Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/I3G-8jejbwsz9QoZx9z8rZVVBRs.roa
File: I3G-8jejbwsz9QoZx9z8rZVVBRs.roa (raw, json)
Hash identifier: nEV1KVvclq7nqEK5orKDXqz1kvRZH99l+Ujp4T+Mg7A=
Subject key identifier: 23:71:BE:F2:37:A3:6F:0B:33:F5:0A:19:C7:DC:FC:AD:95:55:05:1B
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018C05E1512FD1DCF1B87F0CB5B6646DD037
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/I3G-8jejbwsz9QoZx9z8rZVVBRs.roa
Signing time: Sat 25 Nov 2023 09:48:21 +0000
ROA not before: Sat 25 Nov 2023 09:48:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 89.42.90.0/24 maxlen: 24
89.33.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Dec 2023 07:08:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:05:e1:51:2f:d1:dc:f1:b8:7f:0c:b5:b6:64:6d:d0:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 25 09:48:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2371bef237a36f0b33f50a19c7dcfcad9555051b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2c:a7:dc:bd:41:e2:9e:1b:9d:18:f6:ed:d9:
43:cf:95:fe:d7:72:85:89:73:27:96:8f:98:6a:9e:
d7:02:3c:a8:88:39:d1:f1:10:c1:e5:c9:22:0f:7e:
90:e4:4b:f1:29:8b:f5:bc:10:2b:ef:c6:af:2a:08:
90:61:19:28:ee:d9:c2:be:4d:87:fb:20:7d:a0:5f:
c2:4b:c1:11:dc:fb:5d:4c:8b:7b:f0:c2:d9:60:c9:
c5:54:1b:61:24:a0:ae:dc:ee:9c:f1:2d:c7:0f:72:
aa:36:9a:a4:01:bc:ba:c4:e3:96:48:fe:f3:54:b8:
71:be:92:5c:dd:72:72:5a:98:1c:f9:ff:42:27:7a:
7c:e8:dd:11:d4:dc:c8:73:17:35:d3:34:6b:15:7d:
57:34:9c:3d:41:d5:13:62:df:9b:18:80:2d:c2:1e:
ed:9b:d2:13:f5:b3:94:9b:cd:e9:59:18:6d:3c:e9:
01:19:06:7d:d7:76:56:80:25:28:ef:b8:6f:6a:1e:
cf:b0:ab:cc:79:1b:0f:da:ba:8e:fa:ed:f3:f8:9e:
34:d0:a0:f5:0e:fc:cc:ff:55:9e:9a:6f:d1:74:5f:
16:08:6c:80:8c:25:2f:ee:df:12:5d:06:b6:5a:64:
f0:ec:59:ec:76:a1:b5:13:7b:38:70:3d:36:0f:62:
0f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:71:BE:F2:37:A3:6F:0B:33:F5:0A:19:C7:DC:FC:AD:95:55:05:1B
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/I3G-8jejbwsz9QoZx9z8rZVVBRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.195.0/24
89.42.90.0/24
Signature Algorithm: sha256WithRSAEncryption
28:69:53:b3:0d:62:61:bb:a1:4b:95:05:e7:d1:4e:60:1c:0f:
1d:e9:bd:30:de:b0:54:f7:fd:74:77:0b:31:45:5b:09:e9:a8:
6f:b8:ee:c2:1c:70:5b:22:ee:83:23:ec:82:75:0d:3f:f8:eb:
9e:34:a3:54:6d:48:29:c1:4b:b9:68:72:2d:65:05:07:8e:ec:
73:56:0f:5e:73:e8:0d:98:d9:22:b5:bd:3f:8e:60:ba:a1:b9:
28:fc:45:6f:b2:b8:19:3e:05:b4:a8:99:53:24:d4:a4:d7:fd:
5d:dc:37:5d:b9:ff:35:d7:9b:11:3b:41:22:1c:00:6e:7a:ab:
57:74:4d:8f:ba:ec:83:d6:96:f9:ac:41:1e:3f:85:00:f5:1d:
c3:60:06:77:83:4e:24:79:81:b3:70:cf:b6:56:c7:47:56:89:
51:e0:41:ef:bd:9d:40:78:76:1e:fe:3c:7e:53:76:4a:4c:24:
d7:74:0c:7d:bd:c7:93:62:cc:5d:36:0f:80:52:40:a5:29:6d:
94:f8:66:3d:7d:25:11:50:bb:8c:bd:ba:46:ec:37:fa:3a:11:
46:be:52:f2:44:d0:fd:e7:21:ea:80:a6:35:f5:41:e3:fa:7d:
ac:07:86:d5:b6:d1:ed:13:db:6d:ef:be:f4:c4:99:70:a8:3d:
ed:f9:11:2d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwF4VEv0dzxuH8MtbZkbdA3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTI1MDk0ODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzcxYmVmMjM3YTM2ZjBiMzNmNTBhMTljN2RjZmNhZDk1NTUwNTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAziyn3L1B4p4bnRj27dlDz5X+13KF
iXMnlo+Yap7XAjyoiDnR8RDB5ckiD36Q5EvxKYv1vBAr78avKgiQYRko7tnCvk2H
+yB9oF/CS8ER3PtdTIt78MLZYMnFVBthJKCu3O6c8S3HD3KqNpqkAby6xOOWSP7z
VLhxvpJc3XJyWpgc+f9CJ3p86N0R1NzIcxc10zRrFX1XNJw9QdUTYt+bGIAtwh7t
m9IT9bOUm83pWRhtPOkBGQZ913ZWgCUo77hvah7PsKvMeRsP2rqO+u3z+J400KD1
DvzM/1Wemm/RdF8WCGyAjCUv7t8SXQa2WmTw7FnsdqG1E3s4cD02D2IPQwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCNxvvI3o28LM/UKGcfc/K2VVQUbMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvSTNHLThqZWpid3N6OVFvWng5ejhyWlZWQlJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSHDAwQA
WSpaMA0GCSqGSIb3DQEBCwUAA4IBAQAoaVOzDWJhu6FLlQXn0U5gHA8d6b0w3rBU
9/10dwsxRVsJ6ahvuO7CHHBbIu6DI+yCdQ0/+OueNKNUbUgpwUu5aHItZQUHjuxz
Vg9ec+gNmNkitb0/jmC6obko/EVvsrgZPgW0qJlTJNSk1/1d3Ddduf8115sRO0Ei
HABueqtXdE2PuuyD1pb5rEEeP4UA9R3DYAZ3g04keYGzcM+2VsdHVolR4EHvvZ1A
eHYe/jx+U3ZKTCTXdAx9vceTYsxdNg+AUkClKW2U+GY9fSURULuMvbpG7Df6OhFG
vlLyRND95yHqgKY19UHj+n2sB4bVttHtE9tt7770xJlwqD3t+REt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:49 2024 by rpki-client on console-ams.rpki-client.org