Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/MGeSk6mJlhdNVO2WuHAOwOPRjmk.roa
File: MGeSk6mJlhdNVO2WuHAOwOPRjmk.roa (raw, json)
Hash identifier: asbu4qYEOQXL1X1Qa1cyjkDGY4n5g00QqcbcYxisAdA=
Subject key identifier: 30:67:92:93:A9:89:96:17:4D:54:ED:96:B8:70:0E:C0:E3:D1:8E:69
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018D6FBC1FCA28AC626B5ACA5BD4B822C966
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/MGeSk6mJlhdNVO2WuHAOwOPRjmk.roa
Signing time: Sat 03 Feb 2024 16:10:16 +0000
ROA not before: Sat 03 Feb 2024 16:10:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.46.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 10 Feb 2024 12:28:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6f:bc:1f:ca:28:ac:62:6b:5a:ca:5b:d4:b8:22:c9:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Feb 3 16:10:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30679293a98996174d54ed96b8700ec0e3d18e69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:9d:b5:d9:77:6d:2f:31:24:f1:4d:8b:aa:86:
08:e0:45:9d:37:42:1b:de:c8:ad:bc:81:17:6c:ef:
cc:67:cd:37:67:f9:5b:c8:c9:67:58:f5:44:25:43:
33:da:df:5e:ad:2d:0d:67:06:99:2f:85:d9:fd:91:
17:18:36:bc:95:3a:c9:1e:01:07:0d:82:11:89:ac:
e7:55:d0:c0:3f:42:20:c1:bc:f7:96:a8:b8:81:f1:
d8:2d:3b:a4:c1:12:cb:df:07:79:4c:df:89:75:27:
45:a1:0f:12:cb:c8:b7:d0:32:27:ac:ed:fc:55:a7:
e7:13:af:f2:1d:6f:93:63:9d:c2:fd:f4:23:50:0f:
bb:41:1f:80:38:64:d7:3f:35:b9:d3:19:f9:9b:80:
01:fc:c2:0f:e0:0b:22:a2:09:ce:59:29:72:bc:70:
d1:4a:e5:72:7f:fb:74:af:65:c0:66:45:5f:13:ee:
c0:e7:ea:18:d7:e8:65:ce:33:6b:fd:fd:a7:7a:24:
b6:c2:cb:cc:f1:ba:e9:44:82:e1:d2:86:77:8f:66:
b1:b9:63:82:4a:64:2f:bd:20:3d:98:c1:d7:c7:54:
1c:1f:97:38:eb:cc:f3:bb:08:c1:78:e9:ba:32:fc:
91:9c:8c:d3:32:0f:03:97:52:d3:94:8b:48:79:0e:
83:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:67:92:93:A9:89:96:17:4D:54:ED:96:B8:70:0E:C0:E3:D1:8E:69
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/MGeSk6mJlhdNVO2WuHAOwOPRjmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
89.46.3.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:17:5e:18:0d:dc:97:e4:ec:a6:08:e3:e0:fa:69:cd:54:7a:
fb:7f:48:24:3e:98:c6:89:a5:51:ef:22:28:c4:95:04:28:83:
42:9a:80:83:30:02:ea:ca:54:fb:5b:91:58:d0:a8:d6:9b:d0:
91:47:cd:62:89:0a:d7:0c:e5:a8:37:03:0c:1a:45:88:60:44:
4f:08:d2:68:8a:02:2b:b4:49:70:9e:5a:82:d7:26:5f:0f:4f:
95:b7:e1:67:6f:cf:f0:55:63:5b:3e:5c:6e:56:48:6c:a2:22:
c1:54:31:dd:33:d7:56:22:2f:db:03:ff:f5:9f:e3:24:26:e0:
0f:ad:e7:9a:57:9a:a4:c8:9c:82:5b:a9:da:b4:47:5f:55:c8:
4b:31:64:4d:a3:1e:a0:90:ca:1c:69:f8:f0:8d:f9:ee:ec:c5:
08:e4:e1:b0:5c:33:e7:93:ea:66:0c:f3:f5:78:90:66:20:7f:
69:97:af:39:be:ed:9d:1f:fd:0c:20:ad:c3:51:12:39:f8:d9:
d7:d2:30:de:c7:29:ba:cc:2c:3d:09:6d:d7:bc:9b:3f:3b:e0:
87:4b:10:cc:a3:71:81:b7:21:a7:50:6b:80:53:d7:47:a2:09:
f6:20:fa:65:ca:7b:da:58:dc:d1:a9:81:70:02:07:e0:f0:ec:
91:1a:a8:40
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY1vvB/KKKxia1rKW9S4IslmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMjAzMTYxMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDY3OTI5M2E5ODk5NjE3NGQ1NGVkOTZiODcwMGVjMGUzZDE4ZTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5212XdtLzEk8U2LqoYI4EWdN0Ib
3sitvIEXbO/MZ803Z/lbyMlnWPVEJUMz2t9erS0NZwaZL4XZ/ZEXGDa8lTrJHgEH
DYIRiaznVdDAP0Igwbz3lqi4gfHYLTukwRLL3wd5TN+JdSdFoQ8Sy8i30DInrO38
VafnE6/yHW+TY53C/fQjUA+7QR+AOGTXPzW50xn5m4AB/MIP4AsiognOWSlyvHDR
SuVyf/t0r2XAZkVfE+7A5+oY1+hlzjNr/f2neiS2wsvM8brpRILh0oZ3j2axuWOC
SmQvvSA9mMHXx1QcH5c468zzuwjBeOm6MvyRnIzTMg8Dl1LTlItIeQ6DzwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDBnkpOpiZYXTVTtlrhwDsDj0Y5pMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvTUdlU2s2bUpsaGROVk8yV3VIQU93T1BSam1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABZKlED
BAJZKlADBABZLgMwDQYJKoZIhvcNAQELBQADggEBADwXXhgN3Jfk7KYI4+D6ac1U
evt/SCQ+mMaJpVHvIijElQQog0KagIMwAurKVPtbkVjQqNab0JFHzWKJCtcM5ag3
AwwaRYhgRE8I0miKAiu0SXCeWoLXJl8PT5W34Wdvz/BVY1s+XG5WSGyiIsFUMd0z
11YiL9sD//Wf4yQm4A+t55pXmqTInIJbqdq0R19VyEsxZE2jHqCQyhxp+PCN+e7s
xQjk4bBcM+eT6mYM8/V4kGYgf2mXrzm+7Z0f/QwgrcNREjn42dfSMN7HKbrMLD0J
bde8mz874IdLEMyjcYG3IadQa4BT10eiCfYg+mXKe9pY3NGpgXACB+Dw7JEaqEA=
-----END CERTIFICATE-----
Generated at Sat Feb 10 13:12:41 2024 by rpki-client on console-fra.rpki-client.org