Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/dw2QkSVr3MSG9NgFak7XzwIvmjQ.roa
File: dw2QkSVr3MSG9NgFak7XzwIvmjQ.roa (raw, json)
Hash identifier: b5R+xkQLXmmHggSWnPQ2j8/nrIGkphAXHK6681yHqRs=
Subject key identifier: 77:0D:90:91:25:6B:DC:C4:86:F4:D8:05:6A:4E:D7:CF:02:2F:9A:34
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018C53360E983EA35E6B8F86FCB753AA187D
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/dw2QkSVr3MSG9NgFak7XzwIvmjQ.roa
Signing time: Sun 10 Dec 2023 10:11:40 +0000
ROA not before: Sun 10 Dec 2023 10:11:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.42.80.0/23 maxlen: 23
89.34.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Dec 2023 07:20:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:53:36:0e:98:3e:a3:5e:6b:8f:86:fc:b7:53:aa:18:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Dec 10 10:11:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=770d9091256bdcc486f4d8056a4ed7cf022f9a34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6c:cf:f7:50:a6:7f:83:aa:3a:24:38:f6:0c:
4b:f9:ff:9c:3a:73:6a:c7:1f:85:22:12:c9:52:88:
6f:c1:fb:b8:36:21:8c:76:bc:77:f8:59:21:59:1c:
b2:69:eb:f3:3d:06:0c:2b:be:99:9e:f8:ea:a4:ac:
20:f6:0d:43:96:e5:fc:d1:8a:a9:cf:9d:07:3b:e0:
13:b7:1d:a1:55:0b:c8:18:34:03:7c:98:33:ff:e0:
ba:4c:8e:8d:86:c7:2e:de:b3:75:04:7a:1d:9d:25:
17:01:da:de:2a:fd:1c:f0:f7:fd:3d:32:8e:bd:ec:
63:a9:5e:ce:14:62:8f:c6:3a:fa:7b:34:c5:fb:d8:
36:c6:26:e9:23:6c:64:46:31:cd:ba:ba:f9:94:9c:
c3:c6:86:bf:79:a9:d9:bb:87:0b:b9:d5:7a:94:9a:
da:c7:62:d9:0e:0d:5d:68:ae:26:2f:ee:bd:a3:99:
2c:a2:e9:28:16:9a:a9:29:f5:0d:ee:e7:7f:78:1a:
e5:51:b6:70:d9:e4:87:17:b3:b9:b4:f9:21:8d:62:
ab:60:3b:53:72:66:5d:ea:08:4e:da:c5:7d:3d:e1:
90:63:30:6b:bc:1a:56:b8:85:44:5f:23:a8:64:4a:
d9:f3:7f:7a:d5:d9:e6:49:88:8f:b0:00:e3:52:ab:
a4:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:0D:90:91:25:6B:DC:C4:86:F4:D8:05:6A:4E:D7:CF:02:2F:9A:34
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/dw2QkSVr3MSG9NgFak7XzwIvmjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.231.0/24
89.42.80.0/22
Signature Algorithm: sha256WithRSAEncryption
26:9b:a2:8e:01:76:b2:c4:17:15:21:68:2f:85:3e:cc:88:e8:
c8:8f:57:70:eb:71:fe:9a:bc:66:90:87:83:0e:5e:2d:50:82:
cd:09:e9:7c:99:11:89:b1:f3:06:33:db:b1:fc:88:8f:4b:9f:
67:53:b3:5e:b0:15:14:ba:cb:c4:25:58:72:03:52:56:b0:0f:
f1:8b:be:03:22:ad:2f:74:00:70:1a:d4:e2:19:23:c3:f7:d6:
84:8d:90:57:60:ad:8e:31:16:3a:54:17:4b:17:eb:95:70:57:
bf:7d:70:64:9c:ce:d1:c4:55:c9:d1:69:30:66:02:48:51:ca:
02:61:fa:93:28:8b:89:d6:72:08:1a:63:8d:b9:0b:55:24:1c:
40:29:a3:ce:29:a8:40:0d:58:cc:f8:28:31:91:ae:ad:3e:38:
22:8f:ad:e8:28:2d:50:8a:62:44:96:84:d5:46:17:dd:dc:37:
53:c1:0d:fc:f9:e2:45:1e:ef:55:f7:9e:3d:39:6c:53:38:d9:
d2:42:14:f6:c0:fc:88:cb:19:88:46:3f:aa:d2:3b:8d:7b:5d:
72:f8:14:15:ee:d5:d0:fe:1a:6c:2a:d7:48:05:96:02:7c:35:
28:5a:0f:f6:0b:f0:fb:d3:42:01:49:dd:01:72:bd:dd:7e:5d:
2f:d2:3b:c3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxTNg6YPqNea4+G/LdTqhh9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMjEwMTAxMTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzBkOTA5MTI1NmJkY2M0ODZmNGQ4MDU2YTRlZDdjZjAyMmY5YTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2zP91Cmf4OqOiQ49gxL+f+cOnNq
xx+FIhLJUohvwfu4NiGMdrx3+FkhWRyyaevzPQYMK76ZnvjqpKwg9g1DluX80Yqp
z50HO+ATtx2hVQvIGDQDfJgz/+C6TI6Nhscu3rN1BHodnSUXAdreKv0c8Pf9PTKO
vexjqV7OFGKPxjr6ezTF+9g2xibpI2xkRjHNurr5lJzDxoa/eanZu4cLudV6lJra
x2LZDg1daK4mL+69o5ksoukoFpqpKfUN7ud/eBrlUbZw2eSHF7O5tPkhjWKrYDtT
cmZd6ghO2sV9PeGQYzBrvBpWuIVEXyOoZErZ83961dnmSYiPsADjUqukHwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHcNkJEla9zEhvTYBWpO188CL5o0MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvZHcyUWtTVnIzTVNHOU5nRmFrN1h6d0l2bWpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSLnAwQC
WSpQMA0GCSqGSIb3DQEBCwUAA4IBAQAmm6KOAXayxBcVIWgvhT7MiOjIj1dw63H+
mrxmkIeDDl4tUILNCel8mRGJsfMGM9ux/IiPS59nU7NesBUUusvEJVhyA1JWsA/x
i74DIq0vdABwGtTiGSPD99aEjZBXYK2OMRY6VBdLF+uVcFe/fXBknM7RxFXJ0Wkw
ZgJIUcoCYfqTKIuJ1nIIGmONuQtVJBxAKaPOKahADVjM+Cgxka6tPjgij63oKC1Q
imJEloTVRhfd3DdTwQ38+eJFHu9V9549OWxTONnSQhT2wPyIyxmIRj+q0juNe11y
+BQV7tXQ/hpsKtdIBZYCfDUoWg/2C/D700IBSd0Bcr3dfl0v0jvD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org