Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/a6biJj3GjK-fy8pnZfwgejCB9RU.roa
File: a6biJj3GjK-fy8pnZfwgejCB9RU.roa (raw, json)
Hash identifier: CP7K9DBbpvj+td+l1Kq4ydUaEOQUPCKhaWzPg/Bd67E=
Subject key identifier: 6B:A6:E2:26:3D:C6:8C:AF:9F:CB:CA:67:65:FC:20:7A:30:81:F5:15
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018CC26D2F7E84DD5CC786AC91FD1BF0C2C3
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/a6biJj3GjK-fy8pnZfwgejCB9RU.roa
Signing time: Mon 01 Jan 2024 00:29:44 +0000
ROA not before: Mon 01 Jan 2024 00:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 89.42.85.0/24 maxlen: 24
89.47.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Jan 2024 10:35:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:2f:7e:84:dd:5c:c7:86:ac:91:fd:1b:f0:c2:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 00:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ba6e2263dc68caf9fcbca6765fc207a3081f515
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:37:fa:f1:e2:38:29:29:83:d2:58:92:c1:6e:
7f:6c:1d:73:50:40:fc:b5:bf:de:78:be:19:fb:da:
b2:65:fa:15:d6:24:f7:f9:60:75:6f:8a:8e:2e:3e:
09:9c:bd:5b:f8:5a:63:48:5f:4f:f1:9e:d9:4a:f3:
33:3e:1a:4e:59:c3:e8:ea:fa:05:af:21:8e:62:9c:
cd:19:75:1a:dc:2d:4d:52:91:7b:c8:69:32:98:ad:
24:ac:f1:32:3c:fe:75:62:8f:1b:91:ba:ee:68:bf:
6e:19:96:d0:3e:ed:86:e9:11:92:92:fb:0a:e9:37:
b0:1a:fb:8a:e6:be:21:8e:e7:ad:cc:7c:b5:0f:2c:
e2:dc:7f:24:be:6e:9d:cb:bb:11:21:9e:b8:85:3b:
11:eb:2c:cf:d9:fd:b3:f0:b2:af:c5:43:68:67:4b:
fc:04:50:22:1b:71:64:2d:e7:49:d0:91:87:16:b9:
e0:83:fa:d6:b1:59:ef:d4:1e:ce:85:c3:90:a4:73:
4a:54:7e:e6:1d:a1:1b:6a:3b:39:b1:bb:af:f4:bc:
d3:b3:dc:cf:d0:a4:13:b8:7c:bd:1b:45:45:03:8d:
e0:46:49:80:ea:09:9a:ad:1e:7f:1f:be:34:fd:cc:
cd:0b:a7:a2:67:41:8c:59:a7:af:dc:35:22:ad:80:
45:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:A6:E2:26:3D:C6:8C:AF:9F:CB:CA:67:65:FC:20:7A:30:81:F5:15
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/a6biJj3GjK-fy8pnZfwgejCB9RU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.85.0/24
89.47.126.0/24
Signature Algorithm: sha256WithRSAEncryption
74:1d:46:f6:39:c7:4b:6e:a7:8e:8c:34:18:8d:86:01:fe:da:
a7:e6:b7:87:b0:eb:41:7c:5a:09:86:b2:b8:dc:57:59:f2:c0:
b7:1e:8a:76:ef:08:da:7c:35:b8:e1:ff:69:d9:0d:fc:fa:38:
81:41:87:1c:9a:0a:89:4e:ee:ef:1e:bf:de:2d:9e:dd:47:2a:
3b:b9:b1:52:2b:88:4b:1c:35:ee:79:3a:dd:0a:b2:27:2f:d1:
92:c5:32:59:2e:8c:c5:09:3f:ba:73:5a:67:16:87:aa:ff:46:
c6:d8:7e:a0:6b:8e:88:fc:5a:02:04:ef:d7:18:74:fb:f3:7b:
45:ee:ff:f2:ea:00:ef:5b:1e:a9:0f:5e:9f:1a:39:35:4b:f1:
a3:ca:9a:fd:74:f7:1f:f3:9c:6d:14:ac:6c:65:f3:cd:e3:37:
cd:07:aa:46:f9:47:34:41:c2:43:07:1f:65:b4:a1:e0:57:20:
31:1c:b9:b3:6d:e5:ee:ea:f9:1f:08:a3:9d:47:cb:fc:1c:89:
7b:54:e9:37:23:da:4f:64:c6:f0:61:f3:23:cd:1a:be:62:d2:
f3:30:bd:0e:46:79:e7:61:fb:84:87:64:f4:c8:53:ce:40:5e:
bf:53:60:66:ef:7d:7f:e2:1a:76:7f:71:a0:71:74:cb:87:0a:
6f:bd:09:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzCbS9+hN1cx4askf0b8MLDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTAxMDAyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmE2ZTIyNjNkYzY4Y2FmOWZjYmNhNjc2NWZjMjA3YTMwODFmNTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzf68eI4KSmD0liSwW5/bB1zUED8
tb/eeL4Z+9qyZfoV1iT3+WB1b4qOLj4JnL1b+FpjSF9P8Z7ZSvMzPhpOWcPo6voF
ryGOYpzNGXUa3C1NUpF7yGkymK0krPEyPP51Yo8bkbruaL9uGZbQPu2G6RGSkvsK
6TewGvuK5r4hjuetzHy1Dyzi3H8kvm6dy7sRIZ64hTsR6yzP2f2z8LKvxUNoZ0v8
BFAiG3FkLedJ0JGHFrngg/rWsVnv1B7OhcOQpHNKVH7mHaEbajs5sbuv9LzTs9zP
0KQTuHy9G0VFA43gRkmA6gmarR5/H740/czNC6eiZ0GMWaev3DUirYBFXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGum4iY9xoyvn8vKZ2X8IHowgfUVMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvYTZiaUpqM0dqSy1meThwblpmd2dlakNCOVJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSpVAwQA
WS9+MA0GCSqGSIb3DQEBCwUAA4IBAQB0HUb2OcdLbqeOjDQYjYYB/tqn5reHsOtB
fFoJhrK43FdZ8sC3Hop27wjafDW44f9p2Q38+jiBQYccmgqJTu7vHr/eLZ7dRyo7
ubFSK4hLHDXueTrdCrInL9GSxTJZLozFCT+6c1pnFoeq/0bG2H6ga46I/FoCBO/X
GHT783tF7v/y6gDvWx6pD16fGjk1S/Gjypr9dPcf85xtFKxsZfPN4zfNB6pG+Uc0
QcJDBx9ltKHgVyAxHLmzbeXu6vkfCKOdR8v8HIl7VOk3I9pPZMbwYfMjzRq+YtLz
ML0ORnnnYfuEh2T0yFPOQF6/U2Bm731/4hp2f3GgcXTLhwpvvQmB
-----END CERTIFICATE-----
Generated at Wed Jan 24 13:51:04 2024 by rpki-client on console-ams.rpki-client.org