Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/QhG5T1aHWnmxAVQ8fbDqMNI557Q.roa
File: QhG5T1aHWnmxAVQ8fbDqMNI557Q.roa (raw, json)
Hash identifier: xKHPRFr3BkHX1h3wR+pPq8Cw874LjLOfTrOnlNWvMJ0=
Subject key identifier: 42:11:B9:4F:56:87:5A:79:B1:01:54:3C:7D:B0:EA:30:D2:39:E7:B4
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018B6BEE86B5506DE267ACEB192E406738E2
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/QhG5T1aHWnmxAVQ8fbDqMNI557Q.roa
Signing time: Thu 26 Oct 2023 12:21:15 +0000
ROA not before: Thu 26 Oct 2023 12:21:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54339
IP address blocks: 89.42.89.0/24 maxlen: 24
89.42.93.0/24 maxlen: 24
93.113.176.0/24 maxlen: 24
89.46.4.0/24 maxlen: 24
89.43.142.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6b:ee:86:b5:50:6d:e2:67:ac:eb:19:2e:40:67:38:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 26 12:21:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4211b94f56875a79b101543c7db0ea30d239e7b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:3b:1f:4e:e0:70:6e:44:34:2f:a0:d1:19:d8:
89:da:5f:31:38:2d:df:d3:a9:08:8b:63:2f:e4:77:
2a:b6:71:ac:51:fd:a0:88:b2:42:72:25:e8:88:68:
14:f7:d6:e5:e4:05:c7:0e:10:58:bd:5c:63:3e:80:
f9:9a:36:6e:85:54:39:ec:a9:56:9a:8a:68:de:86:
84:3a:e7:13:f4:7e:c7:97:c5:41:b0:74:18:dc:c9:
40:91:33:d4:0e:fe:dd:ab:53:b3:ca:1f:18:9d:64:
f1:38:c7:25:1f:f5:ff:0a:32:3c:9b:e4:29:5f:db:
df:97:b8:75:93:11:1f:39:70:b2:66:d3:78:cd:51:
14:15:4b:08:ad:c3:44:f3:e6:fe:0a:04:08:90:2c:
f0:21:be:80:bc:df:e0:59:27:ab:de:fd:4e:2d:e9:
9c:06:cc:3c:96:e3:50:ad:a8:9d:a7:0f:9f:50:f5:
c5:5b:c2:8a:ec:f2:22:64:52:33:d4:4a:46:9c:e3:
e3:94:fe:f3:be:c1:73:19:57:6e:3f:2e:42:cd:5c:
8d:3f:bc:85:19:44:d7:0b:a8:49:9e:4b:d4:f4:2f:
db:cc:ad:ae:30:a5:0c:7f:ed:05:62:71:05:36:61:
4d:33:ef:2d:d3:ab:d3:2d:1f:51:b6:4d:91:9d:9d:
e5:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:11:B9:4F:56:87:5A:79:B1:01:54:3C:7D:B0:EA:30:D2:39:E7:B4
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/QhG5T1aHWnmxAVQ8fbDqMNI557Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.89.0/24
89.42.93.0/24
89.43.142.0/24
89.46.4.0/24
93.113.176.0/24
Signature Algorithm: sha256WithRSAEncryption
84:54:d5:f6:04:72:eb:20:4e:38:d3:4f:38:19:f5:a2:0f:53:
5a:fc:40:18:24:65:be:43:0b:f8:57:84:dc:85:90:37:af:51:
3e:4a:33:d4:a8:0a:b2:d0:49:c3:45:2e:5e:98:10:bb:bd:0f:
35:cc:40:f0:e0:9d:fe:d6:bd:f6:cb:c0:e7:5a:37:39:18:06:
fc:ba:c8:23:e4:46:89:3d:8b:31:93:60:2e:26:90:38:cf:82:
06:fc:3a:b0:e0:28:6a:0f:6c:20:f9:c4:2d:d7:99:f0:d1:b2:
ca:f7:52:b8:da:a7:3e:1c:85:67:4f:22:c1:62:38:50:19:1b:
7e:28:40:ce:ce:47:00:61:49:33:53:9f:b9:87:73:f2:3d:df:
4b:b8:53:a8:28:cb:bb:a8:dc:d1:e9:93:c7:9b:01:6f:68:51:
e2:aa:c6:a1:b6:9c:a9:80:94:a6:dd:d5:f5:5e:37:ae:4b:b2:
d5:19:c4:3f:94:c5:7b:49:7c:dd:69:04:1a:1a:a2:15:f7:f4:
23:2a:3b:e4:54:bb:a9:97:05:4c:bf:c1:ca:1e:bc:b7:5f:4c:
51:98:e0:43:b7:82:22:b5:52:c6:c0:61:fe:91:5a:1b:a8:3e:
fa:ab:01:20:d1:3c:dc:71:60:a8:5d:ba:31:ed:53:1d:8f:71:
73:4b:17:35
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYtr7oa1UG3iZ6zrGS5AZzjiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMDI2MTIyMTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjExYjk0ZjU2ODc1YTc5YjEwMTU0M2M3ZGIwZWEzMGQyMzllN2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjsfTuBwbkQ0L6DRGdiJ2l8xOC3f
06kIi2Mv5HcqtnGsUf2giLJCciXoiGgU99bl5AXHDhBYvVxjPoD5mjZuhVQ57KlW
mopo3oaEOucT9H7Hl8VBsHQY3MlAkTPUDv7dq1Ozyh8YnWTxOMclH/X/CjI8m+Qp
X9vfl7h1kxEfOXCyZtN4zVEUFUsIrcNE8+b+CgQIkCzwIb6AvN/gWSer3v1OLemc
Bsw8luNQraidpw+fUPXFW8KK7PIiZFIz1EpGnOPjlP7zvsFzGVduPy5CzVyNP7yF
GUTXC6hJnkvU9C/bzK2uMKUMf+0FYnEFNmFNM+8t06vTLR9Rtk2RnZ3lrwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEIRuU9Wh1p5sQFUPH2w6jDSOee0MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvUWhHNVQxYUhXbm14QVZROGZiRHFNTkk1NTdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWSpZAwQA
WSpdAwQAWSuOAwQAWS4EAwQAXXGwMA0GCSqGSIb3DQEBCwUAA4IBAQCEVNX2BHLr
IE440084GfWiD1Na/EAYJGW+Qwv4V4TchZA3r1E+SjPUqAqy0EnDRS5emBC7vQ81
zEDw4J3+1r32y8DnWjc5GAb8usgj5EaJPYsxk2AuJpA4z4IG/Dqw4ChqD2wg+cQt
15nw0bLK91K42qc+HIVnTyLBYjhQGRt+KEDOzkcAYUkzU5+5h3PyPd9LuFOoKMu7
qNzR6ZPHmwFvaFHiqsahtpypgJSm3dX1XjeuS7LVGcQ/lMV7SXzdaQQaGqIV9/Qj
KjvkVLuplwVMv8HKHry3X0xRmOBDt4IitVLGwGH+kVobqD76qwEg0TzccWCoXbox
7VMdj3FzSxc1
-----END CERTIFICATE-----
Generated at Fri Nov 24 17:51:19 2023 by rpki-client on console-ams.rpki-client.org