Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/_H4NB4rxBzoDCNrTmE7jCEeHwyY.roa
File: _H4NB4rxBzoDCNrTmE7jCEeHwyY.roa (raw, json)
Hash identifier: nfy4JDuYNnD+l8fRhQIEzT3XQGf99tcz4qix/nwR0zw=
Subject key identifier: FC:7E:0D:07:8A:F1:07:3A:03:08:DA:D3:98:4E:E3:08:47:87:C3:26
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018C16C81913B4F6CE4EC5BB5B87FAC3D199
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/_H4NB4rxBzoDCNrTmE7jCEeHwyY.roa
Signing time: Tue 28 Nov 2023 16:34:21 +0000
ROA not before: Tue 28 Nov 2023 16:34:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.42.80.0/23 maxlen: 23
89.42.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Nov 2023 19:15:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:16:c8:19:13:b4:f6:ce:4e:c5:bb:5b:87:fa:c3:d1:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 28 16:34:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc7e0d078af1073a0308dad3984ee3084787c326
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:32:cf:59:a7:5a:3b:4b:14:8e:47:81:39:f8:
8f:26:48:1a:09:25:2d:2b:b5:d8:11:c0:d7:ce:ae:
e7:0b:05:00:70:f6:d7:3f:65:e3:bc:63:70:93:b2:
20:f8:6f:1a:1c:68:cc:f7:7f:11:9c:ad:be:89:c9:
64:25:9f:aa:28:5e:68:fd:92:32:99:f4:66:04:a0:
65:0b:ce:0f:01:b5:34:0c:87:cc:cb:70:bf:7b:26:
db:9d:7c:7f:0b:8a:9d:83:6b:60:d2:fa:fd:f7:98:
72:5a:4a:d0:07:13:2f:e6:18:f8:d2:8e:c9:3e:16:
04:cd:01:a5:6a:bc:71:1d:71:2b:7b:a2:0f:73:25:
95:85:a3:bf:de:e0:dc:c6:7e:6b:59:c3:84:2d:32:
72:9b:9e:b9:14:0e:e2:b9:10:3c:01:93:0c:a4:6f:
56:21:72:8c:e6:4b:cd:b1:1a:3d:9f:c6:f9:bd:b4:
01:21:f3:5e:4d:6e:e5:80:2e:e9:63:16:e5:a9:56:
18:30:08:02:80:40:cb:37:40:ab:a1:a1:3a:19:fe:
30:91:eb:2e:ba:37:fe:d0:ec:e0:c3:6e:5a:bd:8d:
cd:fd:2a:e6:58:d8:e3:d8:3c:de:0a:00:31:9c:c5:
05:67:6a:46:40:c9:52:45:0d:93:ac:89:12:fa:3a:
3e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:7E:0D:07:8A:F1:07:3A:03:08:DA:D3:98:4E:E3:08:47:87:C3:26
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/_H4NB4rxBzoDCNrTmE7jCEeHwyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.80.0/22
89.42.94.0/24
Signature Algorithm: sha256WithRSAEncryption
58:1a:c2:64:76:eb:49:dc:78:5f:78:0b:32:5d:c7:b7:5a:77:
42:bc:5f:0c:4f:93:68:f3:b7:c2:3c:55:14:3d:10:f2:8c:b5:
3a:b0:9e:02:5a:af:4c:80:1d:f8:4a:5b:f2:c4:a8:95:6a:6c:
2d:fb:e0:33:69:9b:0b:31:a6:cb:88:3f:8d:43:90:23:0c:73:
81:ac:16:97:32:83:a7:88:40:34:40:ea:95:ab:3e:14:73:40:
9d:0d:3c:32:5f:cc:94:38:af:22:48:d5:7d:b9:6c:21:18:1f:
2b:89:c5:0f:1f:80:b6:d6:79:1a:12:eb:2d:df:5e:b7:a3:82:
42:b4:45:f1:5d:48:b0:5e:35:c8:86:4a:df:13:e1:51:9b:40:
b2:d6:fd:db:b7:3a:d8:97:f2:ba:1b:95:f1:26:ea:89:b7:91:
14:50:01:da:c7:ad:65:ec:bc:5b:12:53:88:fa:db:66:f4:85:
b6:b5:c3:29:04:9d:f7:26:3c:16:94:78:04:80:ac:11:3d:17:
6e:49:db:4c:ad:db:b6:33:2a:a7:51:cd:bf:ac:42:40:a4:8c:
d6:bc:96:7f:76:9a:2d:49:5d:a7:cb:2b:d3:76:31:7a:30:3b:
fe:6b:e1:84:3e:6a:e9:d1:02:76:ae:fb:66:db:e5:52:40:35:
e3:91:7c:0b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwWyBkTtPbOTsW7W4f6w9GZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTI4MTYzNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzdlMGQwNzhhZjEwNzNhMDMwOGRhZDM5ODRlZTMwODQ3ODdjMzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTLPWadaO0sUjkeBOfiPJkgaCSUt
K7XYEcDXzq7nCwUAcPbXP2XjvGNwk7Ig+G8aHGjM938RnK2+iclkJZ+qKF5o/ZIy
mfRmBKBlC84PAbU0DIfMy3C/eybbnXx/C4qdg2tg0vr995hyWkrQBxMv5hj40o7J
PhYEzQGlarxxHXEre6IPcyWVhaO/3uDcxn5rWcOELTJym565FA7iuRA8AZMMpG9W
IXKM5kvNsRo9n8b5vbQBIfNeTW7lgC7pYxblqVYYMAgCgEDLN0CroaE6Gf4wkesu
ujf+0Ozgw25avY3N/SrmWNjj2DzeCgAxnMUFZ2pGQMlSRQ2TrIkS+jo+oQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPx+DQeK8Qc6Awja05hO4whHh8MmMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvX0g0TkI0cnhCem9EQ05yVG1FN2pDRWVId3lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWSpQAwQA
WSpeMA0GCSqGSIb3DQEBCwUAA4IBAQBYGsJkdutJ3HhfeAsyXce3WndCvF8MT5No
87fCPFUUPRDyjLU6sJ4CWq9MgB34SlvyxKiVamwt++AzaZsLMabLiD+NQ5AjDHOB
rBaXMoOniEA0QOqVqz4Uc0CdDTwyX8yUOK8iSNV9uWwhGB8ricUPH4C21nkaEust
3163o4JCtEXxXUiwXjXIhkrfE+FRm0Cy1v3btzrYl/K6G5XxJuqJt5EUUAHax61l
7LxbElOI+ttm9IW2tcMpBJ33JjwWlHgEgKwRPRduSdtMrdu2MyqnUc2/rEJApIzW
vJZ/dpotSV2nyyvTdjF6MDv+a+GEPmrp0QJ2rvtm2+VSQDXjkXwL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org