Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/jFA7GDLVkFxsvBklKOHE847tFlU.roa
File: jFA7GDLVkFxsvBklKOHE847tFlU.roa (raw, json)
Hash identifier: Sbu1qH3FBItd4q8o1pM3fePQm+ELB/RcoevyM6yOSAQ=
Subject key identifier: 8C:50:3B:18:32:D5:90:5C:6C:BC:19:25:28:E1:C4:F3:8E:ED:16:55
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018CEEFE6DF35ACB5234A988277F17952556
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/jFA7GDLVkFxsvBklKOHE847tFlU.roa
Signing time: Tue 09 Jan 2024 16:11:40 +0000
ROA not before: Tue 09 Jan 2024 16:11:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.37.196.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 07:50:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ee:fe:6d:f3:5a:cb:52:34:a9:88:27:7f:17:95:25:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 9 16:11:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c503b1832d5905c6cbc192528e1c4f38eed1655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9f:2e:97:23:4e:4f:a5:51:db:b2:c5:51:7a:
a0:4d:c0:62:fc:02:e5:14:ce:34:56:40:57:bd:83:
c2:c4:f3:66:8c:57:b5:d4:c2:7a:b6:ea:ac:46:cc:
a6:05:29:96:69:b3:88:86:57:6b:2d:c8:54:d3:87:
74:ad:ba:66:34:5f:0e:16:a3:ed:27:5c:90:96:0b:
51:09:0b:b8:dc:c4:f9:2d:db:9f:8d:f1:ea:eb:25:
0f:73:07:6f:d6:bc:dd:66:cf:41:96:34:4c:a6:83:
44:55:f6:1b:74:94:b7:13:bb:ff:e1:e1:ba:10:2e:
be:e1:a8:a1:1a:3b:f2:f5:0c:13:b2:7c:4a:1d:f1:
33:18:f1:f5:44:5d:1d:6c:f4:c6:d7:42:6d:33:6a:
6f:e7:92:e6:1d:37:d2:fe:68:49:cd:2d:b9:50:7f:
2d:4e:5a:53:f9:54:1a:41:57:58:39:78:c5:fb:79:
a4:bc:c6:bf:85:be:67:dd:66:c3:21:0b:9a:81:58:
61:63:1d:14:3f:fe:14:33:db:d4:28:c1:a0:6a:5f:
d5:c9:e3:3f:0b:db:3b:ff:e3:3f:e1:5f:78:7a:93:
3c:78:e9:21:c0:4d:5b:65:43:f7:ec:75:92:d1:8c:
0e:38:1c:37:da:07:59:88:d1:b0:bd:b9:20:66:71:
96:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:50:3B:18:32:D5:90:5C:6C:BC:19:25:28:E1:C4:F3:8E:ED:16:55
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/jFA7GDLVkFxsvBklKOHE847tFlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.196.0/24
89.42.81.0-89.42.83.255
89.46.3.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:87:ee:44:c5:75:f9:70:c6:35:e2:c6:aa:f6:21:e7:d1:3c:
c4:e7:89:5a:07:7a:b6:27:fb:ef:b4:0d:42:18:e3:35:d3:cd:
4b:3f:76:91:b6:64:86:d6:5b:88:87:13:b6:26:b4:29:33:87:
9a:15:ed:bd:d1:04:cb:e5:9b:d8:66:d9:95:3c:5b:fd:2d:da:
0b:73:44:48:d8:7e:f2:58:e2:3a:9e:e6:06:bd:6b:c2:a5:c4:
41:1e:e6:26:9e:29:dd:df:3e:8e:33:97:ba:98:41:d9:d9:0b:
0e:64:cf:03:81:48:cd:47:d0:97:83:80:a0:cd:ac:a8:97:6a:
7e:43:08:fa:d8:17:98:71:76:fc:4a:02:97:9a:66:e6:2d:b0:
bb:86:84:93:16:93:3f:96:a1:5c:e0:8e:5b:f8:20:4c:f4:61:
fe:92:c3:1f:18:c7:d1:3e:28:86:f5:57:9b:e2:d3:45:51:53:
1f:0a:fa:14:de:62:e7:ba:b6:54:77:9d:78:a7:41:1f:ee:b0:
e1:06:79:51:e2:15:11:b7:ee:03:96:6e:6f:bb:8c:f3:2e:58:
96:ff:ce:9d:d0:20:31:d5:ab:e8:b9:7f:38:a7:bf:0e:22:1a:
78:37:79:be:75:88:53:78:18:db:6e:50:3c:c3:62:71:f7:4d:
72:a6:70:04
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzu/m3zWstSNKmIJ38XlSVWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTA5MTYxMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzUwM2IxODMyZDU5MDVjNmNiYzE5MjUyOGUxYzRmMzhlZWQxNjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv58ulyNOT6VR27LFUXqgTcBi/ALl
FM40VkBXvYPCxPNmjFe11MJ6tuqsRsymBSmWabOIhldrLchU04d0rbpmNF8OFqPt
J1yQlgtRCQu43MT5LdufjfHq6yUPcwdv1rzdZs9BljRMpoNEVfYbdJS3E7v/4eG6
EC6+4aihGjvy9QwTsnxKHfEzGPH1RF0dbPTG10JtM2pv55LmHTfS/mhJzS25UH8t
TlpT+VQaQVdYOXjF+3mkvMa/hb5n3WbDIQuagVhhYx0UP/4UM9vUKMGgal/VyeM/
C9s7/+M/4V94epM8eOkhwE1bZUP37HWS0YwOOBw32gdZiNGwvbkgZnGWMQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIxQOxgy1ZBcbLwZJSjhxPOO7RZVMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvakZBN0dETFZrRnhzdkJrbEtPSEU4NDd0RmxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAWSXEMAwD
BABZKlEDBAJZKlADBABZLgMwDQYJKoZIhvcNAQELBQADggEBAB2H7kTFdflwxjXi
xqr2IefRPMTniVoHerYn+++0DUIY4zXTzUs/dpG2ZIbWW4iHE7YmtCkzh5oV7b3R
BMvlm9hm2ZU8W/0t2gtzREjYfvJY4jqe5ga9a8KlxEEe5iaeKd3fPo4zl7qYQdnZ
Cw5kzwOBSM1H0JeDgKDNrKiXan5DCPrYF5hxdvxKApeaZuYtsLuGhJMWkz+WoVzg
jlv4IEz0Yf6Swx8Yx9E+KIb1V5vi00VRUx8K+hTeYue6tlR3nXinQR/usOEGeVHi
FRG37gOWbm+7jPMuWJb/zp3QIDHVq+i5fzinvw4iGng3eb51iFN4GNtuUDzDYnH3
TXKmcAQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org