Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/M6sXWe5a05X_WkBOJKYz6qC87RY.roa
File: M6sXWe5a05X_WkBOJKYz6qC87RY.roa (raw, json)
Hash identifier: +38CjMIpbbFbV67M46HyJLEXt9GXZ/9gSsS7o9/D3KA=
Subject key identifier: 33:AB:17:59:EE:5A:D3:95:FF:5A:40:4E:24:A6:33:EA:A0:BC:ED:16
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018A6E562854706E03C8DC90C53FFCFD0692
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/M6sXWe5a05X_WkBOJKYz6qC87RY.roa
Signing time: Thu 07 Sep 2023 06:30:54 +0000
ROA not before: Thu 07 Sep 2023 06:30:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.82.0/23 maxlen: 23
89.42.80.0/23 maxlen: 23
89.37.197.0/24 maxlen: 24
89.33.192.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6e:56:28:54:70:6e:03:c8:dc:90:c5:3f:fc:fd:06:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Sep 7 06:30:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33ab1759ee5ad395ff5a404e24a633eaa0bced16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ba:17:9d:99:b0:5b:e2:1b:52:f0:36:8b:fc:
2a:f6:c6:12:e2:3e:8a:69:64:9a:1a:04:9c:26:c6:
75:ad:47:d1:14:14:c3:26:cf:8e:f9:9c:e9:e3:05:
ae:48:b0:63:ae:b8:96:3c:24:17:c5:3e:37:fb:9f:
7e:17:f0:da:3f:2c:fe:57:d7:d4:e6:42:8c:f1:f7:
3c:2f:dc:d9:d3:bc:e0:b1:a2:07:60:eb:e5:a1:67:
f8:8b:7a:6b:43:fd:73:59:1e:da:18:bb:61:04:cb:
47:1a:5a:05:83:a8:f0:70:9b:62:5d:f6:e7:32:be:
e5:04:80:96:dc:16:c3:21:25:0f:6d:ef:1c:c4:44:
21:17:1f:a7:04:42:95:24:72:67:5a:e4:59:e3:ee:
e6:ca:f0:33:ef:ee:29:a4:31:bc:05:b2:85:06:d9:
96:de:50:b4:a0:9d:73:d1:29:62:2e:6c:0b:6b:27:
47:38:85:41:87:95:75:b6:12:43:79:77:e1:8b:fb:
d3:a2:5e:c9:a2:b2:c9:ad:eb:a2:e1:e9:69:5b:3f:
e0:f0:5e:5c:17:d1:f5:0f:67:c3:fc:1f:9c:83:75:
4e:89:19:88:25:b9:ba:75:24:e9:55:72:e9:05:1f:
5c:49:d6:38:8c:be:e1:17:58:58:9f:d4:f1:26:3d:
a5:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:AB:17:59:EE:5A:D3:95:FF:5A:40:4E:24:A6:33:EA:A0:BC:ED:16
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/M6sXWe5a05X_WkBOJKYz6qC87RY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.192.0/24
89.37.197.0/24
89.42.80.0/22
Signature Algorithm: sha256WithRSAEncryption
72:b2:54:df:de:b1:4a:42:6d:45:6a:ec:ee:d5:12:d5:d7:ac:
6c:ae:57:b1:50:1e:03:bd:4d:aa:c9:79:2d:c3:44:71:09:e2:
72:8e:d0:e2:fd:ee:17:57:f9:7a:81:8a:65:50:d7:8d:af:fc:
ab:ed:a8:b5:73:d3:a0:8d:1a:1b:6a:72:ac:de:2c:4e:b2:0c:
b3:5a:5a:56:93:86:e1:13:16:c2:b8:3c:f7:04:2b:16:c0:ae:
fa:a3:4b:f0:09:cf:c3:f6:6b:6b:15:ca:83:67:60:d4:c8:ee:
bc:8a:99:6b:bd:3c:91:45:50:f6:76:d3:2a:c3:20:d9:90:b4:
0d:2e:44:4d:10:16:85:ea:5f:4f:6b:ff:c1:50:7b:3e:a1:af:
8c:15:69:cd:ec:52:42:97:a9:f7:cb:27:81:c8:2f:f4:d2:f2:
f9:a7:3d:61:7b:79:82:80:16:d6:f1:55:7d:d3:ae:78:96:67:
f4:57:fe:7d:c0:10:a2:8c:44:93:87:27:80:5b:da:9b:61:87:
72:2c:7f:9d:74:e8:b7:4c:32:f6:ca:20:26:40:68:13:e3:0d:
83:0a:57:97:bd:fd:6a:60:9f:09:98:76:0d:72:89:2b:8a:3f:
69:42:4a:fe:0f:d1:5b:da:90:16:5e:a9:19:a7:b6:c6:a8:04:
6d:eb:fb:68
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYpuVihUcG4DyNyQxT/8/QaSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwOTA3MDYzMDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2FiMTc1OWVlNWFkMzk1ZmY1YTQwNGUyNGE2MzNlYWEwYmNlZDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnroXnZmwW+IbUvA2i/wq9sYS4j6K
aWSaGgScJsZ1rUfRFBTDJs+O+Zzp4wWuSLBjrriWPCQXxT43+59+F/DaPyz+V9fU
5kKM8fc8L9zZ07zgsaIHYOvloWf4i3prQ/1zWR7aGLthBMtHGloFg6jwcJtiXfbn
Mr7lBICW3BbDISUPbe8cxEQhFx+nBEKVJHJnWuRZ4+7myvAz7+4ppDG8BbKFBtmW
3lC0oJ1z0SliLmwLaydHOIVBh5V1thJDeXfhi/vTol7JorLJreui4elpWz/g8F5c
F9H1D2fD/B+cg3VOiRmIJbm6dSTpVXLpBR9cSdY4jL7hF1hYn9TxJj2l0wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDOrF1nuWtOV/1pATiSmM+qgvO0WMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvTTZzWFdlNWEwNVhfV2tCT0pLWXo2cUM4N1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSHAAwQA
WSXFAwQCWSpQMA0GCSqGSIb3DQEBCwUAA4IBAQByslTf3rFKQm1Fauzu1RLV16xs
rlexUB4DvU2qyXktw0RxCeJyjtDi/e4XV/l6gYplUNeNr/yr7ai1c9OgjRobanKs
3ixOsgyzWlpWk4bhExbCuDz3BCsWwK76o0vwCc/D9mtrFcqDZ2DUyO68iplrvTyR
RVD2dtMqwyDZkLQNLkRNEBaF6l9Pa//BUHs+oa+MFWnN7FJCl6n3yyeByC/00vL5
pz1he3mCgBbW8VV90654lmf0V/59wBCijESThyeAW9qbYYdyLH+ddOi3TDL2yiAm
QGgT4w2DCleXvf1qYJ8JmHYNcokrij9pQkr+D9Fb2pAWXqkZp7bGqARt6/to
-----END CERTIFICATE-----
Generated at Sun Sep 17 07:52:04 2023 by rpki-client on console-fra.rpki-client.org