Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/UO1r2OxI6cfVQnyy48vMk_hWArU.roa
File: UO1r2OxI6cfVQnyy48vMk_hWArU.roa (raw, json)
Hash identifier: yPmqSwu72EGFKRSecqImYUaUix9G2zgPwQXYCmm2vsM=
Subject key identifier: 50:ED:6B:D8:EC:48:E9:C7:D5:42:7C:B2:E3:CB:CC:93:F8:56:02:B5
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018C593B47F61F81D0ECEE124CEB10E9AF06
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/UO1r2OxI6cfVQnyy48vMk_hWArU.roa
Signing time: Mon 11 Dec 2023 14:15:06 +0000
ROA not before: Mon 11 Dec 2023 14:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 89.34.224.0/23 maxlen: 24
89.34.224.0/24 maxlen: 24
89.34.225.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Dec 2023 15:19:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:59:3b:47:f6:1f:81:d0:ec:ee:12:4c:eb:10:e9:af:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Dec 11 14:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50ed6bd8ec48e9c7d5427cb2e3cbcc93f85602b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f5:dc:4e:6d:f1:5c:df:69:79:41:b6:9f:bd:
79:1a:28:3d:a4:d2:11:96:05:a5:0d:f3:1d:63:d9:
b7:5e:c0:b2:7d:58:33:1c:bb:54:94:b9:5b:6a:c7:
9d:8c:cb:0c:8f:1d:81:c0:1c:2e:70:e6:85:e6:ff:
f7:68:f5:7d:df:03:a0:ad:fa:8d:71:be:e0:5f:cb:
43:a0:3b:b7:d2:73:a4:a4:ca:75:55:2e:3c:84:ce:
4b:e0:b7:df:6d:65:50:24:dc:f7:a4:43:aa:bb:15:
4e:2f:8d:8d:32:10:38:4a:91:b0:ba:34:14:15:6e:
6c:8e:07:04:f7:12:13:1b:a2:15:5d:60:25:50:ca:
31:af:0b:02:25:69:29:6c:1d:d7:60:e6:ad:d9:61:
6a:3b:95:44:48:6e:1f:31:74:c9:69:a4:ec:1d:24:
50:e6:0e:c3:ad:ea:87:73:78:e3:5d:bc:9a:a8:d5:
0a:21:aa:6f:c6:4c:11:cc:d7:e3:96:f2:d8:7e:c5:
e4:b5:f4:e3:32:02:8f:7b:a5:59:e7:b7:73:01:c5:
b7:23:0d:3d:1f:1c:46:98:98:b9:2d:8c:38:54:09:
10:69:24:08:9c:b8:13:78:3d:c3:e7:b4:c2:ad:61:
b6:a2:eb:a1:ca:46:e7:a6:c9:90:00:44:f7:f8:94:
36:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:ED:6B:D8:EC:48:E9:C7:D5:42:7C:B2:E3:CB:CC:93:F8:56:02:B5
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/UO1r2OxI6cfVQnyy48vMk_hWArU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.224.0/23
89.34.231.0/24
Signature Algorithm: sha256WithRSAEncryption
70:c8:c3:82:a8:49:ad:31:92:bc:d8:18:fe:77:6c:5d:4e:b6:
d8:e1:c4:2a:99:38:06:9e:1f:8a:d2:f4:bc:8e:b1:49:10:ac:
79:40:b6:d2:20:9b:0e:70:84:da:18:8b:3b:dc:27:c3:54:75:
76:8e:ed:c2:55:b0:68:26:39:22:d0:1f:03:70:1a:18:b6:1e:
a8:c8:17:fe:81:ee:08:71:75:7f:69:19:39:23:92:01:aa:12:
d3:b9:27:1a:e2:57:7d:9c:91:73:56:6a:45:61:ea:ef:5e:cd:
c7:92:85:f0:c1:c7:d6:d9:be:04:8d:23:98:40:2e:1d:ed:34:
a0:0a:28:00:7c:2f:65:76:eb:0a:43:34:4b:49:9f:5a:d2:f7:
4e:cb:43:93:10:e3:d4:de:91:65:e8:7e:31:08:ad:33:4d:70:
2b:e9:09:3c:f7:b0:ba:61:bf:63:08:b8:d2:c9:13:d3:1c:e6:
c1:d8:cc:35:73:b4:9b:22:88:9d:88:cf:16:c2:65:9f:86:4c:
6b:52:8e:a4:78:24:75:d4:60:62:be:b5:a6:94:84:65:71:7d:
5d:05:4b:e3:51:31:c0:f3:c9:7a:8e:22:56:f8:f8:b8:3a:52:
1c:7d:43:65:0a:ce:64:82:e6:cc:e3:5d:49:e1:ad:6d:93:6a:
d2:b9:4b:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxZO0f2H4HQ7O4STOsQ6a8GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMjExMTQxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGVkNmJkOGVjNDhlOWM3ZDU0MjdjYjJlM2NiY2M5M2Y4NTYwMmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvXcTm3xXN9peUG2n715Gig9pNIR
lgWlDfMdY9m3XsCyfVgzHLtUlLlbasedjMsMjx2BwBwucOaF5v/3aPV93wOgrfqN
cb7gX8tDoDu30nOkpMp1VS48hM5L4LffbWVQJNz3pEOquxVOL42NMhA4SpGwujQU
FW5sjgcE9xITG6IVXWAlUMoxrwsCJWkpbB3XYOat2WFqO5VESG4fMXTJaaTsHSRQ
5g7DreqHc3jjXbyaqNUKIapvxkwRzNfjlvLYfsXktfTjMgKPe6VZ57dzAcW3Iw09
HxxGmJi5LYw4VAkQaSQInLgTeD3D57TCrWG2ouuhykbnpsmQAET3+JQ2NwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFDta9jsSOnH1UJ8suPLzJP4VgK1MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvVU8xcjJPeEk2Y2ZWUW55eTQ4dk1rX2hXQXJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBWSLgAwQA
WSLnMA0GCSqGSIb3DQEBCwUAA4IBAQBwyMOCqEmtMZK82Bj+d2xdTrbY4cQqmTgG
nh+K0vS8jrFJEKx5QLbSIJsOcITaGIs73CfDVHV2ju3CVbBoJjki0B8DcBoYth6o
yBf+ge4IcXV/aRk5I5IBqhLTuSca4ld9nJFzVmpFYervXs3HkoXwwcfW2b4EjSOY
QC4d7TSgCigAfC9ldusKQzRLSZ9a0vdOy0OTEOPU3pFl6H4xCK0zTXAr6Qk897C6
Yb9jCLjSyRPTHObB2Mw1c7SbIoidiM8WwmWfhkxrUo6keCR11GBivrWmlIRlcX1d
BUvjUTHA88l6jiJW+Pi4OlIcfUNlCs5kgubM411J4a1tk2rSuUvX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org