Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/VP3g1C8PA7KOytm4R3ttzDD13hI.roa
File: VP3g1C8PA7KOytm4R3ttzDD13hI.roa (raw, json)
Hash identifier: 8BSM4u9uCz1L6XuRoAVvvu55b7yrWtGg1HgjtJv5vsg=
Subject key identifier: 54:FD:E0:D4:2F:0F:03:B2:8E:CA:D9:B8:47:7B:6D:CC:30:F5:DE:12
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018CC26D1B1F51A21A019F2B1BB81A5CE458
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/VP3g1C8PA7KOytm4R3ttzDD13hI.roa
Signing time: Mon 01 Jan 2024 00:29:39 +0000
ROA not before: Mon 01 Jan 2024 00:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.33.195.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:1b:1f:51:a2:1a:01:9f:2b:1b:b8:1a:5c:e4:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 00:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=54fde0d42f0f03b28ecad9b8477b6dcc30f5de12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:47:9d:d7:a5:47:70:99:5d:99:ab:f9:d9:23:
0a:ee:d6:16:71:44:12:0a:9c:51:f5:f1:ff:dc:b8:
f5:5d:d8:52:b9:53:9a:f9:4d:44:d1:d2:1c:79:d1:
4e:fa:58:1e:6a:e2:c0:1e:70:53:c0:c1:77:47:23:
1e:23:41:eb:b4:02:11:7a:85:30:86:0f:e1:f1:07:
bd:7c:7f:7e:06:b0:02:73:0d:51:23:61:88:02:b0:
7d:ec:9e:fd:23:5a:c7:3f:7d:7e:3f:97:0a:15:41:
61:50:4b:dc:97:00:fc:99:70:88:27:55:c0:e9:9c:
68:f1:7e:89:86:00:63:27:97:99:6c:e1:4c:d9:36:
47:41:b9:fe:60:3f:e9:5d:c5:db:ef:cb:2c:32:2b:
54:55:8e:7a:8a:d8:fa:c4:97:6e:a2:43:24:27:44:
78:54:39:42:dc:36:ba:8e:20:4f:e3:e4:9a:fd:c0:
88:3b:83:2c:72:23:3c:c9:fc:d9:be:7a:95:4e:d6:
2a:58:96:1b:81:e5:cf:ce:40:54:54:67:1d:2f:84:
6e:12:a4:5d:f0:e7:63:40:c2:80:5d:48:9e:e6:de:
cc:07:b6:90:f3:a5:59:25:3d:00:58:7f:9b:82:8c:
82:07:8c:99:a9:13:94:da:d5:71:7c:d6:ad:11:5a:
0f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:FD:E0:D4:2F:0F:03:B2:8E:CA:D9:B8:47:7B:6D:CC:30:F5:DE:12
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/VP3g1C8PA7KOytm4R3ttzDD13hI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.195.0/24
89.42.81.0-89.42.83.255
89.46.3.0/24
Signature Algorithm: sha256WithRSAEncryption
33:02:ac:75:a3:91:33:d7:76:be:24:c9:b9:5a:b0:a0:fe:5f:
19:6b:bc:ba:19:09:e9:4e:b4:e8:3d:90:03:1d:18:ea:8e:05:
d4:ca:0b:e2:06:28:09:93:48:f7:71:d0:dc:bd:60:a3:af:de:
3b:52:06:f9:a2:27:cd:90:31:d8:e6:a4:b3:78:04:1c:66:e4:
d4:6a:37:c2:a6:42:cb:7f:21:25:b1:45:20:c5:14:2f:74:17:
36:fb:93:16:79:07:fb:cc:1d:53:44:db:21:d4:ff:32:79:c6:
52:6c:42:77:65:2a:82:98:2e:d1:7d:29:b0:5d:e3:f9:22:02:
c6:06:e6:ed:02:e6:de:55:9c:b1:ec:57:f4:a4:db:98:c5:5a:
9b:c2:a8:9d:a5:74:d5:7d:f3:2e:0d:d3:68:be:52:44:85:b9:
b7:61:11:7d:f4:ed:2b:d0:5b:d6:fc:21:f2:22:c3:89:2d:f2:
d1:be:64:da:c1:42:36:6c:d1:d5:7d:0a:06:41:aa:51:05:8d:
b1:fe:f3:83:c1:5c:aa:80:96:08:ce:41:b5:b3:2e:6f:49:b6:
47:70:fd:7b:77:f3:6a:49:25:a7:8e:d7:ed:0b:44:5c:5e:6b:
bf:8d:e7:b8:0a:55:e2:af:b8:ce:6e:05:cf:fe:32:22:88:0c:
5d:7e:bc:4b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzCbRsfUaIaAZ8rG7gaXORYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTAxMDAyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGZkZTBkNDJmMGYwM2IyOGVjYWQ5Yjg0NzdiNmRjYzMwZjVkZTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuked16VHcJldmav52SMK7tYWcUQS
CpxR9fH/3Lj1XdhSuVOa+U1E0dIcedFO+lgeauLAHnBTwMF3RyMeI0HrtAIReoUw
hg/h8Qe9fH9+BrACcw1RI2GIArB97J79I1rHP31+P5cKFUFhUEvclwD8mXCIJ1XA
6Zxo8X6JhgBjJ5eZbOFM2TZHQbn+YD/pXcXb78ssMitUVY56itj6xJduokMkJ0R4
VDlC3Da6jiBP4+Sa/cCIO4MsciM8yfzZvnqVTtYqWJYbgeXPzkBUVGcdL4RuEqRd
8OdjQMKAXUie5t7MB7aQ86VZJT0AWH+bgoyCB4yZqROU2tVxfNatEVoPFwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFT94NQvDwOyjsrZuEd7bcww9d4SMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvVlAzZzFDOFBBN0tPeXRtNFIzdHR6REQxM2hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAWSHDMAwD
BABZKlEDBAJZKlADBABZLgMwDQYJKoZIhvcNAQELBQADggEBADMCrHWjkTPXdr4k
yblasKD+XxlrvLoZCelOtOg9kAMdGOqOBdTKC+IGKAmTSPdx0Ny9YKOv3jtSBvmi
J82QMdjmpLN4BBxm5NRqN8KmQst/ISWxRSDFFC90Fzb7kxZ5B/vMHVNE2yHU/zJ5
xlJsQndlKoKYLtF9KbBd4/kiAsYG5u0C5t5VnLHsV/Sk25jFWpvCqJ2ldNV98y4N
02i+UkSFubdhEX307SvQW9b8IfIiw4kt8tG+ZNrBQjZs0dV9CgZBqlEFjbH+84PB
XKqAlgjOQbWzLm9Jtkdw/Xt382pJJaeO1+0LRFxea7+N57gKVeKvuM5uBc/+MiKI
DF1+vEs=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:35:36 2024 by rpki-client on console-ams.rpki-client.org