Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/kcQsNrSRmVlifO_ENgh9Z1YMYcg.roa
File: kcQsNrSRmVlifO_ENgh9Z1YMYcg.roa (raw, json)
Hash identifier: rZE6rOSc1MoDBYsV+ER8dNATzo6kuK5LDK/BvruCLx4=
Subject key identifier: 91:C4:2C:36:B4:91:99:59:62:7C:EF:C4:36:08:7D:67:56:0C:61:C8
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 0190AAE86240009F9338554BFE0E4DF3787D
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/kcQsNrSRmVlifO_ENgh9Z1YMYcg.roa
Signing time: Sat 13 Jul 2024 07:04:34 +0000
ROA not before: Sat 13 Jul 2024 07:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214572
IP address blocks: 89.40.83.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:aa:e8:62:40:00:9f:93:38:55:4b:fe:0e:4d:f3:78:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jul 13 07:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91c42c36b4919959627cefc436087d67560c61c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e6:48:27:b6:bf:25:48:ec:d8:bd:aa:b3:84:
27:a1:00:47:4d:0d:63:bc:1b:07:28:28:46:ab:4e:
83:ed:51:59:87:cb:4f:70:84:52:65:01:0a:ad:74:
07:8a:f2:7a:42:4a:5c:98:b7:bb:ab:6f:45:e0:aa:
70:dc:7c:c1:66:86:90:5b:48:30:8d:29:7b:52:ce:
85:82:11:e3:68:3c:0d:73:cc:d7:e1:22:9f:49:81:
0f:66:28:0c:b5:e6:51:0b:fb:bb:c6:96:d9:34:c6:
0f:ac:4b:0c:f4:d7:78:be:a8:e2:08:ce:c3:bf:9d:
ce:a9:f2:0b:12:de:1e:81:33:7f:f7:c5:6b:f6:d9:
52:16:0f:92:ae:89:db:4c:1a:9a:3f:7b:62:8b:2f:
31:2c:ca:80:e7:6a:a5:e5:b9:41:9d:0d:82:f8:1d:
c6:16:56:e8:ab:f1:e0:e6:37:3e:00:96:e4:4a:68:
4a:12:f3:86:98:22:f7:65:0b:1a:d7:85:16:45:2d:
43:b4:0b:c3:2b:76:aa:53:c5:2e:e3:ed:09:60:7b:
81:a3:84:38:44:18:fc:1d:a2:66:5b:ec:c5:25:da:
7e:8a:04:3c:a1:f4:c7:ab:52:b7:c8:b7:c3:b0:07:
d2:59:bc:81:30:c4:da:05:86:cc:f2:26:7a:e6:9a:
7b:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:C4:2C:36:B4:91:99:59:62:7C:EF:C4:36:08:7D:67:56:0C:61:C8
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/kcQsNrSRmVlifO_ENgh9Z1YMYcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.83.0/24
Signature Algorithm: sha256WithRSAEncryption
41:7b:c1:02:fe:51:c6:a2:6d:ea:ac:c0:45:74:06:ad:7e:73:
ed:45:90:49:25:3f:4e:c8:27:aa:3b:91:e3:61:28:64:5f:a4:
24:af:26:84:22:e0:0e:cf:f7:4f:6a:8e:fe:d8:5d:d2:4f:67:
61:17:fa:96:2e:8d:72:43:a7:d9:f0:2c:37:0c:28:81:d3:fd:
93:eb:03:db:a7:92:3f:f2:65:33:d7:0e:7b:2e:60:29:5d:dd:
34:e8:2b:15:11:c7:ab:8e:b1:d0:96:ab:ba:4f:a1:db:ac:8e:
de:93:39:0e:f4:ca:3c:bc:87:e6:76:ff:6e:b3:f9:57:0f:32:
b6:63:57:1c:7c:9f:7f:1c:bb:ba:47:c0:b1:02:d7:c4:65:07:
22:9c:b1:10:1a:b1:9e:bb:6a:e5:d6:43:6b:dd:30:12:6c:eb:
32:ad:61:08:3f:1a:d6:ed:c4:5e:03:13:ba:2a:a9:a1:bd:27:
47:5b:95:95:be:40:b8:c9:03:cf:ba:67:4a:ec:e8:42:78:5f:
93:9e:d5:74:98:38:c4:63:f4:37:76:57:3a:cf:c1:31:b9:1a:
6d:f5:cd:52:91:e9:a6:27:08:37:1e:8e:40:ad:e0:39:77:48:
1e:8e:1a:ec:e7:a9:71:02:05:8d:03:8f:2a:21:3e:a0:99:2a:
d4:a5:0d:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZCq6GJAAJ+TOFVL/g5N83h9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwNzEzMDcwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWM0MmMzNmI0OTE5OTU5NjI3Y2VmYzQzNjA4N2Q2NzU2MGM2MWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneZIJ7a/JUjs2L2qs4QnoQBHTQ1j
vBsHKChGq06D7VFZh8tPcIRSZQEKrXQHivJ6QkpcmLe7q29F4Kpw3HzBZoaQW0gw
jSl7Us6FghHjaDwNc8zX4SKfSYEPZigMteZRC/u7xpbZNMYPrEsM9Nd4vqjiCM7D
v53OqfILEt4egTN/98Vr9tlSFg+SronbTBqaP3tiiy8xLMqA52ql5blBnQ2C+B3G
Flboq/Hg5jc+AJbkSmhKEvOGmCL3ZQsa14UWRS1DtAvDK3aqU8Uu4+0JYHuBo4Q4
RBj8HaJmW+zFJdp+igQ8ofTHq1K3yLfDsAfSWbyBMMTaBYbM8iZ65pp75QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJHELDa0kZlZYnzvxDYIfWdWDGHIMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEva2NRc05yU1JtVmxpZk9fRU5naDlaMVlNWWNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWShTMA0G
CSqGSIb3DQEBCwUAA4IBAQBBe8EC/lHGom3qrMBFdAatfnPtRZBJJT9OyCeqO5Hj
YShkX6QkryaEIuAOz/dPao7+2F3ST2dhF/qWLo1yQ6fZ8Cw3DCiB0/2T6wPbp5I/
8mUz1w57LmApXd006CsVEcerjrHQlqu6T6HbrI7ekzkO9Mo8vIfmdv9us/lXDzK2
Y1ccfJ9/HLu6R8CxAtfEZQcinLEQGrGeu2rl1kNr3TASbOsyrWEIPxrW7cReAxO6
KqmhvSdHW5WVvkC4yQPPumdK7OhCeF+TntV0mDjEY/Q3dlc6z8ExuRpt9c1Skemm
Jwg3Ho5AreA5d0gejhrs56lxAgWNA48qIT6gmSrUpQ08
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:53:36 2025 by rpki-client