Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Pfg4x-Fyx4LsESrqYVRAiWSAPCw.roa
File: Pfg4x-Fyx4LsESrqYVRAiWSAPCw.roa (raw, json)
Hash identifier: xQ2+bB1WyQ7Xn61F7BilnE4nX4GYMcj44WYK6iiwKXQ=
Subject key identifier: 3D:F8:38:C7:E1:72:C7:82:EC:11:2A:EA:61:54:40:89:64:80:3C:2C
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018C8229FE89173A860C84BCB99482FC7B5B
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Pfg4x-Fyx4LsESrqYVRAiWSAPCw.roa
Signing time: Tue 19 Dec 2023 13:00:39 +0000
ROA not before: Tue 19 Dec 2023 13:00:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.46.3.0/24 maxlen: 24
89.46.0.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:82:29:fe:89:17:3a:86:0c:84:bc:b9:94:82:fc:7b:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Dec 19 13:00:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3df838c7e172c782ec112aea6154408964803c2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:01:ab:73:56:f2:9f:b0:cb:46:35:a2:cc:48:
71:27:6e:78:f7:40:b0:b4:78:a9:c7:f5:c8:d7:f6:
fb:84:8e:10:25:ff:dc:8b:60:de:8a:4f:8f:a0:9b:
36:84:9a:b5:80:51:2b:b8:bc:3c:6f:c9:46:c6:fb:
49:7c:96:fd:d5:e5:60:71:c1:95:88:c4:87:52:58:
61:8e:f2:79:2e:e5:c0:b5:74:b7:58:0f:f7:0c:31:
fb:21:50:4d:86:61:de:ec:78:00:0e:8e:5a:24:a4:
01:64:b1:7b:63:01:d1:03:97:5e:33:70:42:66:ed:
04:5a:4c:f5:6d:87:80:80:6c:97:2c:fd:54:ef:7e:
a8:e1:90:c3:8e:86:9a:d3:40:ac:ef:f8:6e:5b:7e:
a6:31:c1:82:5a:5f:bd:29:70:78:74:b6:c4:5c:24:
d8:95:f6:f9:ca:bd:7c:4f:cd:7e:0a:3e:20:14:fe:
4e:3a:70:82:41:22:86:c6:9a:34:df:ad:a7:e2:6c:
39:93:56:68:e8:5a:17:27:c6:55:db:1b:1d:07:90:
8c:0b:91:b6:ee:f8:22:b0:c2:e1:f7:f6:61:b0:c0:
84:3e:ff:8f:71:1d:84:90:f2:d9:52:cf:46:41:78:
5d:65:6b:6a:af:72:90:67:05:6c:ec:78:25:84:1f:
c4:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:F8:38:C7:E1:72:C7:82:EC:11:2A:EA:61:54:40:89:64:80:3C:2C
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Pfg4x-Fyx4LsESrqYVRAiWSAPCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
89.46.0.0/24
89.46.3.0/24
Signature Algorithm: sha256WithRSAEncryption
37:0e:87:c8:00:0b:87:35:55:f7:c1:b0:0c:ce:f9:19:fe:d9:
f9:e5:07:c6:3a:59:9c:1b:42:59:a9:c7:45:18:bc:70:57:2f:
47:39:3a:86:42:cb:be:ec:4b:d4:dd:84:ff:69:e1:3c:47:cb:
f8:9b:50:bd:43:7c:16:01:27:9c:00:83:1e:0b:f0:6e:12:75:
1f:d1:0b:b6:b5:03:08:17:5f:fa:21:8a:0d:2e:e8:48:24:b9:
9c:0f:80:28:b4:4e:88:6b:2f:71:43:bd:09:6c:67:20:24:d1:
fd:11:1e:44:14:c3:14:af:47:8f:fb:07:b6:c6:c5:0e:5f:f0:
9c:a0:89:7a:31:a4:4b:c2:16:9e:87:df:86:59:0b:86:37:26:
a2:28:18:2d:f9:0e:c3:9e:ed:ab:3e:2f:39:46:65:2e:5c:6d:
da:32:cc:a1:c6:5a:7b:9c:6b:40:5c:0c:6f:8d:17:5a:63:99:
d9:ff:49:dc:00:e9:8c:bf:45:1b:1f:e0:19:2f:82:d8:eb:a0:
a4:18:76:0d:25:12:9f:c5:23:1a:c7:43:24:49:42:f9:0b:6f:
a1:7e:f4:d7:42:71:04:3d:74:2e:58:8c:4e:de:42:79:c2:09:
6d:2b:e4:38:eb:fb:2f:d9:a1:49:61:c6:13:a6:44:0f:34:42:
2a:61:8b:0a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYyCKf6JFzqGDIS8uZSC/HtbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMjE5MTMwMDM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGY4MzhjN2UxNzJjNzgyZWMxMTJhZWE2MTU0NDA4OTY0ODAzYzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwGrc1byn7DLRjWizEhxJ25490Cw
tHipx/XI1/b7hI4QJf/ci2Deik+PoJs2hJq1gFEruLw8b8lGxvtJfJb91eVgccGV
iMSHUlhhjvJ5LuXAtXS3WA/3DDH7IVBNhmHe7HgADo5aJKQBZLF7YwHRA5deM3BC
Zu0EWkz1bYeAgGyXLP1U736o4ZDDjoaa00Cs7/huW36mMcGCWl+9KXB4dLbEXCTY
lfb5yr18T81+Cj4gFP5OOnCCQSKGxpo0362n4mw5k1Zo6FoXJ8ZV2xsdB5CMC5G2
7vgisMLh9/ZhsMCEPv+PcR2EkPLZUs9GQXhdZWtqr3KQZwVs7HglhB/EtQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFD34OMfhcseC7BEq6mFUQIlkgDwsMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvUGZnNHgtRnl4NExzRVNycVlWUkFpV1NBUEN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABZKlED
BAJZKlADBABZLgADBABZLgMwDQYJKoZIhvcNAQELBQADggEBADcOh8gAC4c1VffB
sAzO+Rn+2fnlB8Y6WZwbQlmpx0UYvHBXL0c5OoZCy77sS9TdhP9p4TxHy/ibUL1D
fBYBJ5wAgx4L8G4SdR/RC7a1AwgXX/ohig0u6EgkuZwPgCi0TohrL3FDvQlsZyAk
0f0RHkQUwxSvR4/7B7bGxQ5f8JygiXoxpEvCFp6H34ZZC4Y3JqIoGC35DsOe7as+
LzlGZS5cbdoyzKHGWnuca0BcDG+NF1pjmdn/SdwA6Yy/RRsf4BkvgtjroKQYdg0l
Ep/FIxrHQyRJQvkLb6F+9NdCcQQ9dC5YjE7eQnnCCW0r5Djr+y/ZoUlhxhOmRA80
Qiphiwo=
-----END CERTIFICATE-----
Generated at Wed Dec 20 08:57:51 2023 by rpki-client on console-ams.rpki-client.org