Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/hUpkus28Imdz5hFrs5or5tdTreQ.roa
File: hUpkus28Imdz5hFrs5or5tdTreQ.roa (raw, json)
Hash identifier: drswdrVZI+OQCYlHd74nmNNvRbMeNkaL7guil3UuZb8=
Subject key identifier: 85:4A:64:BA:CD:BC:22:67:73:E6:11:6B:B3:9A:2B:E6:D7:53:AD:E4
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 0189720AEF58C3DBF906410BA16E1AD7597E
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/hUpkus28Imdz5hFrs5or5tdTreQ.roa
Signing time: Thu 20 Jul 2023 06:44:26 +0000
ROA not before: Thu 20 Jul 2023 06:44:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6939
IP address blocks: 89.42.86.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:72:0a:ef:58:c3:db:f9:06:41:0b:a1:6e:1a:d7:59:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jul 20 06:44:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=854a64bacdbc226773e6116bb39a2be6d753ade4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a5:71:18:b9:f5:1c:f1:cc:1d:04:86:6a:8f:
7b:af:6b:fd:49:20:57:8d:0a:aa:ab:c9:01:fa:67:
5f:4f:77:d6:3e:21:a0:cc:f3:6e:32:b7:43:5e:4c:
28:08:d8:0d:f2:67:a4:70:79:b5:42:6d:b6:eb:28:
bc:05:4b:05:f1:54:a0:0a:e2:84:19:72:0d:d7:49:
3f:24:e1:92:f9:b2:ca:72:7c:84:13:73:73:fb:34:
d8:8d:fe:0d:92:f5:d9:a3:b7:ba:01:bf:c3:24:7d:
3c:d9:f0:4e:e9:75:df:bc:89:48:2f:21:f9:a7:c5:
e2:c3:ff:2d:3d:84:53:f8:4b:e8:11:cb:da:3f:3b:
68:f2:37:d6:84:95:6c:2e:23:9c:e6:cc:42:8f:ac:
e1:79:d8:a3:a2:34:54:91:44:74:f7:d6:64:b0:ee:
74:47:65:68:06:65:47:f2:2e:a0:a1:c1:b8:19:a1:
6f:0d:2b:f4:7c:60:89:91:16:ee:62:b5:38:c2:1f:
68:7b:d6:74:2e:3b:97:36:f1:31:65:a6:a0:8d:3e:
17:d2:00:7e:e0:1d:a2:7a:de:73:7a:dd:83:99:ce:
b6:5c:c1:6a:8f:cc:86:0f:0f:f6:d6:a0:c9:d3:61:
30:ee:94:11:e2:3f:3c:13:3e:15:6d:91:c3:dd:db:
74:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:4A:64:BA:CD:BC:22:67:73:E6:11:6B:B3:9A:2B:E6:D7:53:AD:E4
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/hUpkus28Imdz5hFrs5or5tdTreQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.86.0/24
Signature Algorithm: sha256WithRSAEncryption
20:27:b8:26:23:58:bb:c2:8b:13:e8:39:f9:d0:ef:35:2e:91:
83:b2:88:1b:8d:b7:47:3f:b6:ec:63:96:c5:9c:63:4b:fc:8a:
8e:42:90:d9:96:fd:f7:a8:c8:d4:d5:ee:ab:07:9f:d0:0c:bd:
7a:9b:15:53:65:36:c4:d4:b8:6d:51:dc:4d:58:51:7e:82:ea:
56:6d:43:85:31:da:59:80:dd:3b:e6:0d:b3:47:85:75:bf:83:
48:c1:e7:9c:bc:14:08:2d:cd:49:b2:16:53:c9:c9:20:9d:1c:
7f:71:51:a5:5f:b2:ab:f6:b7:f0:18:eb:3b:c3:ce:59:9c:a6:
c7:ce:98:26:ee:5d:78:68:4d:8e:06:0b:25:8c:93:20:c9:8c:
df:57:08:11:85:da:93:98:d3:8a:ec:76:f5:18:bb:35:b0:d8:
2b:c5:c0:35:24:b1:e1:1e:57:f3:6f:b8:3b:81:e8:70:bc:8d:
c7:25:76:ce:3c:d8:96:a1:a6:15:43:ef:c6:45:8a:b2:7b:ed:
62:60:53:60:a8:1a:be:0e:ec:be:da:34:40:0d:a0:f4:6b:e1:
8d:f0:f3:70:a1:5a:72:dc:67:28:db:4a:7d:be:56:57:5f:2a:
40:09:3f:82:91:31:2d:43:2c:e9:fd:c7:63:a4:54:2d:1f:a4:
d0:95:87:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlyCu9Yw9v5BkELoW4a11l+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwNzIwMDY0NDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTRhNjRiYWNkYmMyMjY3NzNlNjExNmJiMzlhMmJlNmQ3NTNhZGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKVxGLn1HPHMHQSGao97r2v9SSBX
jQqqq8kB+mdfT3fWPiGgzPNuMrdDXkwoCNgN8mekcHm1Qm226yi8BUsF8VSgCuKE
GXIN10k/JOGS+bLKcnyEE3Nz+zTYjf4NkvXZo7e6Ab/DJH082fBO6XXfvIlILyH5
p8Xiw/8tPYRT+EvoEcvaPzto8jfWhJVsLiOc5sxCj6zhedijojRUkUR099ZksO50
R2VoBmVH8i6gocG4GaFvDSv0fGCJkRbuYrU4wh9oe9Z0LjuXNvExZaagjT4X0gB+
4B2iet5zet2Dmc62XMFqj8yGDw/21qDJ02Ew7pQR4j88Ez4VbZHD3dt0KwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIVKZLrNvCJnc+YRa7OaK+bXU63kMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvaFVwa3VzMjhJbWR6NWhGcnM1b3I1dGRUcmVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSpWMA0G
CSqGSIb3DQEBCwUAA4IBAQAgJ7gmI1i7wosT6Dn50O81LpGDsogbjbdHP7bsY5bF
nGNL/IqOQpDZlv33qMjU1e6rB5/QDL16mxVTZTbE1LhtUdxNWFF+gupWbUOFMdpZ
gN075g2zR4V1v4NIweecvBQILc1JshZTyckgnRx/cVGlX7Kr9rfwGOs7w85ZnKbH
zpgm7l14aE2OBgsljJMgyYzfVwgRhdqTmNOK7Hb1GLs1sNgrxcA1JLHhHlfzb7g7
gehwvI3HJXbOPNiWoaYVQ+/GRYqye+1iYFNgqBq+Duy+2jRADaD0a+GN8PNwoVpy
3Gco20p9vlZXXypACT+CkTEtQyzp/cdjpFQtH6TQlYfy
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:12 2024 by rpki-client on console-ams.rpki-client.org