Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/KZArQErjxBEzPG_f9KtKPXn4p1w.roa
File: KZArQErjxBEzPG_f9KtKPXn4p1w.roa (raw, json)
Hash identifier: SwCuJWXxzXqT1y5r5ejmoNdJKR1tzcn2rNrO6Q48h2Y=
Subject key identifier: 29:90:2B:40:4A:E3:C4:11:33:3C:6F:DF:F4:AB:4A:3D:79:F8:A7:5C
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018D45776F5DBABBD6E238EBB8C9DC3AE0FC
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/KZArQErjxBEzPG_f9KtKPXn4p1w.roa
Signing time: Fri 26 Jan 2024 11:11:11 +0000
ROA not before: Fri 26 Jan 2024 11:11:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.46.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 07:38:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:45:77:6f:5d:ba:bb:d6:e2:38:eb:b8:c9:dc:3a:e0:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 26 11:11:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29902b404ae3c411333c6fdff4ab4a3d79f8a75c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:7f:77:52:e1:65:8b:07:2b:f3:c8:e2:da:96:
4d:1e:09:bf:b9:00:b3:aa:aa:90:d9:c9:6d:1c:d6:
52:7b:41:db:d8:83:4e:cd:cb:a9:e5:de:96:62:8b:
c4:fa:0e:94:54:7a:db:3e:e6:bf:73:55:e3:c0:08:
7e:13:0d:84:06:63:0b:a3:00:61:28:72:6b:47:a6:
16:01:1d:9d:32:b9:3a:b1:97:83:39:8c:84:96:22:
11:0b:c1:01:44:37:cc:e7:42:2b:5c:ba:6c:6e:25:
af:e3:34:ce:bc:db:cb:45:83:e2:3b:5b:6c:e7:28:
5d:24:9e:f0:96:40:5c:d4:38:c4:38:52:c5:aa:71:
b2:65:68:27:4b:9f:57:61:a1:52:ca:15:29:3f:d7:
19:a4:14:ba:3b:e9:55:e0:2d:28:d0:57:4d:99:d2:
2b:1a:d3:23:0c:4a:9d:b7:a3:e3:b3:3b:25:78:c8:
58:02:d8:a0:48:d6:c6:6d:7c:0a:7d:6a:23:b2:4b:
0e:95:92:ed:89:7b:bc:ba:4e:4c:cf:c4:ea:fe:db:
d9:d3:60:98:bc:38:c6:2f:37:27:6b:6c:bd:ce:13:
81:9a:6f:ea:f8:91:95:4a:41:4d:db:44:d9:78:6b:
9a:83:63:8a:3e:98:65:f8:24:f9:9b:ad:56:82:ba:
8e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:90:2B:40:4A:E3:C4:11:33:3C:6F:DF:F4:AB:4A:3D:79:F8:A7:5C
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/KZArQErjxBEzPG_f9KtKPXn4p1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
89.46.3.0/24
Signature Algorithm: sha256WithRSAEncryption
83:d2:61:a9:0f:1a:b5:31:0b:26:fe:5c:31:e9:75:ea:51:2f:
ce:20:47:59:0f:b7:c9:05:77:a9:8a:b1:cd:62:cd:14:4d:f0:
f0:09:9a:6e:b0:c8:7a:19:09:04:88:6d:c0:e2:98:bc:99:73:
2b:c7:94:47:60:5b:1c:9e:f5:23:7b:48:68:c3:3e:2e:ea:5d:
81:a0:38:70:e6:2c:e1:e9:03:63:65:c4:ae:2f:4e:47:9f:93:
8e:ec:11:64:ed:69:c6:ee:75:05:59:03:7c:f0:fb:78:7b:91:
bd:6e:91:36:7c:60:29:f7:b2:13:91:59:b6:f2:9e:90:ca:b0:
30:55:2d:53:9e:e6:f0:31:f4:89:1a:0d:0c:06:91:a7:5c:49:
dc:cc:bc:c9:ea:39:a6:ff:85:5e:62:af:01:d3:d5:27:b6:57:
59:4e:24:08:6e:5c:7e:6e:10:e5:1f:ec:c3:4a:c0:d3:4d:d9:
98:9e:0f:41:7f:10:43:cc:5b:bd:e7:44:32:ad:94:e2:41:28:
92:74:67:89:2b:43:b2:12:20:96:17:81:8b:d8:90:72:a5:d0:
96:d7:fa:ea:f5:fd:00:55:23:f2:c1:f5:e8:c3:d2:4e:1c:76:
20:25:fd:30:e4:02:36:fa:8f:19:51:30:9b:2a:a9:a2:26:2b:
62:7c:4b:83
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY1Fd29durvW4jjruMncOuD8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTI2MTExMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTkwMmI0MDRhZTNjNDExMzMzYzZmZGZmNGFiNGEzZDc5ZjhhNzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhn93UuFliwcr88ji2pZNHgm/uQCz
qqqQ2cltHNZSe0Hb2INOzcup5d6WYovE+g6UVHrbPua/c1XjwAh+Ew2EBmMLowBh
KHJrR6YWAR2dMrk6sZeDOYyEliIRC8EBRDfM50IrXLpsbiWv4zTOvNvLRYPiO1ts
5yhdJJ7wlkBc1DjEOFLFqnGyZWgnS59XYaFSyhUpP9cZpBS6O+lV4C0o0FdNmdIr
GtMjDEqdt6PjszsleMhYAtigSNbGbXwKfWojsksOlZLtiXu8uk5Mz8Tq/tvZ02CY
vDjGLzcna2y9zhOBmm/q+JGVSkFN20TZeGuag2OKPphl+CT5m61WgrqOjQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCmQK0BK48QRMzxv3/SrSj15+KdcMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvS1pBclFFcmp4QkV6UEdfZjlLdEtQWG40cDF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABZKlED
BAJZKlADBABZLgMwDQYJKoZIhvcNAQELBQADggEBAIPSYakPGrUxCyb+XDHpdepR
L84gR1kPt8kFd6mKsc1izRRN8PAJmm6wyHoZCQSIbcDimLyZcyvHlEdgWxye9SN7
SGjDPi7qXYGgOHDmLOHpA2NlxK4vTkefk47sEWTtacbudQVZA3zw+3h7kb1ukTZ8
YCn3shORWbbynpDKsDBVLVOe5vAx9IkaDQwGkadcSdzMvMnqOab/hV5irwHT1Se2
V1lOJAhuXH5uEOUf7MNKwNNN2ZieD0F/EEPMW73nRDKtlOJBKJJ0Z4krQ7ISIJYX
gYvYkHKl0JbX+ur1/QBVI/LB9ejD0k4cdiAl/TDkAjb6jxlRMJsqqaImK2J8S4M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:49 2024 by rpki-client on console-ams.rpki-client.org