Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/WQGYF8L0ztiHKz-ebTLBlsX7Ktc.roa
File: WQGYF8L0ztiHKz-ebTLBlsX7Ktc.roa (raw, json)
Hash identifier: tDQ5pGg2pvrhFJTm898RfdB7CefMoaHN90kyKKcmB2k=
Subject key identifier: 59:01:98:17:C2:F4:CE:D8:87:2B:3F:9E:6D:32:C1:96:C5:FB:2A:D7
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018A40A49D780B54D114344D282ED6C939DF
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/WQGYF8L0ztiHKz-ebTLBlsX7Ktc.roa
Signing time: Tue 29 Aug 2023 09:34:04 +0000
ROA not before: Tue 29 Aug 2023 09:34:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.82.0/23 maxlen: 23
89.42.80.0/23 maxlen: 23
89.46.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Aug 2023 14:47:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:40:a4:9d:78:0b:54:d1:14:34:4d:28:2e:d6:c9:39:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Aug 29 09:34:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=59019817c2f4ced8872b3f9e6d32c196c5fb2ad7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:41:cb:dd:6d:40:61:80:f2:92:ff:24:37:b5:
e2:a9:bd:b5:40:db:1f:f5:cf:ba:ef:a6:7b:a1:68:
06:75:0c:0e:08:bb:87:53:eb:05:aa:10:d9:2a:7c:
02:da:3b:3f:b1:17:a7:1b:6c:c0:65:c2:a7:60:4e:
10:c9:38:a9:61:56:6e:7d:b7:74:a7:e4:68:53:86:
39:25:3d:c5:fe:ae:fb:45:75:e7:4b:32:4b:f4:98:
68:ef:9a:a0:21:90:ec:48:cf:89:cb:91:81:e3:51:
52:0e:33:e2:e2:f6:a3:13:21:85:d6:46:25:be:71:
71:54:ff:54:c2:8d:1e:cb:8a:a9:a4:f9:52:89:a4:
50:08:33:f9:6d:7d:cf:7c:05:b3:70:a9:f7:81:32:
8b:e2:1e:60:1d:69:55:df:fa:e1:2e:7b:d9:11:e6:
de:37:0b:4a:99:14:55:fb:21:0b:ae:3f:7f:e8:4f:
ad:4f:a8:8a:25:54:17:e9:38:c7:10:28:57:7d:69:
d5:c9:0d:63:50:82:e1:dd:5c:c8:d6:61:e8:df:bd:
39:d6:10:ee:3c:b1:dd:1f:6a:f3:0d:c8:b8:d6:3c:
fb:a0:bd:6f:4b:59:f2:12:1f:61:a0:cc:90:1b:c4:
16:8d:35:09:df:8c:f6:31:87:9e:f0:b9:59:34:1f:
a2:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:01:98:17:C2:F4:CE:D8:87:2B:3F:9E:6D:32:C1:96:C5:FB:2A:D7
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/WQGYF8L0ztiHKz-ebTLBlsX7Ktc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.80.0/22
89.46.4.0/24
Signature Algorithm: sha256WithRSAEncryption
31:20:b6:49:e9:e9:bc:1c:8a:b3:7b:ba:67:ce:ca:b5:16:3b:
79:41:f1:4f:06:ec:e1:ec:32:26:5e:58:7c:38:71:d7:8a:f0:
9c:c0:45:e3:f5:eb:1b:09:d8:83:d9:a6:f1:43:ee:9f:c6:a1:
ef:3f:04:5b:67:8c:0d:7b:43:ad:6c:ea:6b:22:83:dd:87:9c:
c4:c2:56:c2:b8:df:2e:48:bc:86:b4:d2:ed:a9:c1:13:7f:84:
85:f8:ce:a7:e8:78:6a:3f:c1:7a:23:9c:7f:dc:d2:b3:47:e0:
4e:e9:31:18:82:e1:16:b7:3d:ae:f6:42:0b:b1:55:5f:20:43:
65:b6:c0:93:a3:53:c0:bc:82:3a:a3:29:c5:52:69:8b:f2:4d:
28:0e:5d:64:b5:d2:e8:0c:3c:01:a5:73:1c:b5:1f:72:4f:1b:
cf:11:1e:db:67:12:f7:a3:98:7f:60:18:e9:6b:ea:7d:6b:55:
cf:b0:01:8b:c1:32:a1:73:08:c0:8c:1b:90:63:e6:7a:a9:0f:
79:44:4b:31:38:7b:f9:96:28:63:e8:0d:d4:a0:36:7b:6b:cd:
0f:e9:87:2b:96:8a:92:d7:6e:53:54:17:f9:33:6f:b3:33:e5:
ea:c5:1b:75:bf:df:e8:0e:22:24:f2:e4:09:7b:c8:33:2a:e5:
ff:e0:da:00
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYpApJ14C1TRFDRNKC7WyTnfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwODI5MDkzNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTAxOTgxN2MyZjRjZWQ4ODcyYjNmOWU2ZDMyYzE5NmM1ZmIyYWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUHL3W1AYYDykv8kN7Xiqb21QNsf
9c+676Z7oWgGdQwOCLuHU+sFqhDZKnwC2js/sRenG2zAZcKnYE4QyTipYVZufbd0
p+RoU4Y5JT3F/q77RXXnSzJL9Jho75qgIZDsSM+Jy5GB41FSDjPi4vajEyGF1kYl
vnFxVP9Uwo0ey4qppPlSiaRQCDP5bX3PfAWzcKn3gTKL4h5gHWlV3/rhLnvZEebe
NwtKmRRV+yELrj9/6E+tT6iKJVQX6TjHEChXfWnVyQ1jUILh3VzI1mHo37051hDu
PLHdH2rzDci41jz7oL1vS1nyEh9hoMyQG8QWjTUJ34z2MYee8LlZNB+i9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFkBmBfC9M7Yhys/nm0ywZbF+yrXMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvV1FHWUY4TDB6dGlIS3otZWJUTEJsc1g3S3RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWSpQAwQA
WS4EMA0GCSqGSIb3DQEBCwUAA4IBAQAxILZJ6em8HIqze7pnzsq1Fjt5QfFPBuzh
7DImXlh8OHHXivCcwEXj9esbCdiD2abxQ+6fxqHvPwRbZ4wNe0OtbOprIoPdh5zE
wlbCuN8uSLyGtNLtqcETf4SF+M6n6HhqP8F6I5x/3NKzR+BO6TEYguEWtz2u9kIL
sVVfIENltsCTo1PAvII6oynFUmmL8k0oDl1ktdLoDDwBpXMctR9yTxvPER7bZxL3
o5h/YBjpa+p9a1XPsAGLwTKhcwjAjBuQY+Z6qQ95REsxOHv5lihj6A3UoDZ7a80P
6YcrloqS125TVBf5M2+zM+XqxRt1v9/oDiIk8uQJe8gzKuX/4NoA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:50 2024 by rpki-client on console-ams.rpki-client.org