Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/XuCxXMovefNiQ8Ndcv-zY_UJXIQ.roa
File: XuCxXMovefNiQ8Ndcv-zY_UJXIQ.roa (raw, json)
Hash identifier: Ke9kUN2KaQRL0heWhNGs0/RhP4PfIPtWVggWB3YVvDs=
Subject key identifier: 5E:E0:B1:5C:CA:2F:79:F3:62:43:C3:5D:72:FF:B3:63:F5:09:5C:84
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018D20D207516C34F8D793275C83F3AF1A1B
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/XuCxXMovefNiQ8Ndcv-zY_UJXIQ.roa
Signing time: Fri 19 Jan 2024 08:24:11 +0000
ROA not before: Fri 19 Jan 2024 08:24:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.37.196.0/24 maxlen: 24
89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.46.0.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
89.47.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 Jan 2024 08:13:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:20:d2:07:51:6c:34:f8:d7:93:27:5c:83:f3:af:1a:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 19 08:24:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ee0b15cca2f79f36243c35d72ffb363f5095c84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:38:60:21:8c:fe:48:12:3c:b4:ef:9f:ad:4a:
66:c2:5d:53:47:d4:ad:52:37:f1:0a:ae:60:a7:c6:
f3:d7:27:b1:fe:33:64:95:ed:d8:3a:64:86:ec:ea:
07:c2:ba:02:89:2f:a5:68:49:f2:44:27:b0:44:2a:
18:ee:f2:4e:50:11:3b:56:f2:b0:5d:66:b0:94:21:
c6:38:07:fd:4d:12:d5:50:07:24:61:bc:69:a9:76:
fc:b7:81:a7:f8:16:aa:4a:3d:0f:64:29:63:c8:88:
71:ec:a4:6f:a4:a4:d0:1e:f4:27:40:b4:f6:c4:c9:
da:34:71:ff:2f:7a:a0:da:02:1b:d9:97:74:93:f3:
47:22:a5:4d:1f:9d:f3:7d:fb:7b:c9:ba:2d:eb:ea:
99:8f:ac:75:64:3c:51:f1:51:a5:ec:0a:13:73:ba:
5d:69:e8:62:d7:a8:a0:0c:6e:cf:d5:22:44:9c:ec:
49:ae:1b:13:42:50:bc:90:63:44:9c:77:fb:ad:78:
fe:25:00:3a:62:1a:e8:28:ff:9b:8e:2c:37:ff:e8:
24:72:95:c7:18:38:93:b4:a5:8d:00:70:f6:b0:3b:
9b:dc:6c:1e:40:7e:1a:cb:39:ea:8f:9e:bc:b9:07:
2f:fe:ab:63:40:f4:e3:dd:4d:3b:cc:f7:3f:67:96:
a6:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:E0:B1:5C:CA:2F:79:F3:62:43:C3:5D:72:FF:B3:63:F5:09:5C:84
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/XuCxXMovefNiQ8Ndcv-zY_UJXIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.196.0/24
89.42.81.0-89.42.83.255
89.46.0.0/24
89.46.3.0/24
89.47.127.0/24
Signature Algorithm: sha256WithRSAEncryption
64:ad:fa:de:a4:33:c4:84:24:04:b9:d7:23:b0:ff:c1:21:9a:
c7:d6:f7:ad:7c:47:1d:95:04:6b:db:a0:88:5a:5a:33:cb:53:
87:d9:0d:92:2c:c6:ec:ff:d6:d5:e1:61:96:da:1f:5c:9b:c6:
2d:08:3e:43:48:60:23:d9:14:40:d0:6d:5f:d1:52:a8:2a:fc:
d3:cd:93:3b:00:c3:ac:d0:c9:86:cc:13:89:9c:52:e2:b3:11:
ef:3e:2b:d3:ff:2f:af:00:2d:f8:e8:01:71:19:2b:23:89:63:
54:bd:6e:d4:4f:bc:21:da:e1:df:39:0c:0f:dd:fb:47:f4:3c:
fc:27:bf:20:8d:47:8f:6c:e3:0b:49:9f:1b:fc:b9:56:5b:89:
ad:24:a2:e1:69:d0:0c:c2:d1:5d:dd:b3:99:37:41:7b:5b:6f:
42:88:00:ff:43:f4:f1:d0:7b:20:fa:7b:ae:41:4b:62:1a:67:
72:93:bd:4a:5f:b7:94:3d:9d:0f:97:de:01:0b:cf:19:7f:f9:
f2:ed:ce:ea:4d:7a:9b:fe:b4:e3:13:8b:a4:66:d9:d8:d7:b5:
08:bf:ab:af:cc:85:54:8a:f7:ed:0a:35:77:be:86:cd:df:8c:
2e:56:72:f2:62:06:6c:33:f8:67:40:06:0e:3c:14:da:f0:63:
09:61:c9:b2
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY0g0gdRbDT415MnXIPzrxobMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTE5MDgyNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWUwYjE1Y2NhMmY3OWYzNjI0M2MzNWQ3MmZmYjM2M2Y1MDk1Yzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ThgIYz+SBI8tO+frUpmwl1TR9St
UjfxCq5gp8bz1yex/jNkle3YOmSG7OoHwroCiS+laEnyRCewRCoY7vJOUBE7VvKw
XWawlCHGOAf9TRLVUAckYbxpqXb8t4Gn+BaqSj0PZCljyIhx7KRvpKTQHvQnQLT2
xMnaNHH/L3qg2gIb2Zd0k/NHIqVNH53zfft7ybot6+qZj6x1ZDxR8VGl7AoTc7pd
aehi16igDG7P1SJEnOxJrhsTQlC8kGNEnHf7rXj+JQA6YhroKP+bjiw3/+gkcpXH
GDiTtKWNAHD2sDub3GweQH4ayznqj568uQcv/qtjQPTj3U07zPc/Z5amtwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFF7gsVzKL3nzYkPDXXL/s2P1CVyEMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvWHVDeFhNb3ZlZk5pUThOZGN2LXpZX1VKWElRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAWSXEMAwD
BABZKlEDBAJZKlADBABZLgADBABZLgMDBABZL38wDQYJKoZIhvcNAQELBQADggEB
AGSt+t6kM8SEJAS51yOw/8EhmsfW9618Rx2VBGvboIhaWjPLU4fZDZIsxuz/1tXh
YZbaH1ybxi0IPkNIYCPZFEDQbV/RUqgq/NPNkzsAw6zQyYbME4mcUuKzEe8+K9P/
L68ALfjoAXEZKyOJY1S9btRPvCHa4d85DA/d+0f0PPwnvyCNR49s4wtJnxv8uVZb
ia0kouFp0AzC0V3ds5k3QXtbb0KIAP9D9PHQeyD6e65BS2IaZ3KTvUpft5Q9nQ+X
3gELzxl/+fLtzupNepv+tOMTi6Rm2djXtQi/q6/MhVSK9+0KNXe+hs3fjC5WcvJi
Bmwz+GdABg48FNrwYwlhybI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org