Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/IEZuqxXV4wUGhNoihAd9eJwunSs.roa
File: IEZuqxXV4wUGhNoihAd9eJwunSs.roa (raw, json)
Hash identifier: iwdlR4YgZ2UyajH53TgtTmu6fdK11VPFe3BoM/yvJrg=
Subject key identifier: 20:46:6E:AB:15:D5:E3:05:06:84:DA:22:84:07:7D:78:9C:2E:9D:2B
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01856ECB722B5F8EBAC9427A517F8049488B
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/IEZuqxXV4wUGhNoihAd9eJwunSs.roa
Signing time: Sun 01 Jan 2023 19:25:04 +0000
ROA not before: Sun 01 Jan 2023 19:25:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34630
IP address blocks: 89.42.80.0/21 maxlen: 21
89.42.88.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 01 Feb 2023 12:15:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:72:2b:5f:8e:ba:c9:42:7a:51:7f:80:49:48:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 19:25:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20466eab15d5e3050684da2284077d789c2e9d2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c0:9e:03:8a:0a:6b:03:c8:82:42:6d:a9:b3:
76:4a:05:c0:82:6c:2d:2c:5e:06:fd:12:6c:37:6f:
0f:36:b4:09:46:f3:b2:43:42:81:f5:cf:cf:17:b5:
c6:4e:0b:b4:c2:ed:8c:c8:1a:c5:79:eb:15:2b:7d:
63:a6:81:bd:08:b9:36:02:b5:48:c1:33:87:53:14:
1f:92:9b:08:fe:d7:77:1a:1c:c4:6b:b9:92:4d:4e:
49:4a:67:c4:32:0a:b5:1a:57:ec:3e:04:99:0d:7d:
75:03:26:01:e0:de:e7:66:59:dc:16:13:9f:21:5f:
8d:fb:a4:e3:2b:18:df:be:98:c7:7e:67:f1:54:2e:
c9:63:3f:9c:c2:d1:ff:cd:04:b5:f2:ab:2c:5d:00:
23:2d:f3:77:aa:06:f2:5b:a6:e2:39:58:14:e7:b2:
0a:5b:9e:42:8e:e9:0d:a4:eb:43:f3:08:6b:60:91:
80:63:5b:44:a2:2c:29:2c:ff:98:ee:7d:0b:26:6b:
fa:08:2a:af:d2:c1:92:8f:47:52:37:8d:f3:7a:94:
56:f7:36:e7:1f:08:1e:76:57:f1:40:ed:a7:65:a1:
88:2e:79:d8:85:a5:9d:5c:2e:ef:0b:a9:66:bf:b0:
06:40:15:e4:d0:8c:5e:c5:b6:d8:ff:0f:55:b4:15:
98:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:46:6E:AB:15:D5:E3:05:06:84:DA:22:84:07:7D:78:9C:2E:9D:2B
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/IEZuqxXV4wUGhNoihAd9eJwunSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.80.0/20
Signature Algorithm: sha256WithRSAEncryption
70:26:94:f9:99:c3:7d:5b:97:49:35:30:23:11:fd:98:bd:54:
28:6c:90:12:57:e9:ae:cf:16:ed:b6:17:a6:8e:ad:3f:7a:ab:
67:2f:cb:6e:6c:0b:42:2a:29:19:d7:85:44:61:f2:04:ac:1c:
d3:90:07:f4:8f:5c:f8:0b:2e:11:44:c7:13:5c:f4:2a:e5:bf:
18:44:ce:37:0d:b0:94:0c:49:4a:e0:bc:b7:a0:21:ae:18:ac:
59:59:7f:a2:49:48:6a:e0:3c:dd:0e:ef:bb:de:c3:51:5b:c3:
04:fc:89:f3:e8:22:0e:e6:ab:b2:80:ad:09:4a:da:34:66:64:
3c:99:b5:90:5d:32:ba:4b:4f:c1:ce:d1:4a:b6:eb:04:a6:a8:
ef:f7:fd:e5:a2:b9:f3:d6:b5:83:b3:ce:24:e6:5c:33:4c:ed:
ef:46:36:24:e1:ee:23:19:ca:45:5d:59:fd:f8:a5:93:af:b0:
1b:26:c6:9c:94:22:38:96:3c:3a:18:b8:57:c8:bf:6e:d5:78:
0e:24:16:33:8f:af:4f:d5:2f:95:a9:00:56:f5:f4:b4:d1:c0:
6f:38:63:d8:ee:b7:fe:40:52:4e:5f:9c:5c:12:e4:5b:68:2f:
11:4d:8c:80:b6:fc:e8:9a:30:06:36:a4:f0:44:20:b3:90:ef:
ee:3c:f1:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuy3IrX466yUJ6UX+ASUiLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwMTAxMTkyNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDQ2NmVhYjE1ZDVlMzA1MDY4NGRhMjI4NDA3N2Q3ODljMmU5ZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA08CeA4oKawPIgkJtqbN2SgXAgmwt
LF4G/RJsN28PNrQJRvOyQ0KB9c/PF7XGTgu0wu2MyBrFeesVK31jpoG9CLk2ArVI
wTOHUxQfkpsI/td3GhzEa7mSTU5JSmfEMgq1GlfsPgSZDX11AyYB4N7nZlncFhOf
IV+N+6TjKxjfvpjHfmfxVC7JYz+cwtH/zQS18qssXQAjLfN3qgbyW6biOVgU57IK
W55CjukNpOtD8whrYJGAY1tEoiwpLP+Y7n0LJmv6CCqv0sGSj0dSN43zepRW9zbn
HwgedlfxQO2nZaGILnnYhaWdXC7vC6lmv7AGQBXk0IxexbbY/w9VtBWYkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCBGbqsV1eMFBoTaIoQHfXicLp0rMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvSUVadXF4WFY0d1VHaE5vaWhBZDllSnd1blNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEWSpQMA0G
CSqGSIb3DQEBCwUAA4IBAQBwJpT5mcN9W5dJNTAjEf2YvVQobJASV+muzxbtthem
jq0/eqtnL8tubAtCKikZ14VEYfIErBzTkAf0j1z4Cy4RRMcTXPQq5b8YRM43DbCU
DElK4Ly3oCGuGKxZWX+iSUhq4DzdDu+73sNRW8ME/Inz6CIO5quygK0JSto0ZmQ8
mbWQXTK6S0/BztFKtusEpqjv9/3lornz1rWDs84k5lwzTO3vRjYk4e4jGcpFXVn9
+KWTr7AbJsaclCI4ljw6GLhXyL9u1XgOJBYzj69P1S+VqQBW9fS00cBvOGPY7rf+
QFJOX5xcEuRbaC8RTYyAtvzomjAGNqTwRCCzkO/uPPGG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org