Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/ZD6KY23Xfcpwa_QGQ0ebH1Nfx3E.roa
File: ZD6KY23Xfcpwa_QGQ0ebH1Nfx3E.roa (raw, json)
Hash identifier: MLwxaMwEWuryNQqvDjOvwoVig27dS/UhLf8uOy122Hw=
Subject key identifier: 64:3E:8A:63:6D:D7:7D:CA:70:6B:F4:06:43:47:9B:1F:53:5F:C7:71
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018AA20D8763C3B1A8B7FE536318B326AB33
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/ZD6KY23Xfcpwa_QGQ0ebH1Nfx3E.roa
Signing time: Sun 17 Sep 2023 07:31:50 +0000
ROA not before: Sun 17 Sep 2023 07:31:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.82.0/23 maxlen: 23
89.42.84.0/24 maxlen: 24
89.42.80.0/23 maxlen: 23
89.42.85.0/24 maxlen: 24
89.42.87.0/24 maxlen: 24
93.119.105.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a2:0d:87:63:c3:b1:a8:b7:fe:53:63:18:b3:26:ab:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Sep 17 07:31:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=643e8a636dd77dca706bf40643479b1f535fc771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:10:0a:21:e3:02:e4:7e:b8:eb:e2:49:1e:e9:
bd:20:09:c3:36:26:06:ba:53:dd:5b:38:83:3f:74:
8b:e7:ff:a0:15:e4:41:85:90:4c:b8:60:5a:b7:cc:
a5:8e:83:fe:0c:62:a5:d3:d8:57:71:58:2f:22:3a:
ff:56:44:8a:e6:12:e1:d0:a9:f6:f2:47:94:22:e1:
38:48:ba:03:83:a9:5e:34:3b:22:55:54:6f:80:c4:
7d:c1:69:fa:e7:e7:83:8f:45:f7:a1:6d:17:ce:d1:
e0:1c:c7:e4:58:50:1b:e3:6a:e1:e7:0f:e6:f5:02:
5d:cd:a0:f0:93:ee:a9:b1:4d:39:73:21:e1:62:fa:
90:e6:14:bb:f5:79:d8:f3:11:4a:dc:84:72:90:8f:
63:df:c0:89:79:b3:ae:38:fa:39:3e:cd:7a:70:23:
c7:af:03:01:a7:fe:a5:bc:cc:e6:10:0a:67:46:4e:
7d:bc:19:71:07:9b:a0:ae:13:42:5f:7a:dc:24:3f:
bd:c0:d7:59:6c:ae:e2:d4:53:39:a7:0c:53:da:e2:
be:28:f1:80:27:6e:b7:01:84:4a:d2:82:fe:96:1d:
17:84:ba:52:03:35:c4:fc:e7:cb:56:b9:14:f5:f0:
fe:c8:c3:07:a1:ca:69:a8:e3:fc:94:e7:b5:ab:d6:
e0:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:3E:8A:63:6D:D7:7D:CA:70:6B:F4:06:43:47:9B:1F:53:5F:C7:71
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/ZD6KY23Xfcpwa_QGQ0ebH1Nfx3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.80.0-89.42.85.255
89.42.87.0/24
93.119.105.0/24
Signature Algorithm: sha256WithRSAEncryption
34:98:69:3e:4f:fa:47:27:03:94:4c:53:fa:c4:92:6d:e6:f7:
e6:f0:d2:16:db:3c:68:d9:53:bc:90:26:94:7e:dd:cc:e9:6f:
8d:06:48:83:46:a6:2d:73:9c:d6:f6:e1:15:fe:ee:7b:a6:a4:
59:af:2c:19:cb:52:92:a1:34:00:7a:71:3b:37:1d:d1:54:f4:
f6:2a:e2:d4:ea:3f:79:79:cf:33:92:a9:0d:b0:5a:5c:85:f2:
76:12:1f:d9:9e:0b:14:7d:83:8e:82:b0:04:f4:c3:ee:d0:34:
87:0b:b0:34:68:ae:ec:ed:08:00:6f:88:c6:96:19:ca:a5:cf:
d6:78:74:7c:f1:3c:7b:da:4b:9c:89:d0:18:e4:6a:75:7b:13:
e6:a5:a7:16:c8:c9:ce:ed:f7:4c:5e:7a:45:55:ca:0d:5d:63:
47:6b:7d:15:5f:ab:50:11:4c:57:86:8d:47:93:23:09:36:b7:
4d:78:ba:6a:bc:24:ed:70:24:e5:13:4a:fc:cb:9c:ef:e1:a1:
76:09:89:94:a6:53:dd:ee:30:2e:e6:0f:84:2b:42:1a:a3:5b:
20:c5:7a:95:6e:8f:a9:63:b2:37:94:25:99:9a:f9:09:db:08:
82:ba:f0:94:c8:71:98:52:f6:bf:88:9d:4f:13:85:d5:22:38:
c0:e1:de:e1
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYqiDYdjw7Got/5TYxizJqszMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwOTE3MDczMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDNlOGE2MzZkZDc3ZGNhNzA2YmY0MDY0MzQ3OWIxZjUzNWZjNzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixAKIeMC5H646+JJHum9IAnDNiYG
ulPdWziDP3SL5/+gFeRBhZBMuGBat8yljoP+DGKl09hXcVgvIjr/VkSK5hLh0Kn2
8keUIuE4SLoDg6leNDsiVVRvgMR9wWn65+eDj0X3oW0XztHgHMfkWFAb42rh5w/m
9QJdzaDwk+6psU05cyHhYvqQ5hS79XnY8xFK3IRykI9j38CJebOuOPo5Ps16cCPH
rwMBp/6lvMzmEApnRk59vBlxB5ugrhNCX3rcJD+9wNdZbK7i1FM5pwxT2uK+KPGA
J263AYRK0oL+lh0XhLpSAzXE/OfLVrkU9fD+yMMHocppqOP8lOe1q9bg1QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGQ+imNt133KcGv0BkNHmx9TX8dxMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvWkQ2S1kyM1hmY3B3YV9RR1EwZWJIMU5meDNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBARZKlAD
BAFZKlQDBABZKlcDBABdd2kwDQYJKoZIhvcNAQELBQADggEBADSYaT5P+kcnA5RM
U/rEkm3m9+bw0hbbPGjZU7yQJpR+3czpb40GSINGpi1znNb24RX+7numpFmvLBnL
UpKhNAB6cTs3HdFU9PYq4tTqP3l5zzOSqQ2wWlyF8nYSH9meCxR9g46CsAT0w+7Q
NIcLsDRoruztCABviMaWGcqlz9Z4dHzxPHvaS5yJ0BjkanV7E+alpxbIyc7t90xe
ekVVyg1dY0drfRVfq1ARTFeGjUeTIwk2t014umq8JO1wJOUTSvzLnO/hoXYJiZSm
U93uMC7mD4QrQhqjWyDFepVuj6ljsjeUJZma+QnbCIK68JTIcZhS9r+InU8ThdUi
OMDh3uE=
-----END CERTIFICATE-----
Generated at Sun Sep 17 08:27:42 2023 by rpki-client on console-ams.rpki-client.org