Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/fIeNg8axkIXplZc_g2KnG2jkYDE.roa
File: fIeNg8axkIXplZc_g2KnG2jkYDE.roa (raw, json)
Hash identifier: ubXfAg4bxhdtyNZYpt7EELBnGL4O3fWPX1Ui06dFb/4=
Subject key identifier: 7C:87:8D:83:C6:B1:90:85:E9:95:97:3F:83:62:A7:1B:68:E4:60:31
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018D315D418F92FF630B305FEB7CF6049A7E
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/fIeNg8axkIXplZc_g2KnG2jkYDE.roa
Signing time: Mon 22 Jan 2024 13:30:11 +0000
ROA not before: Mon 22 Jan 2024 13:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 996
IP address blocks: 89.34.224.0/23 maxlen: 24
89.34.224.0/24 maxlen: 24
89.34.225.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
89.40.82.0/24 maxlen: 24
89.47.117.0/24 maxlen: 24
89.47.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Feb 2024 07:01:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:31:5d:41:8f:92:ff:63:0b:30:5f:eb:7c:f6:04:9a:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 22 13:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c878d83c6b19085e995973f8362a71b68e46031
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d9:ed:db:5c:e5:bf:a5:0c:24:c1:8e:e4:72:
cc:bb:5e:ad:b3:9c:69:a9:b8:3b:4f:c1:9b:67:f9:
92:e3:92:e4:0d:be:8a:56:d4:b2:0f:f3:e7:1e:02:
09:32:b9:40:09:ed:c3:79:5b:d9:56:91:df:ea:f4:
fe:ec:77:bf:ab:d5:d3:91:ff:d6:df:65:65:75:5c:
b5:8a:af:d0:49:89:06:6f:cc:d0:6c:e2:12:ec:d8:
07:0e:00:d2:30:87:8e:43:0d:92:8e:d1:44:8d:d8:
68:a4:c6:af:c4:5f:72:04:bc:16:40:62:97:dd:bd:
ea:8e:e6:11:30:ac:b4:07:3e:aa:fd:4a:84:a1:7b:
30:a3:0a:6d:ff:14:30:9f:a2:a1:2f:ec:ac:0c:26:
49:29:55:30:2c:e6:65:47:6d:e6:77:72:25:b6:bc:
0e:e2:ce:d8:7d:d1:fd:28:42:10:fc:18:a3:75:0a:
95:04:f1:8c:68:93:8e:4e:9c:68:11:90:40:a9:9b:
42:a0:63:ab:ff:cd:50:cf:57:88:28:e1:4f:17:b6:
5a:01:6c:90:13:84:5f:c2:e8:1c:fc:5b:48:51:b6:
c3:8d:26:84:1e:a9:63:6f:1b:ee:f1:ba:53:31:f9:
74:2e:24:8b:7d:c1:6b:11:6e:d7:9c:93:f3:56:5f:
62:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:87:8D:83:C6:B1:90:85:E9:95:97:3F:83:62:A7:1B:68:E4:60:31
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/fIeNg8axkIXplZc_g2KnG2jkYDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.224.0/23
89.34.231.0/24
89.40.82.0/24
89.47.117.0/24
89.47.125.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:3a:20:1d:4c:f8:8f:d8:d7:7a:9f:9e:0f:68:74:93:61:68:
81:71:01:63:1b:78:da:83:42:47:10:46:bb:f7:33:21:47:77:
b3:6d:7f:cc:b6:c0:e4:53:68:f2:3a:fd:27:16:87:c3:cf:4e:
61:7c:ed:75:22:8c:49:b4:8e:f3:8c:51:d4:99:59:14:15:c4:
2e:21:a8:9f:48:c1:8f:f1:73:ba:f2:b1:74:16:a6:4f:7e:e1:
28:18:37:0c:a8:1e:cd:e5:4f:38:62:f6:57:b0:ae:db:c0:6b:
ea:ef:8d:c0:06:2a:fb:83:8b:0b:2f:98:6d:fa:a2:80:4f:7e:
82:cd:eb:6f:ee:79:d9:6b:73:c3:cc:4a:32:4e:49:83:e7:23:
89:05:89:77:38:3a:9b:39:89:03:d7:7f:80:75:e8:87:35:61:
d9:9c:c2:9a:dc:70:01:55:71:59:3d:a2:78:4f:0e:43:31:0d:
85:5b:1c:b6:f1:b4:2a:4e:0f:33:f2:26:28:fb:40:9e:a6:8f:
1c:bc:f0:df:d3:b2:5a:9a:94:52:84:27:e1:bd:dc:4a:df:fc:
fa:b9:a2:e4:af:55:33:f1:26:7a:9d:5d:24:d5:b3:07:4a:69:
c5:3e:bf:8a:ad:41:cd:6d:1e:d0:b1:ea:10:04:20:c5:6e:4b:
a9:f0:e2:95
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY0xXUGPkv9jCzBf63z2BJp+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTIyMTMzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yzg3OGQ4M2M2YjE5MDg1ZTk5NTk3M2Y4MzYyYTcxYjY4ZTQ2MDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNnt21zlv6UMJMGO5HLMu16ts5xp
qbg7T8GbZ/mS45LkDb6KVtSyD/PnHgIJMrlACe3DeVvZVpHf6vT+7He/q9XTkf/W
32VldVy1iq/QSYkGb8zQbOIS7NgHDgDSMIeOQw2SjtFEjdhopMavxF9yBLwWQGKX
3b3qjuYRMKy0Bz6q/UqEoXswowpt/xQwn6KhL+ysDCZJKVUwLOZlR23md3IltrwO
4s7YfdH9KEIQ/BijdQqVBPGMaJOOTpxoEZBAqZtCoGOr/81Qz1eIKOFPF7ZaAWyQ
E4Rfwugc/FtIUbbDjSaEHqljbxvu8bpTMfl0LiSLfcFrEW7XnJPzVl9ifQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHyHjYPGsZCF6ZWXP4Nipxto5GAxMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvZkllTmc4YXhrSVhwbFpjX2cyS25HMmprWURFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBWSLgAwQA
WSLnAwQAWShSAwQAWS91AwQAWS99MA0GCSqGSIb3DQEBCwUAA4IBAQALOiAdTPiP
2Nd6n54PaHSTYWiBcQFjG3jag0JHEEa79zMhR3ezbX/MtsDkU2jyOv0nFofDz05h
fO11IoxJtI7zjFHUmVkUFcQuIaifSMGP8XO68rF0FqZPfuEoGDcMqB7N5U84YvZX
sK7bwGvq743ABir7g4sLL5ht+qKAT36Czetv7nnZa3PDzEoyTkmD5yOJBYl3ODqb
OYkD13+AdeiHNWHZnMKa3HABVXFZPaJ4Tw5DMQ2FWxy28bQqTg8z8iYo+0Cepo8c
vPDf07JampRShCfhvdxK3/z6uaLkr1Uz8SZ6nV0k1bMHSmnFPr+KrUHNbR7QseoQ
BCDFbkup8OKV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:50 2024 by rpki-client on console-ams.rpki-client.org