Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/MCVFC3aNUqgHqBTMipmUF3t_-kY.roa
File: MCVFC3aNUqgHqBTMipmUF3t_-kY.roa (raw, json)
Hash identifier: zc7zDkdWFboN0+d3IQ+5guwJBb1V1QbKBEASxJ70UDI=
Subject key identifier: 30:25:45:0B:76:8D:52:A8:07:A8:14:CC:8A:99:94:17:7B:7F:FA:46
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018C15D666D89A0CEBC6371A6B52924FF209
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/MCVFC3aNUqgHqBTMipmUF3t_-kY.roa
Signing time: Tue 28 Nov 2023 12:10:21 +0000
ROA not before: Tue 28 Nov 2023 12:10:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.42.80.0/23 maxlen: 23
89.42.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Nov 2023 16:34:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:15:d6:66:d8:9a:0c:eb:c6:37:1a:6b:52:92:4f:f2:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 28 12:10:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3025450b768d52a807a814cc8a9994177b7ffa46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2a:5c:fe:1b:d0:21:e6:63:8a:8e:36:b6:29:
80:6b:ba:4b:8c:15:57:33:71:b0:c8:47:c2:03:10:
92:4a:34:c7:d2:55:a2:c4:a7:74:b4:67:0a:a6:be:
40:4a:34:9a:7f:a4:18:35:be:ae:a0:e7:06:9c:0b:
b0:40:91:1c:87:6a:45:1d:ed:da:fe:da:6e:8b:99:
d1:be:37:b5:8a:aa:e6:78:ec:8a:ba:44:15:0f:78:
e7:dd:24:5a:4b:53:2f:0e:66:93:30:41:39:e5:4a:
03:b7:27:56:9a:15:a9:2e:29:12:53:d7:5b:4b:6a:
30:5d:53:e6:60:a2:4f:9f:c8:02:da:58:fd:05:17:
fa:b1:9e:6f:28:6e:38:a9:20:19:64:46:85:42:b6:
3e:2e:d4:c8:07:a3:5a:b0:90:a9:cc:38:0e:da:79:
3b:12:30:f1:38:43:bc:50:2e:32:8c:32:95:92:ef:
74:eb:cf:c9:06:26:dc:c8:b6:d7:98:b8:4a:3d:4f:
f7:06:3b:7b:70:a0:d8:da:13:ce:6f:98:cc:05:ce:
97:d4:3d:d4:67:88:a1:06:bb:4c:14:e4:48:89:93:
9b:a5:85:f7:14:96:10:e9:0e:1f:e3:98:49:fe:72:
48:67:6d:bf:c6:bf:7a:48:5a:d5:a2:42:2a:78:78:
56:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:25:45:0B:76:8D:52:A8:07:A8:14:CC:8A:99:94:17:7B:7F:FA:46
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/MCVFC3aNUqgHqBTMipmUF3t_-kY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.80.0/22
89.42.94.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:c2:ce:6c:1b:bc:26:df:4b:12:9c:e2:fa:d9:8d:11:eb:1a:
af:6c:e1:59:d5:0e:71:e0:51:62:2e:c5:86:04:bf:fe:fc:95:
93:0a:b8:02:81:57:5c:69:d4:d0:b2:77:b2:55:98:bf:11:e4:
3a:d3:7f:7b:eb:d4:65:fb:08:da:87:94:90:83:ac:83:9e:b6:
96:11:d9:17:57:9e:ef:98:97:3c:7b:e8:20:b4:83:68:86:eb:
7f:da:bb:09:03:08:d5:77:03:99:c8:a9:b3:92:a7:f1:33:20:
29:8c:b4:18:3b:48:cf:47:79:97:e1:e8:1e:e4:2f:aa:bf:a5:
b3:e8:a7:93:57:61:fb:08:f5:02:eb:d2:9c:e0:3e:2a:9b:b5:
84:70:5f:f6:0e:06:e9:76:5d:20:c6:1b:19:4c:d8:a6:c0:a4:
4d:11:12:f3:9a:d5:46:f5:c0:77:5f:41:f2:c2:a9:71:5a:ca:
60:73:b4:e8:7e:7f:73:a4:d9:69:12:42:7f:0f:3d:6f:32:ef:
75:b1:d0:6a:51:7d:63:62:51:a7:f0:17:e7:db:53:cf:00:43:
a4:ee:44:87:3d:64:10:19:8c:4e:90:b4:4d:59:c7:7b:da:54:
20:63:ef:71:97:6c:2c:3b:bf:e4:9a:6e:5b:99:78:a9:ff:2f:
12:83:ca:c3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwV1mbYmgzrxjcaa1KST/IJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTI4MTIxMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDI1NDUwYjc2OGQ1MmE4MDdhODE0Y2M4YTk5OTQxNzdiN2ZmYTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnipc/hvQIeZjio42timAa7pLjBVX
M3GwyEfCAxCSSjTH0lWixKd0tGcKpr5ASjSaf6QYNb6uoOcGnAuwQJEch2pFHe3a
/tpui5nRvje1iqrmeOyKukQVD3jn3SRaS1MvDmaTMEE55UoDtydWmhWpLikSU9db
S2owXVPmYKJPn8gC2lj9BRf6sZ5vKG44qSAZZEaFQrY+LtTIB6NasJCpzDgO2nk7
EjDxOEO8UC4yjDKVku9068/JBibcyLbXmLhKPU/3Bjt7cKDY2hPOb5jMBc6X1D3U
Z4ihBrtMFORIiZObpYX3FJYQ6Q4f45hJ/nJIZ22/xr96SFrVokIqeHhWawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDAlRQt2jVKoB6gUzIqZlBd7f/pGMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvTUNWRkMzYU5VcWdIcUJUTWlwbVVGM3RfLWtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWSpQAwQA
WSpeMA0GCSqGSIb3DQEBCwUAA4IBAQB9ws5sG7wm30sSnOL62Y0R6xqvbOFZ1Q5x
4FFiLsWGBL/+/JWTCrgCgVdcadTQsneyVZi/EeQ6039769Rl+wjah5SQg6yDnraW
EdkXV57vmJc8e+ggtINohut/2rsJAwjVdwOZyKmzkqfxMyApjLQYO0jPR3mX4ege
5C+qv6Wz6KeTV2H7CPUC69Kc4D4qm7WEcF/2Dgbpdl0gxhsZTNimwKRNERLzmtVG
9cB3X0HywqlxWspgc7Tofn9zpNlpEkJ/Dz1vMu91sdBqUX1jYlGn8Bfn21PPAEOk
7kSHPWQQGYxOkLRNWcd72lQgY+9xl2wsO7/kmm5bmXip/y8Sg8rD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org