Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/_pTS2FrYJWvlBW3hHioVmdnrMbg.roa
File: _pTS2FrYJWvlBW3hHioVmdnrMbg.roa (raw, json)
Hash identifier: www7x2Seixxe0uML5muRPyhypy7AtxuoTdi4hzEq3ts=
Subject key identifier: FE:94:D2:D8:5A:D8:25:6B:E5:05:6D:E1:1E:2A:15:99:D9:EB:31:B8
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018C1FA20804CA7720D956953FE8FFFB3D81
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/_pTS2FrYJWvlBW3hHioVmdnrMbg.roa
Signing time: Thu 30 Nov 2023 09:49:21 +0000
ROA not before: Thu 30 Nov 2023 09:49:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51082
IP address blocks: 89.47.126.0/24 maxlen: 24
89.47.127.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1f:a2:08:04:ca:77:20:d9:56:95:3f:e8:ff:fb:3d:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 30 09:49:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe94d2d85ad8256be5056de11e2a1599d9eb31b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a4:a7:a3:be:47:1a:c5:35:1a:7e:77:7c:ec:
1f:a6:73:d5:8e:20:ff:ec:a9:7a:61:9f:9b:50:dc:
cf:1a:99:71:c0:78:cb:13:11:4b:fa:83:8d:f6:a8:
33:ab:32:05:da:21:b0:f9:a8:92:1e:f4:89:5d:b5:
c6:34:15:67:60:b8:31:01:23:98:4a:a4:4a:90:43:
71:04:90:91:fc:39:ef:fd:d3:94:00:62:fa:c8:03:
a5:40:3f:63:cb:29:48:2c:ef:eb:7d:6d:04:69:f9:
ba:2f:44:9b:41:8a:b6:9b:96:e7:a5:d1:dc:c2:04:
fa:48:88:27:f5:a1:ac:c0:6a:7c:8a:e2:39:30:86:
8d:a2:63:73:c9:87:91:b2:51:80:5b:36:e6:41:e9:
f9:2c:3b:e1:e9:eb:3a:53:71:38:01:0b:29:4c:fc:
65:08:ee:5e:8c:9d:c4:f9:ff:e5:75:d5:9e:90:a5:
ee:cc:f4:a5:b7:01:48:f2:a7:67:3d:fd:95:d0:2e:
4b:7b:22:f2:2e:a0:b2:f7:d8:25:19:01:69:4e:7e:
83:4a:ab:bf:cc:4d:19:bb:4d:38:a5:9d:81:db:b0:
f3:0e:3c:32:15:08:c0:e6:75:7c:14:e6:a6:2a:c3:
77:59:34:54:d4:2b:b7:0a:24:6c:bc:2a:54:ce:27:
48:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:94:D2:D8:5A:D8:25:6B:E5:05:6D:E1:1E:2A:15:99:D9:EB:31:B8
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/_pTS2FrYJWvlBW3hHioVmdnrMbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.47.126.0/23
Signature Algorithm: sha256WithRSAEncryption
79:9d:26:3f:ff:ff:04:3a:ec:f8:8f:c6:7b:7c:3a:84:06:12:
7a:02:45:bb:5a:cc:78:87:51:eb:4e:9d:8a:b6:fb:de:41:09:
68:f5:cb:d8:ec:cc:f2:fe:56:10:e5:5e:ac:ce:dc:22:01:a8:
d3:64:8e:be:3f:2d:03:04:ed:9e:6d:3d:33:d1:86:5e:a6:a5:
7b:77:06:a8:4c:3e:42:94:c5:4b:93:f9:26:b3:71:58:7a:51:
28:f7:08:8e:47:ae:8c:27:81:2c:a6:47:8f:bb:ba:cf:ed:3a:
d3:ce:d4:36:3e:86:ae:95:1d:55:18:ad:1d:73:3f:0c:5c:34:
65:ab:89:9a:f7:37:72:04:d8:18:c4:d5:14:4d:55:ea:03:15:
89:70:a6:54:56:dd:54:b0:b0:54:59:57:7c:82:fc:5f:8d:e4:
17:b9:1e:11:9b:3a:54:d4:7a:48:27:5c:4d:ce:a1:01:83:e9:
0a:35:98:0d:d4:99:75:9c:0d:7b:3a:b9:17:99:53:b6:8a:d8:
4e:2b:52:e6:b6:32:f4:4c:cf:69:37:c0:78:9c:ce:60:db:4c:
9b:42:dd:07:07:74:fa:8b:35:60:74:d3:a0:cf:db:b6:44:da:
3d:55:93:30:0f:c8:e6:25:13:94:40:7c:9e:5b:6d:22:0c:a9:
47:5f:e1:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwfoggEyncg2VaVP+j/+z2BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTMwMDk0OTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTk0ZDJkODVhZDgyNTZiZTUwNTZkZTExZTJhMTU5OWQ5ZWIzMWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6Sno75HGsU1Gn53fOwfpnPVjiD/
7Kl6YZ+bUNzPGplxwHjLExFL+oON9qgzqzIF2iGw+aiSHvSJXbXGNBVnYLgxASOY
SqRKkENxBJCR/Dnv/dOUAGL6yAOlQD9jyylILO/rfW0Eafm6L0SbQYq2m5bnpdHc
wgT6SIgn9aGswGp8iuI5MIaNomNzyYeRslGAWzbmQen5LDvh6es6U3E4AQspTPxl
CO5ejJ3E+f/lddWekKXuzPSltwFI8qdnPf2V0C5LeyLyLqCy99glGQFpTn6DSqu/
zE0Zu004pZ2B27DzDjwyFQjA5nV8FOamKsN3WTRU1Cu3CiRsvCpUzidIQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP6U0tha2CVr5QVt4R4qFZnZ6zG4MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvX3BUUzJGcllKV3ZsQlczaEhpb1ZtZG5yTWJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWS9+MA0G
CSqGSIb3DQEBCwUAA4IBAQB5nSY///8EOuz4j8Z7fDqEBhJ6AkW7Wsx4h1HrTp2K
tvveQQlo9cvY7Mzy/lYQ5V6sztwiAajTZI6+Py0DBO2ebT0z0YZepqV7dwaoTD5C
lMVLk/kms3FYelEo9wiOR66MJ4EspkePu7rP7TrTztQ2PoaulR1VGK0dcz8MXDRl
q4ma9zdyBNgYxNUUTVXqAxWJcKZUVt1UsLBUWVd8gvxfjeQXuR4RmzpU1HpIJ1xN
zqEBg+kKNZgN1Jl1nA17OrkXmVO2ithOK1LmtjL0TM9pN8B4nM5g20ybQt0HB3T6
izVgdNOgz9u2RNo9VZMwD8jmJROUQHyeW20iDKlHX+GB
-----END CERTIFICATE-----
Generated at Thu Dec 28 09:58:04 2023 by rpki-client on console-fra.rpki-client.org