Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/WVwKdMkhG_N8QlwCsXuIJcUu_zU.roa
File: WVwKdMkhG_N8QlwCsXuIJcUu_zU.roa (raw, json)
Hash identifier: RuBdXW8YxuqugjvLwRYu76ZneVVbWdvEAlkCPpt6T24=
Subject key identifier: 59:5C:0A:74:C9:21:1B:F3:7C:42:5C:02:B1:7B:88:25:C5:2E:FF:35
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018A3FA2A98ED18ADA9F1B8A5594B983221A
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/WVwKdMkhG_N8QlwCsXuIJcUu_zU.roa
Signing time: Tue 29 Aug 2023 04:52:19 +0000
ROA not before: Tue 29 Aug 2023 04:52:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.82.0/23 maxlen: 23
89.42.80.0/23 maxlen: 23
89.34.229.0/24 maxlen: 24
89.46.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Aug 2023 09:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3f:a2:a9:8e:d1:8a:da:9f:1b:8a:55:94:b9:83:22:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Aug 29 04:52:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=595c0a74c9211bf37c425c02b17b8825c52eff35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:dc:bd:b4:e4:5a:eb:bf:95:07:9d:dc:84:dd:
dc:d3:28:40:8b:0a:19:5f:2a:da:e8:fc:db:42:8a:
58:cd:7d:70:27:06:df:0e:90:97:75:3f:2c:22:76:
1b:32:57:8d:61:ac:c5:05:36:f0:86:9b:5b:22:f4:
72:62:34:d7:43:e7:6d:7a:55:cb:31:12:49:0c:49:
c7:33:65:46:84:b2:5c:49:93:b1:58:86:f6:54:cc:
2e:63:16:30:53:1a:08:a9:6e:f2:9c:8c:b6:ee:93:
54:2d:6b:5b:89:0f:30:d7:8f:56:a9:25:f7:6e:ea:
de:57:c0:c5:3a:41:ae:5f:6c:e5:18:14:cd:62:43:
90:30:c4:69:37:75:0d:10:ac:43:0e:29:2e:9e:57:
9f:fb:9c:cb:b8:2c:5a:b6:a4:7e:4d:0f:38:d6:ca:
02:a0:c0:e6:09:9c:5a:01:b5:e2:4c:90:2d:e4:94:
0e:96:2c:a8:7c:03:e1:89:9b:01:49:9f:11:78:a4:
26:97:cf:a7:a7:c7:a2:44:0c:f7:14:83:f1:49:05:
fb:3c:57:7d:e1:1f:ec:33:7f:c5:56:94:b0:40:c9:
c0:c9:96:70:ee:c8:df:47:9c:71:92:82:7a:99:12:
d4:82:fc:8c:f6:68:c3:9f:0f:f4:e7:e5:cf:7a:24:
f2:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:5C:0A:74:C9:21:1B:F3:7C:42:5C:02:B1:7B:88:25:C5:2E:FF:35
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/WVwKdMkhG_N8QlwCsXuIJcUu_zU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.229.0/24
89.42.80.0/22
89.46.4.0/24
Signature Algorithm: sha256WithRSAEncryption
24:41:3e:a2:b2:95:e0:62:52:74:58:0e:fc:2c:6a:7f:c5:68:
eb:a5:46:ec:a8:35:2c:19:dc:b3:9d:3f:38:41:5a:94:b5:22:
df:0f:fd:74:f6:8a:18:97:0c:cf:7c:b0:79:62:2f:d1:3d:de:
f1:59:85:dc:7b:98:6e:ad:11:18:95:ba:af:96:27:8d:d4:e0:
75:c5:90:bd:2a:9d:b5:35:22:58:ed:c5:7c:f7:4f:4d:f9:b6:
3d:0e:cd:1f:e7:29:12:ed:af:47:1a:a4:26:1a:12:7f:02:5c:
fc:39:22:c7:df:d3:da:0c:a0:d7:13:e2:cc:c0:2e:8d:1d:f9:
19:28:9a:86:8b:87:51:78:85:74:aa:1b:80:b4:fe:28:3e:dd:
18:32:e7:01:ef:7e:20:68:f5:ce:ae:8d:7e:0f:37:7d:da:ce:
70:b1:07:15:36:85:49:cd:7f:aa:41:d2:c4:2f:88:97:a5:eb:
ff:af:ea:ac:e4:81:5a:0c:fc:c1:5b:09:9e:c7:a4:dc:9d:16:
36:f4:80:20:3a:7c:df:5e:94:b8:ba:2e:39:59:ea:3c:c1:de:
aa:92:08:dd:4e:8f:69:18:f2:dc:8a:1e:7d:7e:43:c7:c0:98:
f6:6b:c8:4d:d7:db:8e:c4:b9:ef:65:68:d3:6a:4e:2c:9d:2e:
af:36:d9:d6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYo/oqmO0YranxuKVZS5gyIaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwODI5MDQ1MjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTVjMGE3NGM5MjExYmYzN2M0MjVjMDJiMTdiODgyNWM1MmVmZjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9y9tORa67+VB53chN3c0yhAiwoZ
Xyra6PzbQopYzX1wJwbfDpCXdT8sInYbMleNYazFBTbwhptbIvRyYjTXQ+dtelXL
MRJJDEnHM2VGhLJcSZOxWIb2VMwuYxYwUxoIqW7ynIy27pNULWtbiQ8w149WqSX3
bureV8DFOkGuX2zlGBTNYkOQMMRpN3UNEKxDDikunlef+5zLuCxatqR+TQ841soC
oMDmCZxaAbXiTJAt5JQOliyofAPhiZsBSZ8ReKQml8+np8eiRAz3FIPxSQX7PFd9
4R/sM3/FVpSwQMnAyZZw7sjfR5xxkoJ6mRLUgvyM9mjDnw/05+XPeiTymwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFlcCnTJIRvzfEJcArF7iCXFLv81MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvV1Z3S2RNa2hHX044UWx3Q3NYdUlKY1V1X3pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSLlAwQC
WSpQAwQAWS4EMA0GCSqGSIb3DQEBCwUAA4IBAQAkQT6ispXgYlJ0WA78LGp/xWjr
pUbsqDUsGdyznT84QVqUtSLfD/109ooYlwzPfLB5Yi/RPd7xWYXce5hurREYlbqv
lieN1OB1xZC9Kp21NSJY7cV8909N+bY9Ds0f5ykS7a9HGqQmGhJ/Alz8OSLH39Pa
DKDXE+LMwC6NHfkZKJqGi4dReIV0qhuAtP4oPt0YMucB734gaPXOro1+Dzd92s5w
sQcVNoVJzX+qQdLEL4iXpev/r+qs5IFaDPzBWwmex6TcnRY29IAgOnzfXpS4ui45
Weo8wd6qkgjdTo9pGPLcih59fkPHwJj2a8hN19uOxLnvZWjTak4snS6vNtnW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:50 2024 by rpki-client on console-ams.rpki-client.org