Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/L1kOWqBnF9znudp9JcvmHJCDNtU.roa
File: L1kOWqBnF9znudp9JcvmHJCDNtU.roa (raw, json)
Hash identifier: qb6nyOZ82Kv+NCQ3p4ccUyJYzAr0UCOATcKZrSL04/Y=
Subject key identifier: 2F:59:0E:5A:A0:67:17:DC:E7:B9:DA:7D:25:CB:E6:1C:90:83:36:D5
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018B80B5E6C5F5AF98C8D45C89A58E6C482C
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/L1kOWqBnF9znudp9JcvmHJCDNtU.roa
Signing time: Mon 30 Oct 2023 13:11:26 +0000
ROA not before: Mon 30 Oct 2023 13:11:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 89.42.95.0/24 maxlen: 24
89.34.224.0/23 maxlen: 23
93.113.181.0/24 maxlen: 24
89.43.140.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:80:b5:e6:c5:f5:af:98:c8:d4:5c:89:a5:8e:6c:48:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 30 13:11:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f590e5aa06717dce7b9da7d25cbe61c908336d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ff:1a:39:5e:67:71:20:04:ee:0f:cc:d4:90:
73:d8:70:35:f4:15:8a:50:2e:e8:8d:fa:c3:2c:cc:
5b:c0:4f:30:07:34:3f:4f:03:6b:2d:e1:9f:df:04:
53:a4:cf:77:74:73:98:2e:d3:1b:e5:06:82:7e:06:
51:11:a8:a8:6f:16:55:b6:4b:8e:f6:f4:90:71:1e:
28:44:b5:40:82:d5:40:c1:99:ae:2a:46:63:e0:12:
12:52:35:8d:04:86:2c:bb:dd:f0:90:3f:be:12:b5:
6a:48:b2:4e:a3:32:4e:c2:41:96:d9:a0:c6:c5:0e:
21:6a:d0:c9:1c:93:6d:a3:c3:b7:8b:df:40:f5:cd:
23:22:4e:bc:d3:35:c0:18:b1:77:92:89:fd:db:92:
ac:69:4d:3c:6c:14:67:f3:54:88:b9:39:54:c4:ed:
c0:39:f8:9e:e8:f8:ba:99:d5:10:03:47:09:0c:04:
80:5b:6b:f0:ad:ee:40:74:bf:8f:85:f8:b7:d1:b7:
01:cb:7c:ee:64:e3:a5:b3:f1:b2:a7:18:58:03:bb:
74:46:cd:a8:bd:83:90:22:2e:34:77:71:37:a6:60:
03:63:06:31:62:fd:2d:f3:2a:15:12:75:6e:cd:18:
70:3c:d2:3f:b1:71:7c:ce:fa:01:8d:ad:82:aa:b3:
6a:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:59:0E:5A:A0:67:17:DC:E7:B9:DA:7D:25:CB:E6:1C:90:83:36:D5
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/L1kOWqBnF9znudp9JcvmHJCDNtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.224.0/23
89.42.95.0/24
89.43.140.0/24
93.113.181.0/24
Signature Algorithm: sha256WithRSAEncryption
13:af:00:8d:c2:89:98:95:c8:3d:57:a0:95:f4:e1:6e:25:3c:
a1:1b:74:fc:5a:a1:f6:17:96:76:32:a6:13:53:09:92:bd:70:
46:6d:27:36:aa:10:48:82:d8:86:50:cc:6f:57:fd:8d:16:7f:
6a:6c:d3:88:87:df:02:9f:66:c9:07:65:54:f1:68:00:25:a0:
9e:09:1f:51:6f:e4:78:0a:bc:70:53:01:e8:6f:9f:b8:0b:f4:
b2:61:86:b2:15:4a:3d:6f:20:10:ba:89:83:e2:58:f3:74:0b:
8d:3d:9b:f1:4e:6a:ae:c3:9a:a4:c2:5e:8c:d2:89:f6:6c:b2:
05:6f:a5:d2:65:b0:0e:26:02:76:fc:51:fb:21:a9:c9:3e:4c:
8a:33:38:8e:c0:57:ef:a8:48:97:44:c4:5e:4a:c5:6c:4a:c8:
9b:af:6d:8b:ac:80:43:ea:4a:05:8b:02:bc:97:cf:f4:44:a0:
34:5f:57:81:aa:2e:7d:5f:1b:a1:80:58:bc:b5:d0:63:79:d4:
bc:5c:66:27:18:3f:72:13:ee:5f:2f:b8:ab:a5:70:30:f6:f4:
9f:21:89:78:b0:fe:64:97:ba:7c:41:90:ff:b0:bb:96:87:0c:
5c:f0:71:6d:19:13:59:87:03:30:d2:95:b2:a9:c4:d0:f0:ec:
76:ae:c5:72
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYuAtebF9a+YyNRciaWObEgsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMDMwMTMxMTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjU5MGU1YWEwNjcxN2RjZTdiOWRhN2QyNWNiZTYxYzkwODMzNmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqv8aOV5ncSAE7g/M1JBz2HA19BWK
UC7ojfrDLMxbwE8wBzQ/TwNrLeGf3wRTpM93dHOYLtMb5QaCfgZREaiobxZVtkuO
9vSQcR4oRLVAgtVAwZmuKkZj4BISUjWNBIYsu93wkD++ErVqSLJOozJOwkGW2aDG
xQ4hatDJHJNto8O3i99A9c0jIk680zXAGLF3kon925KsaU08bBRn81SIuTlUxO3A
Ofie6Pi6mdUQA0cJDASAW2vwre5AdL+Phfi30bcBy3zuZOOls/GypxhYA7t0Rs2o
vYOQIi40d3E3pmADYwYxYv0t8yoVEnVuzRhwPNI/sXF8zvoBja2CqrNqBQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC9ZDlqgZxfc57nafSXL5hyQgzbVMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvTDFrT1dxQm5GOXpudWRwOUpjdm1ISkNETnRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBWSLgAwQA
WSpfAwQAWSuMAwQAXXG1MA0GCSqGSIb3DQEBCwUAA4IBAQATrwCNwomYlcg9V6CV
9OFuJTyhG3T8WqH2F5Z2MqYTUwmSvXBGbSc2qhBIgtiGUMxvV/2NFn9qbNOIh98C
n2bJB2VU8WgAJaCeCR9Rb+R4CrxwUwHob5+4C/SyYYayFUo9byAQuomD4ljzdAuN
PZvxTmquw5qkwl6M0on2bLIFb6XSZbAOJgJ2/FH7IanJPkyKMziOwFfvqEiXRMRe
SsVsSsibr22LrIBD6koFiwK8l8/0RKA0X1eBqi59XxuhgFi8tdBjedS8XGYnGD9y
E+5fL7irpXAw9vSfIYl4sP5kl7p8QZD/sLuWhwxc8HFtGRNZhwMw0pWyqcTQ8Ox2
rsVy
-----END CERTIFICATE-----
Generated at Tue Nov 7 07:39:11 2023 by rpki-client on console-ams.rpki-client.org