Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/PMhJH_XpGWS3-4c2nZeorDe2g6c.roa
File: PMhJH_XpGWS3-4c2nZeorDe2g6c.roa (raw, json)
Hash identifier: OYkKR3NirQdLE8n5RovwEHlRXsFRscQtkAZEStgLCfw=
Subject key identifier: 3C:C8:49:1F:F5:E9:19:64:B7:FB:87:36:9D:97:A8:AC:37:B6:83:A7
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018BD6ABFC3F18A5BB7C4C486E2FB071253A
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/PMhJH_XpGWS3-4c2nZeorDe2g6c.roa
Signing time: Thu 16 Nov 2023 05:47:57 +0000
ROA not before: Thu 16 Nov 2023 05:47:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.42.80.0/23 maxlen: 23
89.34.227.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d6:ab:fc:3f:18:a5:bb:7c:4c:48:6e:2f:b0:71:25:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 16 05:47:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3cc8491ff5e91964b7fb87369d97a8ac37b683a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:db:4e:8b:22:b4:a8:65:6e:61:12:16:ee:e2:
93:7b:64:66:e6:b0:a5:ea:2f:97:04:a4:24:f1:40:
28:5a:fe:e0:40:83:0f:c1:72:52:e3:b9:38:d6:d4:
cd:f9:b0:5b:63:b0:7f:67:8d:36:69:1f:d6:0b:51:
79:ba:93:e2:7c:12:aa:c0:7e:49:a0:a6:ab:2a:43:
b2:3e:b8:af:0a:8f:0b:b9:59:fc:9f:29:1c:a7:d6:
7a:24:7a:e1:e6:83:78:f1:c9:cd:05:46:15:4d:d5:
6a:85:20:25:f1:d7:58:2c:57:0d:d1:e2:01:21:be:
4f:c9:14:37:fb:bc:40:ed:bd:47:92:8b:9b:fd:b4:
e2:5b:02:3f:18:62:4f:4f:40:67:b2:c2:d7:09:75:
d6:1e:e3:71:bf:0d:52:65:8b:cb:ef:3c:71:17:bd:
65:1c:c5:80:d0:ed:53:c1:17:73:a9:11:ac:dd:d2:
f7:32:32:f1:d2:b7:62:3b:68:92:23:78:d7:c8:62:
ec:bb:df:71:d4:91:7c:d4:a2:c9:ef:35:79:f7:05:
7e:0a:68:70:36:d5:99:6c:4e:98:1d:95:86:ab:a9:
e1:a1:6c:8e:c8:3b:81:f2:2a:4b:88:90:77:3e:4b:
3e:d8:52:0e:ab:76:0b:30:fc:fd:78:fc:e3:50:57:
3a:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:C8:49:1F:F5:E9:19:64:B7:FB:87:36:9D:97:A8:AC:37:B6:83:A7
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/PMhJH_XpGWS3-4c2nZeorDe2g6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.227.0/24
89.42.80.0/22
Signature Algorithm: sha256WithRSAEncryption
32:e3:64:3c:a8:2d:1e:0a:4a:97:2b:d4:a8:7f:6a:84:d4:7a:
16:f8:c5:a6:72:98:dc:de:f3:2e:3c:09:6a:05:e4:e1:a7:15:
77:c3:83:64:27:a1:0e:dd:a4:07:7c:ff:53:67:e2:30:75:0f:
6f:25:98:ca:56:64:93:c2:2d:ba:26:0d:fe:65:6b:f3:e1:1c:
ea:c7:6d:27:1b:ab:2b:92:65:75:dd:41:16:5e:94:c3:f4:3d:
0d:8e:a6:60:93:f9:d1:48:af:62:78:d6:ea:8a:62:73:60:03:
ad:5d:67:41:5e:4f:c7:b2:52:97:35:32:f5:3a:32:cc:14:f3:
9f:ca:f7:77:88:37:33:fd:9b:13:87:39:24:0c:88:2a:ed:4c:
2d:25:cb:8a:24:02:04:f9:32:0c:33:69:35:82:fd:f7:a4:fd:
10:7e:10:c0:3d:0f:92:9e:29:b7:9b:02:3b:16:93:bf:12:c4:
51:22:b7:3d:3e:21:bd:bc:c7:47:b1:c3:19:1f:40:17:23:30:
af:74:e9:bd:8f:00:96:f1:29:3c:12:c1:48:46:79:87:50:e2:
eb:ab:c9:d2:4d:4b:2f:5b:f4:a3:90:b6:ad:f9:88:aa:0a:25:
bb:a7:46:84:9b:2f:da:3c:24:3f:b8:c3:62:64:29:f7:4c:d8:
df:92:17:4c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvWq/w/GKW7fExIbi+wcSU6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTE2MDU0NzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2M4NDkxZmY1ZTkxOTY0YjdmYjg3MzY5ZDk3YThhYzM3YjY4M2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodtOiyK0qGVuYRIW7uKTe2Rm5rCl
6i+XBKQk8UAoWv7gQIMPwXJS47k41tTN+bBbY7B/Z402aR/WC1F5upPifBKqwH5J
oKarKkOyPrivCo8LuVn8nykcp9Z6JHrh5oN48cnNBUYVTdVqhSAl8ddYLFcN0eIB
Ib5PyRQ3+7xA7b1Hkoub/bTiWwI/GGJPT0BnssLXCXXWHuNxvw1SZYvL7zxxF71l
HMWA0O1TwRdzqRGs3dL3MjLx0rdiO2iSI3jXyGLsu99x1JF81KLJ7zV59wV+Cmhw
NtWZbE6YHZWGq6nhoWyOyDuB8ipLiJB3Pks+2FIOq3YLMPz9ePzjUFc6pQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDzISR/16Rlkt/uHNp2XqKw3toOnMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvUE1oSkhfWHBHV1MzLTRjMm5aZW9yRGUyZzZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSLjAwQC
WSpQMA0GCSqGSIb3DQEBCwUAA4IBAQAy42Q8qC0eCkqXK9Sof2qE1HoW+MWmcpjc
3vMuPAlqBeThpxV3w4NkJ6EO3aQHfP9TZ+IwdQ9vJZjKVmSTwi26Jg3+ZWvz4Rzq
x20nG6srkmV13UEWXpTD9D0NjqZgk/nRSK9ieNbqimJzYAOtXWdBXk/HslKXNTL1
OjLMFPOfyvd3iDcz/ZsThzkkDIgq7UwtJcuKJAIE+TIMM2k1gv33pP0QfhDAPQ+S
nim3mwI7FpO/EsRRIrc9PiG9vMdHscMZH0AXIzCvdOm9jwCW8Sk8EsFIRnmHUOLr
q8nSTUsvW/SjkLat+YiqCiW7p0aEmy/aPCQ/uMNiZCn3TNjfkhdM
-----END CERTIFICATE-----
Generated at Fri Nov 17 09:04:26 2023 by rpki-client on console-ams.rpki-client.org