Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/QChBZN5iWFsn4wMIb8jRVDtqCng.roa
File: QChBZN5iWFsn4wMIb8jRVDtqCng.roa (raw, json)
Hash identifier: osDE6MEux8OK3RzI3XJvnM0I2AXu5Hiztqa+fArK9ik=
Subject key identifier: 40:28:41:64:DE:62:58:5B:27:E3:03:08:6F:C8:D1:54:3B:6A:0A:78
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018F8583E5F9D3AA7E970FA8E5BDABBCBBCB
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/QChBZN5iWFsn4wMIb8jRVDtqCng.roa
Signing time: Fri 17 May 2024 07:46:04 +0000
ROA not before: Fri 17 May 2024 07:46:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 21 May 2024 10:17:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:85:83:e5:f9:d3:aa:7e:97:0f:a8:e5:bd:ab:bc:bb:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: May 17 07:46:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40284164de62585b27e303086fc8d1543b6a0a78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:85:7d:6a:3a:e2:30:92:56:ce:18:49:60:e2:
5b:f4:1c:d4:86:e8:17:7f:25:a0:d7:ac:d3:b2:5c:
05:72:e9:26:82:b5:07:70:90:1d:5b:a1:cd:f5:4b:
56:08:5f:43:bd:ca:fb:4e:47:b5:1d:d8:e4:3b:fa:
ed:41:3f:48:b1:4a:c2:e7:ff:7b:4d:f0:78:9e:27:
7a:88:b6:da:66:ac:da:b5:59:3d:37:40:5f:b0:c5:
97:58:bc:91:b6:65:6b:70:0f:fd:16:57:a6:8a:02:
5a:d8:28:26:25:e5:a2:23:f2:6b:97:62:86:25:1d:
fe:47:38:e2:81:c3:08:ff:14:c8:39:12:3f:a4:39:
9b:30:8c:a0:25:59:c3:bf:bb:9b:fe:47:bc:67:46:
77:9c:03:c0:5d:cf:a2:20:aa:d2:e4:cd:69:48:ac:
54:35:a6:e6:4f:74:21:86:95:09:aa:bb:a8:3e:db:
e7:21:79:90:c7:35:6c:08:69:df:df:75:ca:d3:0d:
3b:29:ea:35:21:cc:11:a9:44:b2:a5:23:1c:5c:be:
d2:a4:d9:78:30:3e:e2:59:9a:b5:be:3c:ac:db:45:
f7:69:6b:39:13:bc:e4:fd:39:94:51:87:13:ee:85:
02:cc:46:0c:60:58:a2:72:ef:12:db:53:38:9f:44:
91:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:28:41:64:DE:62:58:5B:27:E3:03:08:6F:C8:D1:54:3B:6A:0A:78
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/QChBZN5iWFsn4wMIb8jRVDtqCng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
Signature Algorithm: sha256WithRSAEncryption
24:f0:4e:2a:9c:d1:45:b9:9c:7f:5b:bb:75:13:22:71:6c:3f:
70:33:28:67:02:8d:74:70:ec:73:da:d3:97:bd:ee:b9:c0:09:
10:da:ed:cd:d2:7a:d1:cc:51:ba:dd:a6:bd:45:d9:03:da:10:
37:23:77:9d:88:23:0e:8d:b8:02:b8:b6:69:86:58:d9:01:d8:
46:a3:dd:67:4c:f6:02:0f:32:83:16:c1:fd:8d:51:5e:0a:55:
42:40:7f:04:d4:aa:59:c3:cd:f4:f1:12:3e:d6:d4:65:ba:ef:
a6:10:f3:de:1c:14:59:0a:1c:9a:ab:71:f0:58:89:28:9c:65:
3f:45:82:ba:ba:92:19:ef:89:5a:b5:24:ed:8d:56:82:ee:a6:
6f:18:ae:42:49:72:af:9a:8a:b6:04:ca:5e:1a:b7:b6:f5:6f:
e3:fb:32:20:c5:1e:91:10:e4:a4:ca:f5:ab:80:ec:a8:40:e2:
f1:d9:e4:39:91:86:c6:63:c8:0a:7b:93:ef:c8:f8:aa:3d:4c:
3e:47:23:e5:8f:9b:85:cb:40:e5:84:ba:12:d6:e7:95:fe:06:
f9:c0:29:a0:52:13:48:7a:b3:ac:9f:a7:80:b3:6d:24:6d:d2:
23:60:aa:f9:3e:52:b2:f9:50:21:5f:69:4c:8e:eb:2f:a1:64:
9a:49:0a:ec
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY+Fg+X506p+lw+o5b2rvLvLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwNTE3MDc0NjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDI4NDE2NGRlNjI1ODViMjdlMzAzMDg2ZmM4ZDE1NDNiNmEwYTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YV9ajriMJJWzhhJYOJb9BzUhugX
fyWg16zTslwFcukmgrUHcJAdW6HN9UtWCF9Dvcr7Tke1HdjkO/rtQT9IsUrC5/97
TfB4nid6iLbaZqzatVk9N0BfsMWXWLyRtmVrcA/9FlemigJa2CgmJeWiI/Jrl2KG
JR3+RzjigcMI/xTIORI/pDmbMIygJVnDv7ub/ke8Z0Z3nAPAXc+iIKrS5M1pSKxU
NabmT3QhhpUJqruoPtvnIXmQxzVsCGnf33XK0w07Keo1IcwRqUSypSMcXL7SpNl4
MD7iWZq1vjys20X3aWs5E7zk/TmUUYcT7oUCzEYMYFiicu8S21M4n0SRCQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEAoQWTeYlhbJ+MDCG/I0VQ7agp4MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvUUNoQlpONWlXRnNuNHdNSWI4alJWRHRxQ25nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABZKlED
BAJZKlAwDQYJKoZIhvcNAQELBQADggEBACTwTiqc0UW5nH9bu3UTInFsP3AzKGcC
jXRw7HPa05e97rnACRDa7c3SetHMUbrdpr1F2QPaEDcjd52IIw6NuAK4tmmGWNkB
2Eaj3WdM9gIPMoMWwf2NUV4KVUJAfwTUqlnDzfTxEj7W1GW676YQ894cFFkKHJqr
cfBYiSicZT9Fgrq6khnviVq1JO2NVoLupm8YrkJJcq+airYEyl4at7b1b+P7MiDF
HpEQ5KTK9auA7KhA4vHZ5DmRhsZjyAp7k+/I+Ko9TD5HI+WPm4XLQOWEuhLW55X+
BvnAKaBSE0h6s6yfp4CzbSRt0iNgqvk+UrL5UCFfaUyO6y+hZJpJCuw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:50 2024 by rpki-client on console-ams.rpki-client.org