Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/UY5c__fEMVEXRLTesIQj7I64_Qc.roa
File: UY5c__fEMVEXRLTesIQj7I64_Qc.roa (raw, json)
Hash identifier: w8w0nfdpVR5Zl/hqSOBLqkCztl6W6NbBy+MWgY9OZpA=
Subject key identifier: 51:8E:5C:FF:F7:C4:31:51:17:44:B4:DE:B0:84:23:EC:8E:B8:FD:07
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018D315C56FA4AAA5C412E8D402735061433
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/UY5c__fEMVEXRLTesIQj7I64_Qc.roa
Signing time: Mon 22 Jan 2024 13:29:11 +0000
ROA not before: Mon 22 Jan 2024 13:29:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.46.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jan 2024 10:31:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:31:5c:56:fa:4a:aa:5c:41:2e:8d:40:27:35:06:14:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 22 13:29:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=518e5cfff7c431511744b4deb08423ec8eb8fd07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e2:a8:70:32:ec:88:09:0c:19:ed:0e:67:31:
b7:e0:3c:a0:19:32:11:10:e3:6d:1d:36:0d:49:aa:
ff:eb:5a:55:8a:77:68:f2:b5:68:d6:9b:c6:eb:8c:
2c:eb:44:e5:66:91:82:42:c4:14:77:50:35:43:66:
92:93:45:d7:a3:1b:46:19:5d:1e:4b:3d:b3:f1:63:
b1:9b:75:bd:f5:9e:c2:85:57:92:f1:ab:83:a1:3e:
69:9b:86:c7:4a:a5:2a:41:b9:7e:19:20:34:fa:7d:
c4:53:70:77:b6:a5:ee:79:3d:02:fe:ac:4e:42:0b:
4f:c7:ed:5e:fc:89:0f:66:5c:5b:4f:4e:03:1b:29:
59:24:96:ce:ec:b2:da:7f:5e:e7:ef:fd:5b:e5:a6:
9d:a8:99:cc:c9:f7:4c:52:dc:08:66:ce:e2:b5:d8:
de:b6:a2:0c:cc:10:7b:b1:80:73:60:2c:76:67:29:
61:f0:7f:55:61:c5:96:6c:ae:95:e1:f4:6f:bd:48:
4f:99:9a:2e:4e:aa:e5:56:2e:fd:0c:7a:4b:35:0c:
ad:bf:d5:5c:cf:76:bc:d1:dd:81:a9:5b:92:9c:0f:
a2:e9:9f:bb:41:3b:ee:79:c8:86:81:29:56:f6:9b:
79:88:ff:f7:89:c5:c7:f2:a0:f5:b5:e7:ac:7f:0e:
66:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:8E:5C:FF:F7:C4:31:51:17:44:B4:DE:B0:84:23:EC:8E:B8:FD:07
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/UY5c__fEMVEXRLTesIQj7I64_Qc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
89.46.3.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:71:b2:3e:ee:42:8a:2d:fb:56:3c:76:d5:85:d5:7d:db:d8:
ac:73:35:2e:b8:e4:29:ae:4a:98:d1:88:5b:66:f5:74:3a:2b:
5f:a3:74:28:45:58:d8:1f:93:ef:93:11:7f:cd:87:5e:08:af:
94:44:a8:a6:41:bd:c4:fa:73:8e:61:e4:cc:51:96:36:21:4f:
45:76:64:8f:a0:fd:5d:4e:c3:5e:e1:b7:17:c2:4d:ea:29:12:
ab:d7:3e:c8:1d:8b:2b:77:4e:e8:56:f7:d7:b5:99:82:45:d7:
9d:3d:06:b8:5e:56:54:96:af:ad:36:58:fb:fc:da:74:f2:b2:
e2:b5:99:93:a3:d9:60:92:49:27:b3:7b:d3:57:6a:cc:ea:10:
f9:84:17:a4:14:7e:b2:e9:8e:56:8e:1d:a7:63:68:69:8a:9f:
e0:86:7e:0a:fe:fa:69:02:bb:0f:4b:64:f9:ff:32:ae:b3:f2:
e8:10:9c:80:01:62:97:b8:8e:44:07:19:73:b1:8b:7b:6c:71:
ca:c7:a8:9f:78:53:c9:62:fd:65:94:24:e5:ef:d2:bd:0b:55:
4b:b9:37:f0:bf:34:4d:4c:f7:9a:b8:87:04:58:8f:81:ab:6d:
68:ca:98:a5:f9:e5:ac:30:28:9f:b0:c4:11:93:eb:46:81:4a:
ac:e0:06:aa
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY0xXFb6SqpcQS6NQCc1BhQzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTIyMTMyOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MThlNWNmZmY3YzQzMTUxMTc0NGI0ZGViMDg0MjNlYzhlYjhmZDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluKocDLsiAkMGe0OZzG34DygGTIR
EONtHTYNSar/61pVindo8rVo1pvG64ws60TlZpGCQsQUd1A1Q2aSk0XXoxtGGV0e
Sz2z8WOxm3W99Z7ChVeS8auDoT5pm4bHSqUqQbl+GSA0+n3EU3B3tqXueT0C/qxO
QgtPx+1e/IkPZlxbT04DGylZJJbO7LLaf17n7/1b5aadqJnMyfdMUtwIZs7itdje
tqIMzBB7sYBzYCx2Zylh8H9VYcWWbK6V4fRvvUhPmZouTqrlVi79DHpLNQytv9Vc
z3a80d2BqVuSnA+i6Z+7QTvueciGgSlW9pt5iP/3icXH8qD1teesfw5mrQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFGOXP/3xDFRF0S03rCEI+yOuP0HMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvVVk1Y19fZkVNVkVYUkxUZXNJUWo3STY0X1FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABZKlED
BAJZKlADBABZLgMwDQYJKoZIhvcNAQELBQADggEBAG9xsj7uQoot+1Y8dtWF1X3b
2KxzNS645CmuSpjRiFtm9XQ6K1+jdChFWNgfk++TEX/Nh14Ir5REqKZBvcT6c45h
5MxRljYhT0V2ZI+g/V1Ow17htxfCTeopEqvXPsgdiyt3TuhW99e1mYJF1509Brhe
VlSWr602WPv82nTysuK1mZOj2WCSSSeze9NXaszqEPmEF6QUfrLpjlaOHadjaGmK
n+CGfgr++mkCuw9LZPn/Mq6z8ugQnIABYpe4jkQHGXOxi3tsccrHqJ94U8li/WWU
JOXv0r0LVUu5N/C/NE1M95q4hwRYj4GrbWjKmKX55awwKJ+wxBGT60aBSqzgBqo=
-----END CERTIFICATE-----
Generated at Tue Jan 23 14:54:00 2024 by rpki-client on console-fra.rpki-client.org