Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/jXJVooMaNr-9XJWcrSVESFJ68cI.roa
File: jXJVooMaNr-9XJWcrSVESFJ68cI.roa (raw, json)
Hash identifier: thLYWH3DjRNTAupkbSW1j0/fSYuo88ZUc20waoCEHls=
Subject key identifier: 8D:72:55:A2:83:1A:36:BF:BD:5C:95:9C:AD:25:44:48:52:7A:F1:C2
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018B5107EEA0168A671AA6813308133436F3
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/jXJVooMaNr-9XJWcrSVESFJ68cI.roa
Signing time: Sat 21 Oct 2023 06:59:16 +0000
ROA not before: Sat 21 Oct 2023 06:59:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.82.0/23 maxlen: 23
89.42.83.0/24 maxlen: 24
89.42.80.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sun 22 Oct 2023 07:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:51:07:ee:a0:16:8a:67:1a:a6:81:33:08:13:34:36:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 21 06:59:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d7255a2831a36bfbd5c959cad254448527af1c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:79:db:2d:ff:82:03:57:31:5c:fa:50:7c:83:
79:d3:88:30:80:fc:4c:1e:2c:95:1b:4f:23:4a:f3:
c5:ac:ba:22:0d:fc:73:0d:78:11:49:ef:ce:fe:4b:
24:70:6e:29:70:b5:1c:f0:33:ae:f1:d3:ff:d5:e0:
e2:6d:96:61:06:ff:e0:37:61:c0:31:1d:48:91:61:
f6:32:63:9b:b2:d8:72:0f:6f:9b:9f:b2:db:2e:f1:
0c:29:65:f4:33:4f:76:c3:38:04:b7:6d:50:f0:df:
28:a1:c0:04:d3:d9:d3:cd:bf:82:ee:86:9e:88:45:
10:c1:23:c1:f3:ff:f0:b1:47:ab:bc:0e:00:23:0f:
d4:50:fa:3b:fa:6e:84:78:dd:70:17:c5:68:fc:95:
29:9a:df:a7:e7:98:47:cf:9a:18:8a:94:d4:01:ec:
9b:22:a0:c4:39:bb:67:f4:1f:2a:66:35:1a:77:51:
23:3b:ab:0d:13:ca:22:01:25:ed:c1:6c:59:23:b2:
47:78:43:5d:4e:99:81:35:e2:2d:dc:5c:fb:46:0b:
d5:a1:56:34:37:0a:e6:85:1e:65:49:33:5c:63:bb:
ae:5c:4b:51:0d:88:7d:4e:bb:c6:40:56:85:ea:f7:
ed:a3:73:ed:07:40:cb:a0:ef:71:a5:de:bb:e7:42:
b6:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:72:55:A2:83:1A:36:BF:BD:5C:95:9C:AD:25:44:48:52:7A:F1:C2
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/jXJVooMaNr-9XJWcrSVESFJ68cI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.80.0/22
Signature Algorithm: sha256WithRSAEncryption
79:18:03:d3:45:be:5a:19:9d:cf:14:80:a2:29:72:24:89:1d:
c5:c6:d3:9c:25:80:ee:9e:5c:b8:98:eb:57:76:d9:63:f4:a1:
7b:ed:2c:9c:8e:00:ff:11:9b:28:eb:e1:ea:93:77:8c:30:e3:
4e:3c:34:83:f3:0f:66:20:ae:84:69:f0:41:c0:a9:05:c5:80:
42:02:d7:c6:59:8d:9e:e7:bc:a5:b1:66:22:9d:a3:cd:72:d6:
71:3d:7d:b8:82:cf:e1:7e:cb:50:ad:f4:25:33:3a:54:34:8f:
5c:cf:66:4e:fa:b6:b3:8e:c3:9e:57:3f:c2:d9:ab:7a:b1:da:
8a:ad:97:14:18:14:d2:6a:d2:3d:c3:f2:24:37:41:97:78:c6:
06:b1:a9:76:35:78:92:5a:48:6e:ad:6c:69:12:c8:34:bb:5a:
11:6f:9b:9b:35:7b:eb:02:d3:90:c2:1f:ad:8c:d0:77:16:b1:
dc:f5:9a:fc:36:f0:77:b9:c0:90:ae:ad:97:73:fc:37:b1:95:
a5:28:26:17:5c:b4:56:32:81:c0:67:ff:bf:dd:53:9f:5b:e4:
91:10:f2:30:d3:be:28:3a:90:9f:09:a1:6a:90:88:6c:62:84:
fb:3d:da:75:45:cf:f6:62:c0:2b:08:eb:b3:cf:71:69:85:53:
e1:fd:b4:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtRB+6gFopnGqaBMwgTNDbzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMDIxMDY1OTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDcyNTVhMjgzMWEzNmJmYmQ1Yzk1OWNhZDI1NDQ0ODUyN2FmMWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3nbLf+CA1cxXPpQfIN504gwgPxM
HiyVG08jSvPFrLoiDfxzDXgRSe/O/kskcG4pcLUc8DOu8dP/1eDibZZhBv/gN2HA
MR1IkWH2MmObsthyD2+bn7LbLvEMKWX0M092wzgEt21Q8N8oocAE09nTzb+C7oae
iEUQwSPB8//wsUervA4AIw/UUPo7+m6EeN1wF8Vo/JUpmt+n55hHz5oYipTUAeyb
IqDEObtn9B8qZjUad1EjO6sNE8oiASXtwWxZI7JHeENdTpmBNeIt3Fz7RgvVoVY0
NwrmhR5lSTNcY7uuXEtRDYh9TrvGQFaF6vfto3PtB0DLoO9xpd6750K2iQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI1yVaKDGja/vVyVnK0lREhSevHCMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvalhKVm9vTWFOci05WEpXY3JTVkVTRko2OGNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWSpQMA0G
CSqGSIb3DQEBCwUAA4IBAQB5GAPTRb5aGZ3PFICiKXIkiR3FxtOcJYDunly4mOtX
dtlj9KF77SycjgD/EZso6+Hqk3eMMONOPDSD8w9mIK6EafBBwKkFxYBCAtfGWY2e
57ylsWYinaPNctZxPX24gs/hfstQrfQlMzpUNI9cz2ZO+razjsOeVz/C2at6sdqK
rZcUGBTSatI9w/IkN0GXeMYGsal2NXiSWkhurWxpEsg0u1oRb5ubNXvrAtOQwh+t
jNB3FrHc9Zr8NvB3ucCQrq2Xc/w3sZWlKCYXXLRWMoHAZ/+/3VOfW+SREPIw074o
OpCfCaFqkIhsYoT7Pdp1Rc/2YsArCOuzz3FphVPh/bSM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org