----END CERTIFICATE-----
Generated at Fri Oct 11 13:27:57 2024 by rpki-client on console-ams.rpki-client.org