Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/XZ_1CirgJejkqKsbtpaR8V-BfwQ.roa
File: XZ_1CirgJejkqKsbtpaR8V-BfwQ.roa (raw, json)
Hash identifier: Clp9aMqC5hfNAIWsIISX2t7UbsOP4fafxpMdS4oAoAA=
Subject key identifier: 5D:9F:F5:0A:2A:E0:25:E8:E4:A8:AB:1B:B6:96:91:F1:5F:81:7F:04
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018997B288ED7A26AAFA1AA4B3B0A367FE85
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/XZ_1CirgJejkqKsbtpaR8V-BfwQ.roa
Signing time: Thu 27 Jul 2023 14:13:27 +0000
ROA not before: Thu 27 Jul 2023 14:13:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197644
IP address blocks: 89.42.90.0/24 maxlen: 24
89.42.95.0/24 maxlen: 24
89.42.93.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Aug 2023 11:34:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:97:b2:88:ed:7a:26:aa:fa:1a:a4:b3:b0:a3:67:fe:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jul 27 14:13:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d9ff50a2ae025e8e4a8ab1bb69691f15f817f04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:4c:5c:36:67:f2:7e:0b:3e:1c:54:35:f4:61:
e0:17:6f:a3:49:2a:2a:be:2a:54:ed:2c:38:38:95:
aa:3b:c2:44:73:77:7a:30:dd:b0:e8:eb:55:b0:96:
46:d2:41:2f:f9:30:14:b9:69:03:cb:0d:bd:ac:79:
5d:6e:69:75:a6:bd:46:78:61:f9:57:98:f6:3c:68:
45:74:3d:56:74:73:77:b7:73:1e:f7:fc:a2:ee:c2:
a1:87:dc:ae:aa:96:e6:a1:98:af:43:b7:8d:42:f4:
64:f0:9d:0f:f0:76:7d:87:65:2a:24:6c:dc:99:d1:
52:84:8e:ee:76:7f:c7:0d:5a:94:67:d2:51:3a:ba:
36:a7:70:7d:3c:5d:7f:07:e2:30:76:93:5c:cc:10:
3d:13:6d:41:13:1f:fb:75:a7:4c:6b:13:6f:3f:fe:
9e:a0:54:45:df:71:91:69:c0:97:c7:d4:c8:20:71:
df:eb:25:7d:18:29:d4:e2:66:89:c4:ed:e9:80:e6:
23:2d:d4:c9:5d:a2:21:d9:c4:66:96:98:20:c1:15:
fd:3e:af:c2:c0:af:b9:fb:7f:c1:3f:ce:22:c9:08:
c9:89:e1:eb:7c:99:1d:7f:ab:83:af:40:70:6b:14:
c8:5a:49:c0:d0:67:b9:42:0f:5b:54:91:ab:49:ce:
93:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:9F:F5:0A:2A:E0:25:E8:E4:A8:AB:1B:B6:96:91:F1:5F:81:7F:04
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/XZ_1CirgJejkqKsbtpaR8V-BfwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.90.0/24
89.42.93.0/24
89.42.95.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:cb:9f:c2:36:88:b9:d7:f5:5e:ff:20:c7:26:aa:80:24:be:
db:ce:53:be:8a:4e:04:90:b3:9c:15:9c:9e:0e:6c:30:c3:9f:
af:c4:7d:2c:2c:f7:0d:a7:65:c2:95:33:c0:84:69:33:2a:c1:
ca:31:44:4e:ad:b7:22:fc:1d:92:24:e4:99:e5:00:9a:c7:b0:
40:16:7c:cb:79:05:97:aa:ea:50:94:3d:3b:05:00:6e:45:71:
24:e0:a3:67:4e:93:e7:85:c7:7e:67:a7:70:fa:f7:c3:d5:04:
f7:aa:d5:b4:54:88:22:73:68:e0:b7:cb:39:b5:ba:8f:65:f2:
dd:d1:d3:15:e4:0a:97:88:6b:f1:02:c2:45:4d:10:d3:eb:02:
fd:1e:ed:30:a2:90:29:59:aa:c0:9e:29:9b:bf:fa:1d:b4:9d:
f3:85:de:17:04:0f:d1:1f:5f:2a:90:34:6c:5c:7f:39:a9:1c:
05:83:8c:76:f5:7b:4f:82:ac:75:b7:22:f2:67:fa:4d:1f:31:
f7:02:21:8b:8f:89:cb:0d:4c:e7:a7:97:6d:71:77:c4:f0:df:
66:3d:ef:3d:3e:fa:af:eb:68:43:52:39:b4:67:21:f0:5a:f5:
c7:fc:ba:bf:a6:00:84:9a:e1:d9:1f:63:2a:a2:84:ea:03:bd:
fd:b7:c8:61
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYmXsojteiaq+hqks7CjZ/6FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwNzI3MTQxMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDlmZjUwYTJhZTAyNWU4ZTRhOGFiMWJiNjk2OTFmMTVmODE3ZjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUxcNmfyfgs+HFQ19GHgF2+jSSoq
vipU7Sw4OJWqO8JEc3d6MN2w6OtVsJZG0kEv+TAUuWkDyw29rHldbml1pr1GeGH5
V5j2PGhFdD1WdHN3t3Me9/yi7sKhh9yuqpbmoZivQ7eNQvRk8J0P8HZ9h2UqJGzc
mdFShI7udn/HDVqUZ9JROro2p3B9PF1/B+IwdpNczBA9E21BEx/7dadMaxNvP/6e
oFRF33GRacCXx9TIIHHf6yV9GCnU4maJxO3pgOYjLdTJXaIh2cRmlpggwRX9Pq/C
wK+5+3/BP84iyQjJieHrfJkdf6uDr0BwaxTIWknA0Ge5Qg9bVJGrSc6T6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF2f9Qoq4CXo5KirG7aWkfFfgX8EMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvWFpfMUNpcmdKZWprcUtzYnRwYVI4Vi1CZndRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSpaAwQA
WSpdAwQAWSpfMA0GCSqGSIb3DQEBCwUAA4IBAQANy5/CNoi51/Ve/yDHJqqAJL7b
zlO+ik4EkLOcFZyeDmwww5+vxH0sLPcNp2XClTPAhGkzKsHKMUROrbci/B2SJOSZ
5QCax7BAFnzLeQWXqupQlD07BQBuRXEk4KNnTpPnhcd+Z6dw+vfD1QT3qtW0VIgi
c2jgt8s5tbqPZfLd0dMV5AqXiGvxAsJFTRDT6wL9Hu0wopApWarAnimbv/odtJ3z
hd4XBA/RH18qkDRsXH85qRwFg4x29XtPgqx1tyLyZ/pNHzH3AiGLj4nLDUznp5dt
cXfE8N9mPe89Pvqv62hDUjm0ZyHwWvXH/Lq/pgCEmuHZH2MqooTqA739t8hh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:50 2024 by rpki-client on console-ams.rpki-client.org