Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Ix1PqPb_AWAcjgrOYx2PVGGCkg4.roa
File: Ix1PqPb_AWAcjgrOYx2PVGGCkg4.roa (raw, json)
Hash identifier: wepECm9MkIngTtEZ8vhK7sLgbvnKh7utZS8SckXDRd4=
Subject key identifier: 23:1D:4F:A8:F6:FF:01:60:1C:8E:0A:CE:63:1D:8F:54:61:82:92:0E
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019189E3553E1A740C55E5A5526FEC53FEF5
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Ix1PqPb_AWAcjgrOYx2PVGGCkg4.roa
Signing time: Sun 25 Aug 2024 14:14:22 +0000
ROA not before: Sun 25 Aug 2024 14:14:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
93.113.180.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Aug 2024 08:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:89:e3:55:3e:1a:74:0c:55:e5:a5:52:6f:ec:53:fe:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Aug 25 14:14:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=231d4fa8f6ff01601c8e0ace631d8f546182920e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8e:23:69:00:de:4c:da:52:b3:10:9e:dd:6e:
ad:1c:92:5d:32:f0:25:7e:c6:2f:d0:76:54:36:5e:
5e:11:5e:26:0e:ea:a2:97:0e:27:a5:df:ff:95:24:
07:60:27:d2:89:9c:3c:f4:dd:b6:9f:76:20:4f:7a:
2a:19:bb:fd:53:0c:c2:a3:b1:c8:eb:ff:17:2b:82:
98:68:a5:83:6c:b7:55:de:ca:bf:79:66:7f:59:0b:
f2:86:c1:2d:78:79:7e:12:c5:17:33:e7:b5:15:c8:
c0:3a:a0:53:21:c1:51:80:f4:90:3b:85:e7:2c:f6:
83:c2:cd:1c:24:ed:aa:4b:f7:f5:dc:2e:9e:e8:81:
5e:8f:03:da:a9:3d:f1:19:83:d3:56:c4:31:dc:9a:
aa:1a:a0:a7:f0:42:a2:59:ce:dc:79:29:8d:4c:71:
d3:5c:d6:81:d1:5a:cc:59:b2:d8:d7:69:e0:bd:c5:
5e:96:e1:9b:4a:14:02:94:fa:f4:a4:de:eb:bb:f4:
03:2f:21:7b:58:50:b7:c1:1f:e4:a0:7f:e5:1d:c7:
bb:81:d2:8e:1c:88:30:64:b9:ef:e5:25:5f:29:3f:
83:8a:8d:4a:23:53:51:a7:ff:f8:e3:84:07:8c:7f:
ff:bd:f8:c9:75:7d:22:e2:97:b3:5c:62:ab:44:79:
34:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:1D:4F:A8:F6:FF:01:60:1C:8E:0A:CE:63:1D:8F:54:61:82:92:0E
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Ix1PqPb_AWAcjgrOYx2PVGGCkg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
93.113.180.0/24
Signature Algorithm: sha256WithRSAEncryption
10:da:0b:b5:99:ee:a4:ca:d3:ca:5a:2e:da:6d:9a:46:b2:44:
c9:37:3a:ea:d3:3e:83:35:b9:c7:6e:f3:01:70:84:83:cf:ba:
5a:49:1a:dc:7a:80:1e:97:8e:53:d0:32:e3:64:66:58:a3:fa:
1b:16:1a:0c:14:07:bd:12:03:bc:df:32:b1:4d:f1:33:5a:42:
5f:96:3b:c2:17:b1:a8:d6:d7:ea:27:fc:d5:90:36:d3:e3:4a:
0b:1e:31:7d:93:64:c1:c9:8a:55:4f:5e:1e:78:ae:cc:42:2c:
3d:bb:07:94:67:db:4f:9c:4d:31:ec:68:0a:10:48:37:f9:76:
35:a2:aa:3f:d2:3b:6d:5a:46:a7:2a:5e:80:b8:82:03:58:d5:
73:42:6b:10:68:50:da:70:13:0f:a9:b3:1f:87:32:09:ad:f5:
b9:e5:80:6d:67:cf:ba:c0:f4:49:40:83:a2:7a:b2:1c:bf:de:
70:d2:76:88:a4:78:63:30:08:95:8b:d1:1d:06:ea:4a:58:95:
d3:c0:eb:81:98:e4:01:5c:5f:e5:ef:f9:4d:4c:f3:68:69:ab:
e9:87:5a:5b:35:ab:ee:7e:22:fa:5b:b0:49:54:21:50:ef:e4:
fc:c9:d0:8a:43:2c:be:79:8a:79:67:31:36:12:ef:a2:23:8e:
75:24:77:78
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZGJ41U+GnQMVeWlUm/sU/71MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwODI1MTQxNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzFkNGZhOGY2ZmYwMTYwMWM4ZTBhY2U2MzFkOGY1NDYxODI5MjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk44jaQDeTNpSsxCe3W6tHJJdMvAl
fsYv0HZUNl5eEV4mDuqilw4npd//lSQHYCfSiZw89N22n3YgT3oqGbv9UwzCo7HI
6/8XK4KYaKWDbLdV3sq/eWZ/WQvyhsEteHl+EsUXM+e1FcjAOqBTIcFRgPSQO4Xn
LPaDws0cJO2qS/f13C6e6IFejwPaqT3xGYPTVsQx3JqqGqCn8EKiWc7ceSmNTHHT
XNaB0VrMWbLY12ngvcVeluGbShQClPr0pN7ru/QDLyF7WFC3wR/koH/lHce7gdKO
HIgwZLnv5SVfKT+Dio1KI1NRp//444QHjH//vfjJdX0i4pezXGKrRHk0dwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCMdT6j2/wFgHI4KzmMdj1RhgpIOMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvSXgxUHFQYl9BV0FjamdyT1l4MlBWR0dDa2c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABZKlED
BAJZKlADBABdcbQwDQYJKoZIhvcNAQELBQADggEBABDaC7WZ7qTK08paLtptmkay
RMk3OurTPoM1ucdu8wFwhIPPulpJGtx6gB6XjlPQMuNkZlij+hsWGgwUB70SA7zf
MrFN8TNaQl+WO8IXsajW1+on/NWQNtPjSgseMX2TZMHJilVPXh54rsxCLD27B5Rn
20+cTTHsaAoQSDf5djWiqj/SO21aRqcqXoC4ggNY1XNCaxBoUNpwEw+psx+HMgmt
9bnlgG1nz7rA9ElAg6J6shy/3nDSdoikeGMwCJWL0R0G6kpYldPA64GY5AFcX+Xv
+U1M82hpq+mHWls1q+5+IvpbsElUIVDv5PzJ0IpDLL55inlnMTYS76IjjnUkd3g=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:41:47 2024 by rpki-client on console-fra.rpki-client.org