Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/QG1kWEi3hmgTrShfg-T3puEPkUU.roa
File: QG1kWEi3hmgTrShfg-T3puEPkUU.roa (raw, json)
Hash identifier: Ti1e5vKWlflBA8ZMPffDBllSPig0+kE91nzyr89Dpyo=
Subject key identifier: 40:6D:64:58:48:B7:86:68:13:AD:28:5F:83:E4:F7:A6:E1:0F:91:45
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01896A01C07998989B56CAF014F137A35365
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/QG1kWEi3hmgTrShfg-T3puEPkUU.roa
Signing time: Tue 18 Jul 2023 17:17:26 +0000
ROA not before: Tue 18 Jul 2023 17:17:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213250
IP address blocks: 89.42.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Jul 2023 11:33:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6a:01:c0:79:98:98:9b:56:ca:f0:14:f1:37:a3:53:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jul 18 17:17:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=406d645848b7866813ad285f83e4f7a6e10f9145
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:1a:97:10:04:a8:50:24:f9:4c:94:83:06:9a:
50:b3:39:8a:f9:bd:a4:85:a0:3e:24:b6:9e:e0:d7:
6f:92:1f:99:09:a2:dd:08:f5:9e:db:bc:f7:8c:1c:
2c:48:d2:54:f1:84:a4:80:c8:49:a8:d5:2e:00:a3:
2c:f1:59:10:8e:6a:6d:01:7a:7f:15:5c:79:39:6c:
c1:b7:15:e4:3e:33:4a:e1:8a:93:4f:f3:3e:1b:77:
11:af:f9:42:25:3b:2a:de:86:4c:ac:48:ac:ba:00:
1d:ce:99:06:bc:10:5f:b9:e7:3b:c7:77:c5:d3:d1:
ed:60:1e:43:83:43:95:26:9d:7d:6c:79:ea:3c:89:
b6:c7:41:e9:b0:75:ac:9a:10:32:af:d9:81:4c:65:
d1:e5:f8:f3:bf:20:4f:d1:6c:e6:f4:81:eb:40:b9:
22:83:7e:ba:75:1b:71:52:5e:d3:f3:6f:b2:ff:e9:
cb:fb:15:30:59:cb:6c:44:27:23:9e:ab:4a:8c:8c:
5f:89:fa:d1:79:5e:bf:5f:83:66:e1:6d:c3:5e:89:
7d:00:68:69:ec:b9:71:88:e6:4d:ce:fa:1f:67:ba:
2e:a1:2d:18:bb:24:ea:9e:02:97:a7:46:d9:80:e1:
f1:a2:0d:f0:72:79:77:22:e6:6d:69:2d:b5:fa:a5:
11:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:6D:64:58:48:B7:86:68:13:AD:28:5F:83:E4:F7:A6:E1:0F:91:45
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/QG1kWEi3hmgTrShfg-T3puEPkUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.88.0/24
Signature Algorithm: sha256WithRSAEncryption
41:cc:cc:47:91:89:7b:42:18:d4:ae:13:4b:b7:9a:cd:1c:92:
16:3c:3e:93:8d:5c:8d:e0:1c:10:d2:e8:08:0c:f2:7c:9f:df:
f9:a3:84:93:10:3b:06:11:f7:74:a6:e1:5e:e8:0e:2a:90:45:
58:38:4f:18:39:8a:fa:5d:7f:7b:a9:c7:30:cb:cb:14:58:98:
b5:43:d1:4a:9c:20:3d:1e:36:1c:25:04:c7:f4:b7:3b:c8:d8:
b9:b4:18:4b:5a:6f:ba:4d:58:36:67:a3:51:db:aa:f1:ad:81:
50:fa:28:01:46:c0:92:7d:27:04:ec:41:af:18:96:f6:d5:3e:
ab:80:62:03:91:5d:18:f6:79:2d:77:7b:fd:8b:83:4c:64:fd:
e1:14:fe:67:93:fe:8f:1b:f2:f8:c8:06:6d:45:68:1b:f8:ac:
88:2c:43:7b:ee:93:9a:7c:b4:b1:8a:b4:03:b5:87:99:c3:e5:
26:3f:8e:0c:97:3d:c0:44:27:d3:d4:99:7f:b5:f5:bd:bf:9a:
9f:96:00:66:ae:76:ad:1e:99:5b:22:59:b0:11:09:4d:09:31:
24:12:ad:be:e3:db:af:8c:68:b3:ab:57:ca:4a:2c:87:af:fc:
dd:3e:87:d5:77:11:27:53:ea:ad:0c:ea:35:49:11:8b:53:b2:
5b:1f:7f:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlqAcB5mJibVsrwFPE3o1NlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwNzE4MTcxNzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDZkNjQ1ODQ4Yjc4NjY4MTNhZDI4NWY4M2U0ZjdhNmUxMGY5MTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hqXEASoUCT5TJSDBppQszmK+b2k
haA+JLae4Ndvkh+ZCaLdCPWe27z3jBwsSNJU8YSkgMhJqNUuAKMs8VkQjmptAXp/
FVx5OWzBtxXkPjNK4YqTT/M+G3cRr/lCJTsq3oZMrEisugAdzpkGvBBfuec7x3fF
09HtYB5Dg0OVJp19bHnqPIm2x0HpsHWsmhAyr9mBTGXR5fjzvyBP0Wzm9IHrQLki
g366dRtxUl7T82+y/+nL+xUwWctsRCcjnqtKjIxfifrReV6/X4Nm4W3DXol9AGhp
7LlxiOZNzvofZ7ouoS0YuyTqngKXp0bZgOHxog3wcnl3IuZtaS21+qURmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEBtZFhIt4ZoE60oX4Pk96bhD5FFMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvUUcxa1dFaTNobWdUclNoZmctVDNwdUVQa1VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSpYMA0G
CSqGSIb3DQEBCwUAA4IBAQBBzMxHkYl7QhjUrhNLt5rNHJIWPD6TjVyN4BwQ0ugI
DPJ8n9/5o4STEDsGEfd0puFe6A4qkEVYOE8YOYr6XX97qccwy8sUWJi1Q9FKnCA9
HjYcJQTH9Lc7yNi5tBhLWm+6TVg2Z6NR26rxrYFQ+igBRsCSfScE7EGvGJb21T6r
gGIDkV0Y9nktd3v9i4NMZP3hFP5nk/6PG/L4yAZtRWgb+KyILEN77pOafLSxirQD
tYeZw+UmP44Mlz3ARCfT1Jl/tfW9v5qflgBmrnatHplbIlmwEQlNCTEkEq2+49uv
jGizq1fKSiyHr/zdPofVdxEnU+qtDOo1SRGLU7JbH38P
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org