Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/UHJ8yB3k8XqrxvfL4pQl9Mb_WQM.roa
File: UHJ8yB3k8XqrxvfL4pQl9Mb_WQM.roa (raw, json)
Hash identifier: 3UTAo1WMh2AI9xrPJ+DJ/lNinY+4fUD6VwcFpLt85x8=
Subject key identifier: 50:72:7C:C8:1D:E4:F1:7A:AB:C6:F7:CB:E2:94:25:F4:C6:FF:59:03
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 0191B77E23BF19AA8C959970911CAE4C33A7
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/UHJ8yB3k8XqrxvfL4pQl9Mb_WQM.roa
Signing time: Tue 03 Sep 2024 10:46:22 +0000
ROA not before: Tue 03 Sep 2024 10:46:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.47.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Sep 2024 16:14:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b7:7e:23:bf:19:aa:8c:95:99:70:91:1c:ae:4c:33:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Sep 3 10:46:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50727cc81de4f17aabc6f7cbe29425f4c6ff5903
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:2e:b6:8d:51:53:e6:cd:39:76:fc:67:c1:dc:
f9:d4:e1:a2:c0:05:f6:87:a9:c6:a6:ed:b9:71:9d:
1a:5e:00:30:85:bd:bd:e6:31:99:48:f8:3b:e0:e1:
48:06:85:2d:ce:a8:4f:5b:81:5e:c6:eb:f2:10:fb:
98:fe:b2:51:99:43:b1:64:4e:45:e3:65:42:92:df:
e4:49:5f:e8:ba:a0:e0:f7:63:70:ca:3b:65:6a:57:
f4:ec:41:0c:42:ca:66:01:1c:32:4a:fb:17:13:14:
21:9c:75:96:ab:ce:87:b4:53:3d:fe:76:ee:83:00:
31:cc:30:2a:da:94:7a:ed:1a:5d:94:8a:20:60:19:
18:e1:82:85:b7:30:22:70:bc:3b:90:7d:ff:9b:46:
4b:eb:c7:b1:81:c1:8a:f3:06:81:78:dd:3c:2d:d5:
5f:d8:db:dc:cb:2b:bb:68:6c:46:ef:cd:37:ef:0d:
0d:4e:1a:4b:95:af:91:ba:84:74:2e:d5:e2:cd:98:
0b:71:28:e1:26:75:90:ea:db:98:18:f9:c0:5b:2b:
cd:70:e5:53:d7:ef:eb:cc:a2:7b:c9:5f:35:1d:35:
07:f0:d1:02:d9:e9:b7:c5:24:28:2b:4d:0a:e6:42:
d5:81:15:d6:61:68:01:f6:2e:a6:7f:59:70:dd:e4:
d9:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:72:7C:C8:1D:E4:F1:7A:AB:C6:F7:CB:E2:94:25:F4:C6:FF:59:03
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/UHJ8yB3k8XqrxvfL4pQl9Mb_WQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
89.47.114.0/24
Signature Algorithm: sha256WithRSAEncryption
31:dd:4c:a2:7c:70:04:a9:15:7f:33:06:3d:ef:1a:3c:b5:eb:
10:6e:b9:6a:df:be:06:4f:fc:c6:da:fa:2f:92:d7:e0:c9:ad:
51:fb:d9:9d:e6:93:68:d7:90:e0:5b:40:38:fe:2b:14:8a:f0:
f6:e7:a3:35:0b:aa:33:d0:24:e7:f7:9a:40:13:86:a0:f9:e2:
db:c2:c3:cd:cb:ae:88:f5:e7:8b:8a:78:61:d7:75:17:98:45:
ac:1f:4f:f4:83:b1:27:e4:ce:55:02:7f:47:88:c3:d8:db:02:
56:0b:83:b5:8a:d7:e5:33:fe:b5:ca:89:4f:4d:2a:a5:16:05:
f2:a3:05:c9:5b:7d:56:b2:3f:1e:a6:84:19:43:9f:db:2d:12:
13:36:41:d9:94:0a:60:c4:50:ad:56:b6:7f:38:05:0b:bd:07:
46:4c:35:ed:fb:b7:f6:91:0f:49:7b:e6:61:bf:ac:b5:76:f3:
47:c8:ca:a6:71:78:d9:7a:ec:58:72:f4:b3:39:36:fb:d1:b6:
a4:49:8c:b7:b0:df:60:b1:99:cc:bc:e4:e6:15:4a:18:7d:53:
11:ad:09:17:53:bf:d4:03:c4:33:5f:2a:db:a0:0b:14:60:2d:
92:6d:8b:aa:67:05:d8:86:70:70:98:d9:d9:ae:dc:3c:69:b7:
94:97:04:53
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZG3fiO/GaqMlZlwkRyuTDOnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwOTAzMTA0NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDcyN2NjODFkZTRmMTdhYWJjNmY3Y2JlMjk0MjVmNGM2ZmY1OTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmS62jVFT5s05dvxnwdz51OGiwAX2
h6nGpu25cZ0aXgAwhb295jGZSPg74OFIBoUtzqhPW4FexuvyEPuY/rJRmUOxZE5F
42VCkt/kSV/ouqDg92Nwyjtlalf07EEMQspmARwySvsXExQhnHWWq86HtFM9/nbu
gwAxzDAq2pR67RpdlIogYBkY4YKFtzAicLw7kH3/m0ZL68exgcGK8waBeN08LdVf
2Nvcyyu7aGxG78037w0NThpLla+RuoR0LtXizZgLcSjhJnWQ6tuYGPnAWyvNcOVT
1+/rzKJ7yV81HTUH8NEC2em3xSQoK00K5kLVgRXWYWgB9i6mf1lw3eTZSQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFByfMgd5PF6q8b3y+KUJfTG/1kDMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvVUhKOHlCM2s4WHFyeHZmTDRwUWw5TWJfV1FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABZKlED
BAJZKlADBABZL3IwDQYJKoZIhvcNAQELBQADggEBADHdTKJ8cASpFX8zBj3vGjy1
6xBuuWrfvgZP/Mba+i+S1+DJrVH72Z3mk2jXkOBbQDj+KxSK8PbnozULqjPQJOf3
mkAThqD54tvCw83Lroj154uKeGHXdReYRawfT/SDsSfkzlUCf0eIw9jbAlYLg7WK
1+Uz/rXKiU9NKqUWBfKjBclbfVayPx6mhBlDn9stEhM2QdmUCmDEUK1Wtn84BQu9
B0ZMNe37t/aRD0l75mG/rLV280fIyqZxeNl67Fhy9LM5NvvRtqRJjLew32Cxmcy8
5OYVShh9UxGtCRdTv9QDxDNfKtugCxRgLZJti6pnBdiGcHCY2dmu3Dxpt5SXBFM=
-----END CERTIFICATE-----
Generated at Wed Sep 4 18:22:09 2024 by rpki-client on console-fra.rpki-client.org