Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/QXJ4aYZbxBV_2wx2Zjtp5hi1M6A.roa
File: QXJ4aYZbxBV_2wx2Zjtp5hi1M6A.roa (raw, json)
Hash identifier: TriYp3QLYEq7JlL1S+kpHqFzJ2Drawgw9s4LLMIQMWU=
Subject key identifier: 41:72:78:69:86:5B:C4:15:7F:DB:0C:76:66:3B:69:E6:18:B5:33:A0
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018C00564004D4CAF9B79DE3CE61B0ACEDAB
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/QXJ4aYZbxBV_2wx2Zjtp5hi1M6A.roa
Signing time: Fri 24 Nov 2023 07:58:21 +0000
ROA not before: Fri 24 Nov 2023 07:58:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14445
IP address blocks: 89.42.91.0/24 maxlen: 24
89.42.94.0/24 maxlen: 24
89.37.119.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:00:56:40:04:d4:ca:f9:b7:9d:e3:ce:61:b0:ac:ed:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 24 07:58:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41727869865bc4157fdb0c76663b69e618b533a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:1b:23:6d:76:ce:81:de:b8:25:4e:c2:50:7b:
53:7a:27:bb:d5:62:ce:dc:98:ff:33:54:cb:d7:28:
0e:a0:e0:7c:57:63:59:68:53:6c:e7:d9:ab:c3:36:
4f:f3:76:62:ee:37:29:d9:a4:b2:f6:b0:ae:64:19:
a3:09:f9:3e:f2:6e:84:2a:50:1b:24:51:06:8c:ee:
90:7c:ff:b6:a0:9f:b6:ff:03:0b:c7:e3:f7:5d:5b:
c2:93:d1:6f:ae:0a:4a:0f:a0:53:4b:52:d0:e9:97:
d7:20:74:77:c8:64:7b:ba:27:34:bc:c4:a2:6c:04:
e4:f0:d7:cb:1f:f2:04:5b:03:db:1d:0d:97:94:de:
e0:fd:db:f2:de:54:5a:7b:76:27:14:08:d5:c4:2d:
24:53:93:6f:f6:5a:c1:ab:a9:f5:b0:6e:a9:4a:94:
f7:e3:5a:a2:93:a3:5e:83:c8:44:81:77:2c:87:1f:
1a:ba:8d:e9:08:db:bb:be:33:9d:a5:9e:74:b0:d2:
e3:86:27:04:3c:86:0c:04:40:2c:bb:74:84:da:a8:
fd:24:bc:89:04:24:81:62:79:47:ee:32:4d:9d:25:
3d:e8:6d:71:96:25:de:f9:ed:66:69:15:38:86:6b:
62:f5:36:76:27:c1:59:e0:40:d8:69:98:e8:0e:f9:
ed:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:72:78:69:86:5B:C4:15:7F:DB:0C:76:66:3B:69:E6:18:B5:33:A0
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/QXJ4aYZbxBV_2wx2Zjtp5hi1M6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.119.0/24
89.42.91.0/24
89.42.94.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:13:cf:a7:a1:15:ca:4c:1a:41:3b:92:e8:a4:5c:d3:2c:86:
82:c1:bc:58:b7:f3:c1:e9:4e:e0:1d:ea:38:7a:65:cf:3f:1a:
84:6a:1b:ad:28:d4:4b:3d:dc:97:01:2a:a7:73:95:53:93:9f:
1a:f8:bb:6a:9c:ec:58:50:31:e4:34:27:12:ac:a8:e2:36:31:
69:a9:d3:11:9a:62:ab:bc:2d:7d:ed:b1:d3:90:5e:10:fb:f6:
bc:4e:b8:8c:a0:63:28:b2:df:25:0b:a2:09:f5:ed:04:66:c9:
6f:95:a9:d3:91:47:50:6d:68:e0:ef:a4:26:3b:d9:5b:00:5a:
e4:86:1c:fe:a9:25:f6:b0:e7:02:24:a5:f1:2b:61:43:f0:a1:
bc:ba:51:45:92:68:2e:d0:d7:de:ed:e4:d0:f4:da:f8:f7:d4:
0b:8b:63:da:d6:c2:2f:be:e8:cc:32:d8:7f:91:99:4c:36:73:
5f:90:af:9f:86:ae:98:87:ba:61:d3:ab:a8:a0:9c:c2:3e:5a:
c9:43:e1:1e:a1:6c:2e:c0:9f:5b:24:5b:71:e8:2c:1c:33:44:
eb:04:bc:9e:23:61:d2:da:98:2f:0a:9c:41:33:5d:68:41:f0:
98:82:92:9a:3e:a1:3e:74:4f:d6:45:76:74:0c:5c:3d:2b:7d:
c5:c7:dd:c7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYwAVkAE1Mr5t53jzmGwrO2rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTI0MDc1ODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTcyNzg2OTg2NWJjNDE1N2ZkYjBjNzY2NjNiNjllNjE4YjUzM2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhsjbXbOgd64JU7CUHtTeie71WLO
3Jj/M1TL1ygOoOB8V2NZaFNs59mrwzZP83Zi7jcp2aSy9rCuZBmjCfk+8m6EKlAb
JFEGjO6QfP+2oJ+2/wMLx+P3XVvCk9FvrgpKD6BTS1LQ6ZfXIHR3yGR7uic0vMSi
bATk8NfLH/IEWwPbHQ2XlN7g/dvy3lRae3YnFAjVxC0kU5Nv9lrBq6n1sG6pSpT3
41qik6Neg8hEgXcshx8auo3pCNu7vjOdpZ50sNLjhicEPIYMBEAsu3SE2qj9JLyJ
BCSBYnlH7jJNnSU96G1xliXe+e1maRU4hmti9TZ2J8FZ4EDYaZjoDvntIwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEFyeGmGW8QVf9sMdmY7aeYYtTOgMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvUVhKNGFZWmJ4QlZfMnd4MlpqdHA1aGkxTTZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSV3AwQA
WSpbAwQAWSpeMA0GCSqGSIb3DQEBCwUAA4IBAQAcE8+noRXKTBpBO5LopFzTLIaC
wbxYt/PB6U7gHeo4emXPPxqEahutKNRLPdyXASqnc5VTk58a+LtqnOxYUDHkNCcS
rKjiNjFpqdMRmmKrvC197bHTkF4Q+/a8TriMoGMost8lC6IJ9e0EZslvlanTkUdQ
bWjg76QmO9lbAFrkhhz+qSX2sOcCJKXxK2FD8KG8ulFFkmgu0Nfe7eTQ9Nr499QL
i2Pa1sIvvujMMth/kZlMNnNfkK+fhq6Yh7ph06uooJzCPlrJQ+EeoWwuwJ9bJFtx
6CwcM0TrBLyeI2HS2pgvCpxBM11oQfCYgpKaPqE+dE/WRXZ0DFw9K33Fx93H
-----END CERTIFICATE-----
Generated at Sun Nov 26 08:53:44 2023 by rpki-client on console-fra.rpki-client.org