Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/U-xkqg0C4MuudVB--U6EqGGxRrA.roa
File: U-xkqg0C4MuudVB--U6EqGGxRrA.roa (raw, json)
Hash identifier: 1n+LRZNJ5Ogri8iwDeTsuK9iEiZAccfMr8MB42vu0V8=
Subject key identifier: 53:EC:64:AA:0D:02:E0:CB:AE:75:50:7E:F9:4E:84:A8:61:B1:46:B0
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01895048BD286980053D36E00E2B81042A5A
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/U-xkqg0C4MuudVB--U6EqGGxRrA.roa
Signing time: Thu 13 Jul 2023 17:24:51 +0000
ROA not before: Thu 13 Jul 2023 17:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Jul 2023 14:03:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:50:48:bd:28:69:80:05:3d:36:e0:0e:2b:81:04:2a:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jul 13 17:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53ec64aa0d02e0cbae75507ef94e84a861b146b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:7a:62:c3:a3:cf:ab:48:ea:2b:69:51:fb:13:
73:02:63:ad:53:f1:0f:42:32:13:44:2c:a4:09:96:
ff:ad:8f:5e:8f:38:71:a5:9a:4a:a9:bb:ab:dd:4d:
b5:8f:31:48:4f:31:33:db:11:8d:5f:01:0c:57:52:
b6:de:60:ea:00:c7:25:39:84:74:a4:df:e7:3c:88:
4a:3e:ac:66:5e:a4:53:4a:34:09:05:55:3b:17:e5:
4b:1c:30:1b:d0:77:60:69:57:28:21:49:bd:7d:70:
d6:63:36:fb:64:70:46:04:40:6c:b3:15:f8:94:29:
ea:28:e7:8d:1b:77:48:35:96:c8:79:73:c6:a7:27:
c2:2e:37:bd:35:3d:30:55:68:36:33:4c:bc:f4:58:
6f:fb:5c:97:f0:c5:2c:16:48:ff:5a:50:17:bd:e5:
04:14:be:6d:3c:41:38:0a:ec:1c:11:12:54:3c:68:
54:53:64:9d:53:b3:dd:58:2e:6b:e8:81:84:d5:71:
c5:e9:b2:a2:36:73:28:fd:fe:a3:e1:3c:f9:f3:2f:
3d:5b:cd:ee:03:40:e7:38:33:1c:ea:50:16:d6:c0:
e5:55:fa:38:bc:d4:2b:93:ff:7b:94:b6:b6:27:17:
fd:47:51:0e:95:9a:68:48:33:f7:29:3a:60:09:12:
bb:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:EC:64:AA:0D:02:E0:CB:AE:75:50:7E:F9:4E:84:A8:61:B1:46:B0
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/U-xkqg0C4MuudVB--U6EqGGxRrA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.80.0/23
Signature Algorithm: sha256WithRSAEncryption
60:63:88:8c:13:ae:82:2d:3e:fc:46:9c:2b:37:fa:9f:0b:0f:
fa:86:7c:55:9b:02:d3:e0:72:83:04:95:1e:25:1e:e7:83:34:
b5:65:d0:dd:e3:d9:43:c0:de:e5:60:37:03:85:22:67:02:52:
10:bb:ca:c8:bc:02:32:f2:32:3e:d6:17:1a:e9:29:d6:1b:06:
5c:a5:7f:32:ce:44:cd:d2:81:a3:0e:93:8d:2c:5d:76:3d:bf:
4d:da:e7:2b:27:5e:7c:56:46:a6:65:28:ee:f9:c3:93:72:45:
c2:c7:66:68:24:db:43:a4:51:b1:7d:48:68:16:22:69:40:06:
82:78:46:67:92:af:70:b8:83:4a:e8:cf:04:d1:97:50:86:c7:
cf:80:7f:0b:72:07:0f:bb:74:40:38:f9:8b:73:66:50:9a:ce:
2e:0b:87:60:c2:ab:0e:a0:95:d4:a1:30:51:68:be:99:ab:50:
3d:fa:a7:b1:4e:ca:a1:11:e9:81:cb:1a:df:ed:a9:fd:3e:aa:
9a:b2:16:71:96:08:be:27:ee:7e:5b:65:64:a2:1e:25:ac:e1:
57:d5:fa:a0:3b:33:e9:05:a1:e5:2c:cd:ef:ca:d9:3a:0e:cd:
00:61:12:7d:23:f8:95:85:eb:63:d3:1f:68:34:73:c8:d6:a7:
61:d7:9c:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlQSL0oaYAFPTbgDiuBBCpaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwNzEzMTcyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2VjNjRhYTBkMDJlMGNiYWU3NTUwN2VmOTRlODRhODYxYjE0NmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Hpiw6PPq0jqK2lR+xNzAmOtU/EP
QjITRCykCZb/rY9ejzhxpZpKqbur3U21jzFITzEz2xGNXwEMV1K23mDqAMclOYR0
pN/nPIhKPqxmXqRTSjQJBVU7F+VLHDAb0HdgaVcoIUm9fXDWYzb7ZHBGBEBssxX4
lCnqKOeNG3dINZbIeXPGpyfCLje9NT0wVWg2M0y89Fhv+1yX8MUsFkj/WlAXveUE
FL5tPEE4CuwcERJUPGhUU2SdU7PdWC5r6IGE1XHF6bKiNnMo/f6j4Tz58y89W83u
A0DnODMc6lAW1sDlVfo4vNQrk/97lLa2Jxf9R1EOlZpoSDP3KTpgCRK7KwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFPsZKoNAuDLrnVQfvlOhKhhsUawMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvVS14a3FnMEM0TXV1ZFZCLS1VNkVxR0d4UnJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWSpQMA0G
CSqGSIb3DQEBCwUAA4IBAQBgY4iME66CLT78RpwrN/qfCw/6hnxVmwLT4HKDBJUe
JR7ngzS1ZdDd49lDwN7lYDcDhSJnAlIQu8rIvAIy8jI+1hca6SnWGwZcpX8yzkTN
0oGjDpONLF12Pb9N2ucrJ158VkamZSju+cOTckXCx2ZoJNtDpFGxfUhoFiJpQAaC
eEZnkq9wuINK6M8E0ZdQhsfPgH8LcgcPu3RAOPmLc2ZQms4uC4dgwqsOoJXUoTBR
aL6Zq1A9+qexTsqhEemByxrf7an9PqqashZxlgi+J+5+W2Vkoh4lrOFX1fqgOzPp
BaHlLM3vytk6Ds0AYRJ9I/iVhetj0x9oNHPI1qdh15zc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org