Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/IsX_a8FYYPo5I-Y81CAv2yXejjs.roa
File: IsX_a8FYYPo5I-Y81CAv2yXejjs.roa (raw, json)
Hash identifier: gljYDmZEaahUi/xqWt5HOe0w+5buqAHqMIZPIYxmDrU=
Subject key identifier: 22:C5:FF:6B:C1:58:60:FA:39:23:E6:3C:D4:20:2F:DB:25:DE:8E:3B
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018DE93E91A4C771C5DBDA188143F188EA36
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/IsX_a8FYYPo5I-Y81CAv2yXejjs.roa
Signing time: Tue 27 Feb 2024 06:26:48 +0000
ROA not before: Tue 27 Feb 2024 06:26:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.46.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Mar 2024 08:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e9:3e:91:a4:c7:71:c5:db:da:18:81:43:f1:88:ea:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Feb 27 06:26:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22c5ff6bc15860fa3923e63cd4202fdb25de8e3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:51:c5:85:47:11:02:86:00:8a:5c:d4:f3:a0:
38:92:76:0a:4d:bc:ad:e9:9f:c5:6e:65:fa:00:90:
80:cd:ab:d1:85:16:97:b6:e7:cc:8a:38:2a:77:46:
20:83:96:b7:84:8a:99:2b:0b:9e:4b:af:73:08:9c:
12:4e:27:ee:8b:19:cd:5e:b4:11:b5:9a:68:99:66:
b4:e9:a3:f0:48:27:e5:00:c5:1d:0c:c5:e1:99:c5:
3b:b7:aa:65:de:93:4e:4e:2c:d8:f7:79:2b:c7:c5:
ba:6a:2d:e2:cb:46:3c:0e:58:d2:20:81:d0:bc:3f:
4b:6f:22:20:4f:11:f1:78:78:85:a3:7d:ae:ec:f0:
29:a3:b0:ad:aa:6f:74:d0:39:5f:4b:68:e6:63:67:
be:92:c1:28:7c:52:d4:9e:67:c5:89:f9:07:22:ca:
d9:1a:31:a7:13:c4:4f:78:ff:41:f5:7a:53:14:39:
01:05:2d:b3:43:e0:f9:84:66:28:66:81:50:68:42:
6e:be:0b:3a:cd:e3:aa:35:b6:ba:c5:7f:9c:94:35:
f3:1f:47:92:77:28:9b:bc:b3:b8:01:62:2b:2c:ac:
48:54:4d:a6:de:d5:83:33:4c:d7:2e:a4:b2:cb:23:
00:cd:16:19:94:0b:f5:7e:f7:13:6c:b6:8a:74:65:
a5:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:C5:FF:6B:C1:58:60:FA:39:23:E6:3C:D4:20:2F:DB:25:DE:8E:3B
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/IsX_a8FYYPo5I-Y81CAv2yXejjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
89.46.3.0/24
Signature Algorithm: sha256WithRSAEncryption
63:31:38:4a:3f:40:2f:93:e1:4e:13:3d:d8:44:74:1b:35:6d:
dd:59:22:58:6b:18:c1:6d:ed:16:41:28:24:88:e7:da:88:55:
c7:f1:44:37:4b:a1:e5:70:1a:17:91:38:c8:54:fc:42:47:1e:
d1:4f:3c:fa:5a:52:36:36:e4:c6:85:dc:a9:96:8f:5d:29:1f:
00:a8:e5:04:e3:1f:6b:83:ca:9e:de:b4:3e:61:67:03:8b:68:
50:da:4e:aa:b2:26:80:f3:03:6c:e8:1d:7e:0d:77:fa:c6:68:
db:7a:d5:aa:52:c6:a4:a7:d2:b4:0b:2b:44:46:87:9c:bd:8d:
55:0f:c6:4a:81:77:6f:0b:98:45:5d:10:5d:34:35:16:a1:84:
9b:fd:f2:ef:80:5f:06:58:4c:7f:2d:82:c7:1f:61:67:64:0a:
16:5b:20:09:58:6e:83:c2:ef:f5:61:af:5d:c3:54:2b:7c:37:
a7:f4:f1:7f:8d:80:16:a3:3d:0c:24:76:21:5d:f3:6e:8c:bb:
14:07:f9:b8:c9:7c:39:3a:87:9b:ad:2d:c9:92:85:f3:8e:69:
89:48:54:ac:fa:55:ee:93:ae:fd:c3:8c:ac:af:73:d4:8e:2d:
2e:33:3c:bb:2e:fc:54:20:74:5e:dd:38:b7:c0:a8:45:20:1e:
04:f7:d3:25
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY3pPpGkx3HF29oYgUPxiOo2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMjI3MDYyNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmM1ZmY2YmMxNTg2MGZhMzkyM2U2M2NkNDIwMmZkYjI1ZGU4ZTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVHFhUcRAoYAilzU86A4knYKTbyt
6Z/FbmX6AJCAzavRhRaXtufMijgqd0Ygg5a3hIqZKwueS69zCJwSTifuixnNXrQR
tZpomWa06aPwSCflAMUdDMXhmcU7t6pl3pNOTizY93krx8W6ai3iy0Y8DljSIIHQ
vD9LbyIgTxHxeHiFo32u7PApo7Ctqm900DlfS2jmY2e+ksEofFLUnmfFifkHIsrZ
GjGnE8RPeP9B9XpTFDkBBS2zQ+D5hGYoZoFQaEJuvgs6zeOqNba6xX+clDXzH0eS
dyibvLO4AWIrLKxIVE2m3tWDM0zXLqSyyyMAzRYZlAv1fvcTbLaKdGWlVwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCLF/2vBWGD6OSPmPNQgL9sl3o47MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvSXNYX2E4RllZUG81SS1ZODFDQXYyeVhlampzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABZKlED
BAJZKlADBABZLgMwDQYJKoZIhvcNAQELBQADggEBAGMxOEo/QC+T4U4TPdhEdBs1
bd1ZIlhrGMFt7RZBKCSI59qIVcfxRDdLoeVwGheROMhU/EJHHtFPPPpaUjY25MaF
3KmWj10pHwCo5QTjH2uDyp7etD5hZwOLaFDaTqqyJoDzA2zoHX4Nd/rGaNt61apS
xqSn0rQLK0RGh5y9jVUPxkqBd28LmEVdEF00NRahhJv98u+AXwZYTH8tgscfYWdk
ChZbIAlYboPC7/Vhr13DVCt8N6f08X+NgBajPQwkdiFd826MuxQH+bjJfDk6h5ut
LcmShfOOaYlIVKz6Ve6Trv3DjKyvc9SOLS4zPLsu/FQgdF7dOLfAqEUgHgT30yU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org