Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/fbfdUDNIvix1EXmh-dDjeElANkI.roa
File: fbfdUDNIvix1EXmh-dDjeElANkI.roa (raw, json)
Hash identifier: H8lhBlel7FNGgDwY3DM888ksls5LFUkERjy3/oT/9nE=
Subject key identifier: 7D:B7:DD:50:33:48:BE:2C:75:11:79:A1:F9:D0:E3:78:49:40:36:42
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018A3C9C211BD9BD73417B7FCAD21A373375
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/fbfdUDNIvix1EXmh-dDjeElANkI.roa
Signing time: Mon 28 Aug 2023 14:46:19 +0000
ROA not before: Mon 28 Aug 2023 14:46:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.82.0/23 maxlen: 23
89.42.80.0/23 maxlen: 23
89.42.93.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Aug 2023 04:42:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3c:9c:21:1b:d9:bd:73:41:7b:7f:ca:d2:1a:37:33:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Aug 28 14:46:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7db7dd503348be2c751179a1f9d0e37849403642
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f8:22:08:03:14:1a:ca:f0:5e:33:87:d5:60:
9c:ee:ee:0a:e1:33:2f:f8:bf:7d:31:13:b4:1a:ed:
68:e2:e2:9a:e9:22:16:c2:73:58:32:ea:8f:da:b7:
bb:10:e9:79:eb:b5:9b:b3:3b:d4:3e:48:53:44:dd:
76:99:3a:0a:30:bf:78:31:ad:8f:90:af:b8:23:f4:
15:ab:5a:4c:53:25:9d:76:d7:5f:7b:53:fb:67:5e:
44:d1:2e:ae:fd:6d:a5:8b:89:9e:43:aa:79:e5:f3:
56:00:00:d5:34:ab:05:97:4c:ab:86:60:5a:4e:5b:
b6:d0:d0:4b:bc:ac:e9:d1:2e:ef:85:62:d8:0e:eb:
03:8d:8c:e1:a2:a4:52:e2:7f:6b:c9:b5:9c:54:28:
78:55:0a:01:a2:bc:44:4e:bf:cc:a8:2a:fd:c0:36:
03:21:b3:f3:5a:02:cb:e0:6c:0f:af:5a:e5:8d:69:
e2:19:71:7a:df:15:ae:4e:ff:54:48:c9:eb:d8:b1:
ef:15:fe:e6:72:26:f7:a1:22:95:96:23:f9:8e:db:
21:dd:36:08:e3:fa:a0:05:4d:1f:83:40:85:aa:84:
ef:1c:1e:ce:5d:2b:86:e7:4f:b7:fd:23:00:cb:22:
be:09:75:d4:34:81:d1:60:9c:62:c6:ee:c8:ae:17:
fc:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:B7:DD:50:33:48:BE:2C:75:11:79:A1:F9:D0:E3:78:49:40:36:42
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/fbfdUDNIvix1EXmh-dDjeElANkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.80.0/22
89.42.93.0/24
Signature Algorithm: sha256WithRSAEncryption
83:c3:93:e6:03:ad:4e:ba:ce:a5:4a:62:2f:f7:c3:08:eb:b9:
93:e3:b6:d8:ca:77:e2:40:18:24:22:59:ed:03:bc:fc:e2:d0:
61:0a:fa:b1:27:98:13:c2:d0:50:ad:ad:88:55:46:4d:24:e6:
2d:4d:17:c0:09:55:5e:c2:8e:d6:27:22:e8:01:64:68:51:89:
1e:ee:76:9b:76:9f:d9:7c:69:55:5f:72:57:a9:dc:2f:20:a1:
0c:3c:a0:63:42:4b:f7:7d:fa:51:af:28:62:31:34:13:63:e7:
9b:c1:cb:3d:5c:c1:20:c2:33:2a:fd:15:cd:ca:0c:86:00:ee:
3c:42:76:32:8d:de:79:55:33:8d:34:9b:91:ba:81:d1:41:5f:
26:7a:d7:e6:d9:64:c7:d4:a6:b8:c2:21:bc:fb:ab:09:c1:6e:
c4:d4:07:33:c9:0b:a1:74:23:36:e6:e8:01:c2:92:3c:84:95:
79:0e:e4:ef:8b:6a:60:ec:a2:fd:8e:31:b4:1b:df:fc:b6:83:
4d:69:0b:55:eb:0e:70:ce:a7:07:7c:18:2c:b9:60:b8:67:6c:
30:31:df:57:9a:98:e3:0f:1e:60:06:09:f3:b9:0c:81:87:3b:
54:3c:cd:23:5e:f6:31:b3:7a:8c:89:02:04:00:8a:ce:79:90:
19:8e:1f:55
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYo8nCEb2b1zQXt/ytIaNzN1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwODI4MTQ0NjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGI3ZGQ1MDMzNDhiZTJjNzUxMTc5YTFmOWQwZTM3ODQ5NDAzNjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/giCAMUGsrwXjOH1WCc7u4K4TMv
+L99MRO0Gu1o4uKa6SIWwnNYMuqP2re7EOl567WbszvUPkhTRN12mToKML94Ma2P
kK+4I/QVq1pMUyWddtdfe1P7Z15E0S6u/W2li4meQ6p55fNWAADVNKsFl0yrhmBa
Tlu20NBLvKzp0S7vhWLYDusDjYzhoqRS4n9rybWcVCh4VQoBorxETr/MqCr9wDYD
IbPzWgLL4GwPr1rljWniGXF63xWuTv9USMnr2LHvFf7mcib3oSKVliP5jtsh3TYI
4/qgBU0fg0CFqoTvHB7OXSuG50+3/SMAyyK+CXXUNIHRYJxixu7Irhf88wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH233VAzSL4sdRF5ofnQ43hJQDZCMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvZmJmZFVETkl2aXgxRVhtaC1kRGplRWxBTmtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWSpQAwQA
WSpdMA0GCSqGSIb3DQEBCwUAA4IBAQCDw5PmA61Ous6lSmIv98MI67mT47bYynfi
QBgkIlntA7z84tBhCvqxJ5gTwtBQra2IVUZNJOYtTRfACVVewo7WJyLoAWRoUYke
7nabdp/ZfGlVX3JXqdwvIKEMPKBjQkv3ffpRryhiMTQTY+ebwcs9XMEgwjMq/RXN
ygyGAO48QnYyjd55VTONNJuRuoHRQV8metfm2WTH1Ka4wiG8+6sJwW7E1AczyQuh
dCM25ugBwpI8hJV5DuTvi2pg7KL9jjG0G9/8toNNaQtV6w5wzqcHfBgsuWC4Z2ww
Md9XmpjjDx5gBgnzuQyBhztUPM0jXvYxs3qMiQIEAIrOeZAZjh9V
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org