Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/aSRarHT52i6ae1iXtDVDMRd3R3Q.roa
File: aSRarHT52i6ae1iXtDVDMRd3R3Q.roa (raw, json)
Hash identifier: WSJD/GiHFpk3T4OMJ9lxPDipIUJ5DQAEIEMhPx854+A=
Subject key identifier: 69:24:5A:AC:74:F9:DA:2E:9A:7B:58:97:B4:35:43:31:17:77:47:74
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01894F4DE5E5A34EACC47B3EEE2CD43F5582
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/aSRarHT52i6ae1iXtDVDMRd3R3Q.roa
Signing time: Thu 13 Jul 2023 12:50:52 +0000
ROA not before: Thu 13 Jul 2023 12:50:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/24 maxlen: 24
89.42.83.0/24 maxlen: 24
89.42.80.0/24 maxlen: 24
89.33.193.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4f:4d:e5:e5:a3:4e:ac:c4:7b:3e:ee:2c:d4:3f:55:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jul 13 12:50:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69245aac74f9da2e9a7b5897b435433117774774
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f4:11:af:e3:71:d9:e3:c7:21:45:7b:32:c0:
0d:bd:77:31:e1:b1:ee:17:24:84:b1:75:b7:0a:0b:
c2:48:0f:57:65:dd:6f:6e:53:39:33:a7:9f:c8:d6:
ba:26:2f:55:18:cf:2b:e5:49:3d:30:d7:e5:f6:ab:
38:ae:b3:f1:39:51:4c:bc:a3:d7:85:c9:61:d7:99:
ae:c6:ea:f6:ba:04:01:ce:9c:cf:0a:a5:bb:ce:82:
70:d4:50:3f:0a:84:8e:54:f6:8b:e8:15:53:2f:5c:
c8:c5:08:27:6e:d4:8a:01:a1:6f:70:80:22:a5:6e:
95:6a:a6:7d:d4:36:3d:33:43:ee:97:5a:b0:67:29:
13:dc:f6:0a:ac:c7:a9:02:72:28:f1:d9:bd:3c:71:
e7:f3:4b:3e:30:05:d1:d6:9b:66:ae:98:17:71:8b:
90:b5:88:48:09:9a:50:0a:4e:7e:34:44:be:9e:96:
93:8f:7f:bc:14:79:1a:a3:61:bf:8b:10:5a:e5:27:
7b:86:c7:66:ff:22:3a:cc:a3:76:eb:a2:e9:15:4e:
e3:7f:e3:b2:96:d9:de:7a:ba:86:98:3f:da:d3:31:
58:5a:f8:d0:8d:c9:cb:e1:66:22:55:84:b0:26:f1:
53:6c:2c:fb:c7:17:4e:e4:52:b3:1a:57:d7:ce:da:
82:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:24:5A:AC:74:F9:DA:2E:9A:7B:58:97:B4:35:43:31:17:77:47:74
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/aSRarHT52i6ae1iXtDVDMRd3R3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.193.0/24
89.42.80.0/22
Signature Algorithm: sha256WithRSAEncryption
56:52:cc:0a:74:37:d1:13:f2:57:b5:13:11:ba:a0:09:75:1f:
08:0a:e5:7d:db:d4:58:22:9b:9e:d8:38:88:fc:04:86:2f:0e:
3b:5f:59:bd:c1:bf:49:66:ce:55:16:8a:8b:fa:aa:5c:d7:65:
81:10:ac:f1:c6:1e:18:48:f3:64:67:01:ee:84:aa:90:f4:53:
4a:07:a4:44:24:5e:b6:ee:1c:fe:64:d5:2c:2d:7a:35:98:bc:
78:48:6c:c6:17:38:dd:c3:98:29:33:72:ae:d8:d2:91:2d:99:
ba:cf:52:5c:07:b8:5a:77:40:1c:2c:7a:6a:19:57:4c:c2:06:
53:4b:b8:d0:6a:50:0f:f8:cf:b4:2f:fd:45:ff:25:ab:64:39:
6b:6e:cd:7d:d4:2e:05:93:73:72:09:e0:54:44:71:5f:26:a4:
53:72:1d:aa:c4:15:b6:31:fd:b4:12:bd:39:61:ee:3c:45:2d:
6c:4d:3f:d9:17:e9:59:b0:22:53:51:64:71:c1:b1:d5:78:9c:
86:1f:1a:bd:8d:7c:d7:04:3c:70:5f:dc:ab:ea:30:c6:b2:ad:
82:0f:df:ac:78:b6:7d:19:3f:6a:09:f3:c2:d8:cf:40:4f:43:
33:ff:7f:3a:c2:b7:71:66:a6:55:46:90:f4:f5:45:9e:74:12:
45:f4:1a:f6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYlPTeXlo06sxHs+7izUP1WCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwNzEzMTI1MDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTI0NWFhYzc0ZjlkYTJlOWE3YjU4OTdiNDM1NDMzMTE3Nzc0Nzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/QRr+Nx2ePHIUV7MsANvXcx4bHu
FySEsXW3CgvCSA9XZd1vblM5M6efyNa6Ji9VGM8r5Uk9MNfl9qs4rrPxOVFMvKPX
hclh15muxur2ugQBzpzPCqW7zoJw1FA/CoSOVPaL6BVTL1zIxQgnbtSKAaFvcIAi
pW6VaqZ91DY9M0Pul1qwZykT3PYKrMepAnIo8dm9PHHn80s+MAXR1ptmrpgXcYuQ
tYhICZpQCk5+NES+npaTj3+8FHkao2G/ixBa5Sd7hsdm/yI6zKN266LpFU7jf+Oy
ltneerqGmD/a0zFYWvjQjcnL4WYiVYSwJvFTbCz7xxdO5FKzGlfXztqCOQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGkkWqx0+doumntYl7Q1QzEXd0d0MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvYVNSYXJIVDUyaTZhZTFpWHREVkRNUmQzUjNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSHBAwQC
WSpQMA0GCSqGSIb3DQEBCwUAA4IBAQBWUswKdDfRE/JXtRMRuqAJdR8ICuV929RY
Ipue2DiI/ASGLw47X1m9wb9JZs5VFoqL+qpc12WBEKzxxh4YSPNkZwHuhKqQ9FNK
B6REJF627hz+ZNUsLXo1mLx4SGzGFzjdw5gpM3Ku2NKRLZm6z1JcB7had0AcLHpq
GVdMwgZTS7jQalAP+M+0L/1F/yWrZDlrbs191C4Fk3NyCeBURHFfJqRTch2qxBW2
Mf20Er05Ye48RS1sTT/ZF+lZsCJTUWRxwbHVeJyGHxq9jXzXBDxwX9yr6jDGsq2C
D9+seLZ9GT9qCfPC2M9AT0Mz/386wrdxZqZVRpD09UWedBJF9Br2
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:56 2023 by rpki-client on console-ams.rpki-client.org