Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/OPiivug90QdPzYDc8w8j9Z8hLh4.roa
File: OPiivug90QdPzYDc8w8j9Z8hLh4.roa (raw, json)
Hash identifier: sAyNXvrucsOX2CAyi2SjtfQzeqAvam5k+eDobum0830=
Subject key identifier: 38:F8:A2:BE:E8:3D:D1:07:4F:CD:80:DC:F3:0F:23:F5:9F:21:2E:1E
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01925671261D7B4EEF5EEC335E2D034E74DD
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/OPiivug90QdPzYDc8w8j9Z8hLh4.roa
Signing time: Fri 04 Oct 2024 07:31:48 +0000
ROA not before: Fri 04 Oct 2024 07:31:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.47.114.0/24 maxlen: 24
93.114.90.0/24 maxlen: 24
93.114.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Oct 2024 16:44:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:56:71:26:1d:7b:4e:ef:5e:ec:33:5e:2d:03:4e:74:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 4 07:31:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38f8a2bee83dd1074fcd80dcf30f23f59f212e1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b2:48:52:36:da:67:0b:51:9b:5c:7e:dd:e6:
42:7e:83:fc:84:6f:d7:60:f6:1b:89:81:5c:08:be:
50:b3:41:03:7f:42:4d:94:83:42:0d:f1:d4:d4:37:
c5:37:8d:93:da:a9:d3:41:54:35:dc:6f:5f:30:75:
ab:49:3d:48:3c:2c:44:e4:a4:f0:9d:cf:6d:38:b8:
b8:30:64:02:fd:55:3c:bb:40:93:87:c3:01:39:18:
f7:04:2b:1e:58:75:ee:59:60:fd:2a:5b:e8:85:db:
fe:e1:7a:f2:8e:ad:17:7f:78:ce:85:e1:46:d7:f1:
e4:06:21:dd:66:7d:80:67:26:d0:3c:3e:98:f3:3a:
60:a3:a5:18:55:5a:eb:b9:4a:ee:d1:ff:10:e8:12:
e0:7d:b1:48:20:f9:8d:b6:86:71:0d:c4:e2:7b:68:
26:d0:d3:51:4d:f0:28:76:fd:91:30:53:dc:e2:15:
c9:7c:34:00:31:2a:ff:f7:13:2a:82:38:49:78:a4:
35:82:46:a6:01:e2:06:e0:ba:0f:29:0d:e8:d7:53:
66:77:1f:fc:fa:87:ff:1f:1c:43:fd:40:c8:a3:65:
76:02:b9:31:24:52:fc:1c:ac:d0:d0:48:f5:46:36:
4b:16:6e:06:3e:a5:dc:9b:b9:ca:3a:95:67:49:78:
66:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:F8:A2:BE:E8:3D:D1:07:4F:CD:80:DC:F3:0F:23:F5:9F:21:2E:1E
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/OPiivug90QdPzYDc8w8j9Z8hLh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
89.47.114.0/24
93.114.90.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:07:d2:4d:8a:4e:7b:15:8c:c5:1a:22:d9:a9:10:5a:a9:16:
34:35:e8:8a:f8:58:49:99:63:57:94:b3:0c:7c:d3:20:d4:d5:
1e:06:cd:dd:7b:bf:1c:64:8f:14:d0:36:4a:b1:0a:fe:dd:be:
9d:05:e7:22:af:c8:5d:00:b1:83:95:ac:91:25:58:95:3f:93:
28:3b:e2:d2:02:e6:b1:69:f5:27:4f:9b:2a:b9:3f:77:c9:0d:
88:13:4c:e1:43:8e:d4:e8:eb:fc:74:05:36:3d:de:1c:97:a8:
64:86:8b:44:3d:71:c7:9b:36:73:f0:f9:9a:ee:f0:7a:16:53:
d0:08:df:86:f3:ff:e8:23:90:a1:22:a1:a2:26:2a:47:3e:c3:
07:40:4b:45:27:21:f9:93:59:e0:dd:f7:6c:6c:24:0d:4b:0a:
eb:a8:d8:43:7f:cc:87:a0:75:3f:eb:86:c1:57:e8:28:cf:ba:
4a:e9:c3:41:f7:30:05:94:99:2c:91:65:97:e9:c2:f1:2c:d4:
94:ca:90:b8:f1:27:1d:3d:26:28:af:c4:48:ab:60:0a:99:f7:
dc:36:d2:64:01:59:5a:81:14:cb:da:34:44:a6:b5:04:e6:df:
c3:0c:fa:9f:89:86:4a:58:85:74:ea:c8:ef:d9:97:ae:f5:72:
ac:ad:7e:0c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZJWcSYde07vXuwzXi0DTnTdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQxMDA0MDczMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGY4YTJiZWU4M2RkMTA3NGZjZDgwZGNmMzBmMjNmNTlmMjEyZTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbJIUjbaZwtRm1x+3eZCfoP8hG/X
YPYbiYFcCL5Qs0EDf0JNlINCDfHU1DfFN42T2qnTQVQ13G9fMHWrST1IPCxE5KTw
nc9tOLi4MGQC/VU8u0CTh8MBORj3BCseWHXuWWD9Klvohdv+4Xryjq0Xf3jOheFG
1/HkBiHdZn2AZybQPD6Y8zpgo6UYVVrruUru0f8Q6BLgfbFIIPmNtoZxDcTie2gm
0NNRTfAodv2RMFPc4hXJfDQAMSr/9xMqgjhJeKQ1gkamAeIG4LoPKQ3o11Nmdx/8
+of/HxxD/UDIo2V2ArkxJFL8HKzQ0Ej1RjZLFm4GPqXcm7nKOpVnSXhmTQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDj4or7oPdEHT82A3PMPI/WfIS4eMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvT1BpaXZ1ZzkwUWRQellEYzh3OGo5WjhoTGg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABZKlED
BAJZKlADBABZL3IDBAFdclowDQYJKoZIhvcNAQELBQADggEBAFwH0k2KTnsVjMUa
ItmpEFqpFjQ16Ir4WEmZY1eUswx80yDU1R4Gzd17vxxkjxTQNkqxCv7dvp0F5yKv
yF0AsYOVrJElWJU/kyg74tIC5rFp9SdPmyq5P3fJDYgTTOFDjtTo6/x0BTY93hyX
qGSGi0Q9ccebNnPw+Zru8HoWU9AI34bz/+gjkKEioaImKkc+wwdAS0UnIfmTWeDd
92xsJA1LCuuo2EN/zIegdT/rhsFX6CjPukrpw0H3MAWUmSyRZZfpwvEs1JTKkLjx
Jx09JiivxEirYAqZ99w20mQBWVqBFMvaNESmtQTm38MM+p+JhkpYhXTqyO/Zl671
cqytfgw=
-----END CERTIFICATE-----
Generated at Fri Oct 4 21:12:40 2024 by rpki-client on console-ams.rpki-client.org