Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/YpvfiE2QkRGuRrn2SCPKDnkG_y8.roa
File: YpvfiE2QkRGuRrn2SCPKDnkG_y8.roa (raw, json)
Hash identifier: 0GR+0f4opZr00BCnKEVV60CuXLpKmW314X7YcItAPGs=
Subject key identifier: 62:9B:DF:88:4D:90:91:11:AE:46:B9:F6:48:23:CA:0E:79:06:FF:2F
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018AA800F761613ABD2CFFC1BDDC4FA6CF82
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/YpvfiE2QkRGuRrn2SCPKDnkG_y8.roa
Signing time: Mon 18 Sep 2023 11:15:50 +0000
ROA not before: Mon 18 Sep 2023 11:15:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.82.0/23 maxlen: 23
89.42.80.0/23 maxlen: 23
89.42.85.0/24 maxlen: 24
89.42.87.0/24 maxlen: 24
93.119.105.0/24 maxlen: 24
89.34.224.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a8:00:f7:61:61:3a:bd:2c:ff:c1:bd:dc:4f:a6:cf:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Sep 18 11:15:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=629bdf884d909111ae46b9f64823ca0e7906ff2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:86:af:d7:d9:a7:3b:d0:df:3e:4f:69:01:45:
6f:11:9f:d1:6f:96:b9:44:68:bc:a3:22:92:61:21:
eb:85:82:90:b2:07:d6:4c:e4:2e:f0:46:9a:ad:22:
ae:73:d6:7b:f3:51:24:ab:c0:72:f1:ff:80:44:6f:
da:a7:60:0c:a4:c9:5d:38:29:e4:b0:cf:78:ec:35:
8b:f7:ad:0a:22:83:a0:ef:82:08:26:cb:81:8d:e6:
03:5d:b5:6a:f8:4f:dd:c5:df:e6:c2:c2:3a:7f:e8:
1f:81:5f:32:dc:52:ae:4c:a5:da:aa:a6:5b:cc:38:
18:6e:6c:5f:38:01:d2:ad:cc:9d:73:42:bd:59:93:
25:fc:26:06:e1:d7:9a:94:ea:2b:38:f6:c4:d9:76:
d4:7e:17:3a:20:24:4c:06:b7:4e:f9:2b:a8:fa:55:
b6:3a:03:41:4a:ff:c1:90:67:c0:b7:54:75:d4:9c:
1c:72:9e:f6:ea:cf:01:7a:55:6b:b6:47:cb:2e:8e:
8a:ab:a2:bf:b4:32:50:7c:a8:f1:82:42:15:30:8d:
0b:97:24:04:b8:35:4a:b8:4e:f6:ea:87:c3:ff:a3:
9f:fb:5e:f5:4b:00:83:1c:1e:87:83:34:99:40:69:
06:ef:37:8a:a2:a7:b4:b0:ed:59:85:dc:27:32:19:
a5:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:9B:DF:88:4D:90:91:11:AE:46:B9:F6:48:23:CA:0E:79:06:FF:2F
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/YpvfiE2QkRGuRrn2SCPKDnkG_y8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.224.0/23
89.42.80.0/22
89.42.85.0/24
89.42.87.0/24
93.119.105.0/24
Signature Algorithm: sha256WithRSAEncryption
47:8e:b3:e8:bc:ce:f1:21:82:c5:02:18:74:78:63:2c:fb:af:
ab:ee:d8:91:8c:8c:35:24:32:1d:65:d6:fa:bb:d6:d5:97:05:
37:33:cc:ba:b9:03:08:29:12:96:1a:81:60:2f:7f:71:e0:83:
55:a2:90:fa:f3:39:69:44:c3:e6:5f:7e:45:77:72:b0:3b:cf:
da:47:96:e8:75:fd:2d:af:b9:3d:3a:9e:1a:1c:48:3e:32:32:
3b:07:03:b7:f8:40:1f:fd:27:18:c2:4c:34:01:24:2f:ac:bb:
0d:cb:20:c4:12:33:35:3c:66:77:bc:ca:a0:08:17:14:85:b8:
82:05:a0:61:0a:16:ce:17:9b:79:82:c2:df:90:bc:ba:7f:b9:
cf:b1:d8:18:1d:81:97:32:d4:f4:8a:e9:29:35:a4:1c:9b:53:
4a:56:21:a1:6a:17:0f:d2:9d:55:65:0e:b2:58:ee:1a:3b:2a:
6c:d6:d9:6e:1d:4a:0a:25:76:86:db:e3:0f:98:43:21:ca:36:
22:18:89:fd:cb:83:7f:6e:53:df:60:79:1a:b6:bb:39:a9:4a:
99:56:d1:73:22:9d:f9:1f:d8:e0:b5:7f:62:b3:97:41:3f:77:
25:d7:9b:bb:1f:ba:eb:64:55:45:1b:b2:64:f9:1c:2c:be:56:
4c:43:8c:df
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYqoAPdhYTq9LP/BvdxPps+CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwOTE4MTExNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjliZGY4ODRkOTA5MTExYWU0NmI5ZjY0ODIzY2EwZTc5MDZmZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4av19mnO9DfPk9pAUVvEZ/Rb5a5
RGi8oyKSYSHrhYKQsgfWTOQu8EaarSKuc9Z781Ekq8By8f+ARG/ap2AMpMldOCnk
sM947DWL960KIoOg74IIJsuBjeYDXbVq+E/dxd/mwsI6f+gfgV8y3FKuTKXaqqZb
zDgYbmxfOAHSrcydc0K9WZMl/CYG4dealOorOPbE2XbUfhc6ICRMBrdO+Suo+lW2
OgNBSv/BkGfAt1R11Jwccp726s8BelVrtkfLLo6Kq6K/tDJQfKjxgkIVMI0LlyQE
uDVKuE726ofD/6Of+171SwCDHB6HgzSZQGkG7zeKoqe0sO1ZhdwnMhmlwwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGKb34hNkJERrka59kgjyg55Bv8vMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvWXB2ZmlFMlFrUkd1UnJuMlNDUEtEbmtHX3k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBWSLgAwQC
WSpQAwQAWSpVAwQAWSpXAwQAXXdpMA0GCSqGSIb3DQEBCwUAA4IBAQBHjrPovM7x
IYLFAhh0eGMs+6+r7tiRjIw1JDIdZdb6u9bVlwU3M8y6uQMIKRKWGoFgL39x4INV
opD68zlpRMPmX35Fd3KwO8/aR5bodf0tr7k9Op4aHEg+MjI7BwO3+EAf/ScYwkw0
ASQvrLsNyyDEEjM1PGZ3vMqgCBcUhbiCBaBhChbOF5t5gsLfkLy6f7nPsdgYHYGX
MtT0iukpNaQcm1NKViGhahcP0p1VZQ6yWO4aOyps1tluHUoKJXaG2+MPmEMhyjYi
GIn9y4N/blPfYHkatrs5qUqZVtFzIp35H9jgtX9is5dBP3cl15u7H7rrZFVFG7Jk
+RwsvlZMQ4zf
-----END CERTIFICATE-----
Generated at Mon Sep 18 13:11:04 2023 by rpki-client on console-fra.rpki-client.org