Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/kBHvaVNNf6uCQq3pvgVSxcyZQPQ.roa
File: kBHvaVNNf6uCQq3pvgVSxcyZQPQ.roa (raw, json)
Hash identifier: 4uX8Ggzm7dIGctWdgXHgPOi71PaauAQFIIEw7cEXd2U=
Subject key identifier: 90:11:EF:69:53:4D:7F:AB:82:42:AD:E9:BE:05:52:C5:CC:99:40:F4
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01894FD64B3B10350268157C848278F1AC80
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/kBHvaVNNf6uCQq3pvgVSxcyZQPQ.roa
Signing time: Thu 13 Jul 2023 15:19:51 +0000
ROA not before: Thu 13 Jul 2023 15:19:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.80.0/24 maxlen: 24
89.33.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Jul 2023 17:24:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4f:d6:4b:3b:10:35:02:68:15:7c:84:82:78:f1:ac:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jul 13 15:19:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9011ef69534d7fab8242ade9be0552c5cc9940f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e9:0b:f2:ea:2b:e5:cd:71:fb:ae:43:fb:91:
42:de:3c:0a:3e:a0:a1:f3:bd:a0:7a:01:b1:96:91:
5c:36:c7:35:a1:6d:0f:bb:a7:c2:2c:89:50:0e:6f:
b2:7c:cf:01:cf:79:67:66:a1:a9:ad:26:e8:ae:b5:
23:13:bb:ac:38:41:b6:20:9e:d9:68:fc:69:0b:e5:
70:3c:e8:0c:91:65:cc:56:d9:1e:0c:9a:80:f4:8f:
32:af:6b:9a:71:d7:1b:e1:1c:47:46:f3:bf:55:29:
b7:53:8c:b5:68:df:62:c9:80:a4:f9:6c:75:c5:fb:
9a:26:cc:d0:1a:fb:85:21:8a:b0:9d:f8:f0:12:70:
99:29:2f:75:28:bd:82:de:4c:a4:c8:4f:13:ee:d2:
fa:da:15:bb:9a:dd:26:79:be:09:57:1f:f3:12:96:
c1:b6:6f:30:5d:90:c6:27:05:5a:cf:79:69:e8:28:
62:d2:f2:7a:37:25:46:60:ba:1d:7f:66:62:54:dd:
77:13:b1:37:fb:c5:34:b6:b9:43:92:fd:89:f3:92:
dd:f3:1d:aa:74:5b:9b:a7:d3:df:ba:1e:3b:9d:6d:
ea:d3:7f:2c:0e:bf:98:38:3b:af:31:9f:2c:02:e9:
27:2a:10:f2:f4:4a:e8:f6:2a:89:1f:85:28:e1:68:
aa:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:11:EF:69:53:4D:7F:AB:82:42:AD:E9:BE:05:52:C5:CC:99:40:F4
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/kBHvaVNNf6uCQq3pvgVSxcyZQPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.193.0/24
89.42.80.0/23
Signature Algorithm: sha256WithRSAEncryption
36:7e:64:c0:5f:87:b2:86:3e:0a:d5:ed:ca:bb:ce:28:4d:31:
7a:43:56:4a:9e:e7:89:9f:c2:b4:98:c4:d9:63:f3:ad:dc:2b:
13:7c:23:63:59:50:69:98:c9:c7:d5:3d:08:fb:9d:4f:93:00:
a7:24:a1:55:41:c2:83:30:25:66:b3:fd:e8:91:ef:1d:b8:74:
0e:be:6d:4e:5d:82:62:8a:34:a9:1b:7e:49:a2:ab:07:d7:1e:
9b:e8:d5:d5:1c:62:98:31:b5:9e:71:17:6b:dd:53:37:83:2e:
d1:79:c2:08:3c:e4:7e:8e:26:46:a3:c8:95:4e:22:55:d6:62:
a1:89:9a:d8:a9:e3:1f:68:a4:8f:78:7f:2d:58:a9:c6:d0:b0:
47:4d:9f:53:34:cf:2a:29:ef:9e:29:72:4a:f8:02:b0:d6:72:
af:a1:b3:76:21:1b:19:9c:43:56:6e:6f:40:45:1f:18:2a:99:
15:a9:5d:36:8b:32:18:7b:e4:ed:93:1b:3e:b9:5b:d4:b3:4e:
87:e1:b7:0b:d7:9b:10:fb:9a:68:51:6c:7a:e6:3e:60:c2:f9:
89:99:f3:3c:f1:a2:34:5c:5c:53:f0:a7:cc:c0:e8:b7:f9:63:
73:d7:a8:1a:2b:c2:97:77:c8:9c:7d:bf:1a:29:10:f5:4f:f2:
d6:c0:8a:93
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYlP1ks7EDUCaBV8hIJ48ayAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwNzEzMTUxOTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDExZWY2OTUzNGQ3ZmFiODI0MmFkZTliZTA1NTJjNWNjOTk0MGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoekL8uor5c1x+65D+5FC3jwKPqCh
872gegGxlpFcNsc1oW0Pu6fCLIlQDm+yfM8Bz3lnZqGprSborrUjE7usOEG2IJ7Z
aPxpC+VwPOgMkWXMVtkeDJqA9I8yr2uacdcb4RxHRvO/VSm3U4y1aN9iyYCk+Wx1
xfuaJszQGvuFIYqwnfjwEnCZKS91KL2C3kykyE8T7tL62hW7mt0meb4JVx/zEpbB
tm8wXZDGJwVaz3lp6Chi0vJ6NyVGYLodf2ZiVN13E7E3+8U0trlDkv2J85Ld8x2q
dFubp9Pfuh47nW3q038sDr+YODuvMZ8sAuknKhDy9Ero9iqJH4Uo4Wiq0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJAR72lTTX+rgkKt6b4FUsXMmUD0MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEva0JIdmFWTk5mNnVDUXEzcHZnVlN4Y3laUVBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSHBAwQB
WSpQMA0GCSqGSIb3DQEBCwUAA4IBAQA2fmTAX4eyhj4K1e3Ku84oTTF6Q1ZKnueJ
n8K0mMTZY/Ot3CsTfCNjWVBpmMnH1T0I+51PkwCnJKFVQcKDMCVms/3oke8duHQO
vm1OXYJiijSpG35JoqsH1x6b6NXVHGKYMbWecRdr3VM3gy7RecIIPOR+jiZGo8iV
TiJV1mKhiZrYqeMfaKSPeH8tWKnG0LBHTZ9TNM8qKe+eKXJK+AKw1nKvobN2IRsZ
nENWbm9ARR8YKpkVqV02izIYe+Ttkxs+uVvUs06H4bcL15sQ+5poUWx65j5gwvmJ
mfM88aI0XFxT8KfMwOi3+WNz16gaK8KXd8icfb8aKRD1T/LWwIqT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:50 2024 by rpki-client on console-ams.rpki-client.org