Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/M2M6AGk8yP_nvLGwLpKJ4WpelzE.roa
File: M2M6AGk8yP_nvLGwLpKJ4WpelzE.roa (raw, json)
Hash identifier: 7LKYr8DCy18q0Js8n9Z0wbEBg+X/JLU8rQ62zeZ3IME=
Subject key identifier: 33:63:3A:00:69:3C:C8:FF:E7:BC:B1:B0:2E:92:89:E1:6A:5E:97:31
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018D639AA790E1F443090CC7A2FCCA333602
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/M2M6AGk8yP_nvLGwLpKJ4WpelzE.roa
Signing time: Thu 01 Feb 2024 07:38:16 +0000
ROA not before: Thu 01 Feb 2024 07:38:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.42.82.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 11:07:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:63:9a:a7:90:e1:f4:43:09:0c:c7:a2:fc:ca:33:36:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Feb 1 07:38:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33633a00693cc8ffe7bcb1b02e9289e16a5e9731
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:09:65:0b:7f:64:1e:d7:c2:34:6b:e9:62:ff:
50:64:b5:d6:e5:f3:1d:19:a4:d4:cd:d5:93:4f:a5:
53:4d:4d:b4:57:e9:ce:fb:95:d6:5e:72:61:51:ee:
50:02:59:80:5a:29:80:72:00:fc:e2:98:42:3a:9d:
94:e6:1b:0e:e2:ef:55:6a:e6:43:0d:6a:30:36:ee:
09:e4:c0:96:82:1e:bc:00:5c:38:12:8b:f1:15:af:
49:f5:fa:2a:cb:7e:26:db:2a:bd:19:a1:c2:d1:cf:
7e:55:89:be:f0:ae:ea:58:fb:34:8c:45:a6:04:bf:
0e:a6:af:50:bc:a2:a3:42:23:34:09:4d:df:19:3e:
f9:6c:99:ab:ad:92:5e:aa:db:bc:e4:67:ff:39:fd:
67:d5:38:59:9d:9c:99:6f:f4:b2:b0:18:69:38:09:
a1:8b:ab:26:e8:9e:da:06:04:dc:15:78:df:2e:d7:
7a:83:a0:a9:4a:56:cf:cf:81:b5:70:4d:b6:3a:ba:
ef:4e:56:d8:0e:e8:f0:82:65:23:a7:32:8e:85:ea:
3a:fd:09:6d:70:11:50:87:c3:5c:b8:1f:0c:82:31:
b3:0d:92:de:63:85:56:3e:87:ab:9b:a9:7e:86:f0:
f5:e2:ef:c0:8a:d3:36:ff:06:bf:a8:a1:f6:32:2d:
ed:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:63:3A:00:69:3C:C8:FF:E7:BC:B1:B0:2E:92:89:E1:6A:5E:97:31
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/M2M6AGk8yP_nvLGwLpKJ4WpelzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
89.46.3.0/24
Signature Algorithm: sha256WithRSAEncryption
50:90:49:a5:a2:c3:65:33:20:a3:0a:a8:ce:f4:3c:0c:59:23:
52:72:67:51:94:f8:87:f5:e0:52:c5:9b:47:c8:4d:0e:32:c8:
e2:48:9e:4a:17:49:cd:08:75:72:86:8f:cd:03:74:29:c3:f4:
75:e7:dc:3e:ae:c0:af:a4:c0:e3:36:67:2d:59:30:07:bd:de:
49:03:1d:7e:6a:49:6e:94:93:ba:b7:cb:a5:47:4d:63:c0:8f:
99:e2:18:da:07:ae:07:ca:e1:ff:c9:9c:71:e7:13:cf:4b:ce:
65:47:fc:fe:f5:dd:b6:fb:b5:7b:67:a4:4b:ed:b9:31:a0:79:
29:38:c7:d0:3a:4b:66:6c:cf:ea:73:50:d7:8f:69:ae:82:0b:
fb:c2:97:c7:06:ce:d1:c4:4d:3e:34:df:d1:b1:34:4a:35:77:
d9:3e:09:64:ef:9b:d2:00:b5:6c:7a:b3:0f:eb:4a:14:77:27:
7a:75:3d:bb:49:3e:fd:41:bf:98:45:e8:71:f7:4c:65:21:4f:
13:86:15:f8:7d:9a:56:07:6b:77:63:4e:15:73:b2:56:9b:d0:
b8:68:95:7c:88:90:b3:24:a6:3d:22:9a:72:6e:65:24:d1:47:
e6:86:14:92:39:56:70:49:58:e6:62:52:35:ca:94:37:f4:11:
1d:a0:cd:eb
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY1jmqeQ4fRDCQzHovzKMzYCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMjAxMDczODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzYzM2EwMDY5M2NjOGZmZTdiY2IxYjAyZTkyODllMTZhNWU5NzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAllC39kHtfCNGvpYv9QZLXW5fMd
GaTUzdWTT6VTTU20V+nO+5XWXnJhUe5QAlmAWimAcgD84phCOp2U5hsO4u9VauZD
DWowNu4J5MCWgh68AFw4EovxFa9J9foqy34m2yq9GaHC0c9+VYm+8K7qWPs0jEWm
BL8Opq9QvKKjQiM0CU3fGT75bJmrrZJeqtu85Gf/Of1n1ThZnZyZb/SysBhpOAmh
i6sm6J7aBgTcFXjfLtd6g6CpSlbPz4G1cE22OrrvTlbYDujwgmUjpzKOheo6/Qlt
cBFQh8NcuB8MgjGzDZLeY4VWPoerm6l+hvD14u/AitM2/wa/qKH2Mi3tSwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDNjOgBpPMj/57yxsC6SieFqXpcxMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvTTJNNkFHazh5UF9udkxHd0xwS0o0V3BlbHpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABZKlED
BAJZKlADBABZLgMwDQYJKoZIhvcNAQELBQADggEBAFCQSaWiw2UzIKMKqM70PAxZ
I1JyZ1GU+If14FLFm0fITQ4yyOJInkoXSc0IdXKGj80DdCnD9HXn3D6uwK+kwOM2
Zy1ZMAe93kkDHX5qSW6Uk7q3y6VHTWPAj5niGNoHrgfK4f/JnHHnE89LzmVH/P71
3bb7tXtnpEvtuTGgeSk4x9A6S2Zsz+pzUNePaa6CC/vCl8cGztHETT4039GxNEo1
d9k+CWTvm9IAtWx6sw/rShR3J3p1PbtJPv1Bv5hF6HH3TGUhTxOGFfh9mlYHa3dj
ThVzslab0LholXyIkLMkpj0imnJuZSTRR+aGFJI5VnBJWOZiUjXKlDf0ER2gzes=
-----END CERTIFICATE-----
Generated at Thu Feb 1 16:11:03 2024 by rpki-client on console-fra.rpki-client.org