Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/K8lEMFmfaYwmxiXPr_rHIETi8A4.roa
File: K8lEMFmfaYwmxiXPr_rHIETi8A4.roa (raw, json)
Hash identifier: ++zJYjH2MRu1MhahvPp384eRMEUBEISTX/IeSAOmQx4=
Subject key identifier: 2B:C9:44:30:59:9F:69:8C:26:C6:25:CF:AF:FA:C7:20:44:E2:F0:0E
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018D92FD6238BD5352CEA3D36060CC42EDDF
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/K8lEMFmfaYwmxiXPr_rHIETi8A4.roa
Signing time: Sat 10 Feb 2024 12:28:15 +0000
ROA not before: Sat 10 Feb 2024 12:28:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.34.230.0/24 maxlen: 24
89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.46.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 16:18:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:92:fd:62:38:bd:53:52:ce:a3:d3:60:60:cc:42:ed:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Feb 10 12:28:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bc94430599f698c26c625cfaffac72044e2f00e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:3e:9a:18:09:5d:20:74:3b:6e:f7:aa:be:ce:
c0:39:23:98:b6:2a:7b:cc:0f:29:7d:aa:22:2b:21:
24:44:75:28:33:1f:b9:cd:0f:f8:af:f2:3c:23:e4:
7b:80:cf:44:6a:cf:dd:e9:6e:89:d6:63:c0:72:66:
b2:fb:29:6c:d6:d3:60:07:89:2a:cc:d4:87:c6:83:
26:23:97:ed:67:1a:34:47:4f:53:a3:39:42:47:80:
a3:37:da:69:1a:ef:74:af:35:b9:01:53:b2:57:08:
33:3b:dd:1a:fe:1d:91:fc:95:1d:f0:13:8d:64:bf:
9a:1d:45:13:34:cb:c1:b9:be:7b:15:fa:d2:4a:0a:
f7:56:21:4e:03:20:e0:a3:11:70:79:45:3e:1e:5a:
84:a3:02:9b:8f:b4:d2:f8:91:20:fa:c6:62:da:d7:
48:e4:a1:a9:c3:68:24:17:af:db:4e:db:3a:4c:84:
c9:ac:8e:47:6b:cb:8a:7a:05:c9:da:fa:e8:10:aa:
83:c5:a8:df:d7:e3:cb:04:fc:a2:8c:08:45:95:8c:
77:05:3c:5b:0c:da:81:e7:74:81:49:9a:42:04:ea:
59:58:6b:ba:dd:85:68:25:6c:f6:86:44:ab:db:a3:
c2:3f:05:d2:ad:1d:2d:56:7f:a4:c0:9c:8a:2f:24:
c3:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:C9:44:30:59:9F:69:8C:26:C6:25:CF:AF:FA:C7:20:44:E2:F0:0E
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/K8lEMFmfaYwmxiXPr_rHIETi8A4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.230.0/24
89.42.81.0-89.42.83.255
89.46.3.0/24
Signature Algorithm: sha256WithRSAEncryption
04:a9:ff:fb:ab:ed:86:a9:b8:cb:04:ac:48:c6:9d:57:28:ff:
0f:27:ba:be:31:3f:ed:25:09:c5:08:26:a1:31:fe:45:4e:d7:
e1:cf:f4:a3:26:b6:bd:bd:71:09:ac:4a:e8:2a:a3:af:22:9b:
9d:fa:3f:07:4f:66:b1:c4:06:26:4a:81:05:7f:3e:f9:3d:87:
36:c0:cd:c9:29:e2:1c:e2:69:0a:de:f0:b5:13:cf:91:d9:33:
4f:7e:dc:e8:9e:a6:79:c8:5a:a9:a1:b1:13:81:ad:21:dd:a1:
b5:bc:dc:1f:bc:6d:8a:ad:18:a8:41:4b:0b:1a:26:6b:0e:d3:
55:b9:53:f9:46:a7:ef:b3:05:60:d1:58:91:76:1d:50:a5:75:
d7:5e:40:0f:6d:00:3f:2e:c4:05:68:5d:36:98:bd:1d:69:c6:
5e:72:82:08:5d:a2:12:40:42:77:53:8a:64:99:30:fc:dd:ca:
a4:e1:13:1e:09:27:24:f6:9b:fa:85:10:c3:bc:4b:da:ba:ed:
6b:68:94:8d:a9:73:c4:79:15:b9:85:b1:bd:f8:6c:b3:67:84:
20:82:2e:76:df:9d:67:4e:65:33:9d:f5:93:57:eb:14:89:09:
41:ed:e6:ef:e3:1a:04:9a:9e:ab:f5:27:c6:e5:c2:70:ec:10:
07:cf:0e:1b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY2S/WI4vVNSzqPTYGDMQu3fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMjEwMTIyODE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmM5NDQzMDU5OWY2OThjMjZjNjI1Y2ZhZmZhYzcyMDQ0ZTJmMDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlj6aGAldIHQ7bveqvs7AOSOYtip7
zA8pfaoiKyEkRHUoMx+5zQ/4r/I8I+R7gM9Eas/d6W6J1mPAcmay+yls1tNgB4kq
zNSHxoMmI5ftZxo0R09TozlCR4CjN9ppGu90rzW5AVOyVwgzO90a/h2R/JUd8BON
ZL+aHUUTNMvBub57FfrSSgr3ViFOAyDgoxFweUU+HlqEowKbj7TS+JEg+sZi2tdI
5KGpw2gkF6/bTts6TITJrI5Ha8uKegXJ2vroEKqDxajf1+PLBPyijAhFlYx3BTxb
DNqB53SBSZpCBOpZWGu63YVoJWz2hkSr26PCPwXSrR0tVn+kwJyKLyTDAwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCvJRDBZn2mMJsYlz6/6xyBE4vAOMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvSzhsRU1GbWZhWXdteGlYUHJfckhJRVRpOEE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAWSLmMAwD
BABZKlEDBAJZKlADBABZLgMwDQYJKoZIhvcNAQELBQADggEBAASp//ur7YapuMsE
rEjGnVco/w8nur4xP+0lCcUIJqEx/kVO1+HP9KMmtr29cQmsSugqo68im536PwdP
ZrHEBiZKgQV/Pvk9hzbAzckp4hziaQre8LUTz5HZM09+3OiepnnIWqmhsROBrSHd
obW83B+8bYqtGKhBSwsaJmsO01W5U/lGp++zBWDRWJF2HVCldddeQA9tAD8uxAVo
XTaYvR1pxl5ygghdohJAQndTimSZMPzdyqThEx4JJyT2m/qFEMO8S9q67WtolI2p
c8R5FbmFsb34bLNnhCCCLnbfnWdOZTOd9ZNX6xSJCUHt5u/jGgSanqv1J8blwnDs
EAfPDhs=
-----END CERTIFICATE-----
Generated at Wed Feb 14 21:15:56 2024 by rpki-client on console-ams.rpki-client.org