Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/kiNNgTfbiahTrbUuPCj_8KRsD48.roa
File: kiNNgTfbiahTrbUuPCj_8KRsD48.roa (raw, json)
Hash identifier: beXoQJN1AD0lfC9wAo9YzcWvl8Hd96529800H3vK3T0=
Subject key identifier: 92:23:4D:81:37:DB:89:A8:53:AD:B5:2E:3C:28:FF:F0:A4:6C:0F:8F
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018BADA9F2D235EA5EA4C7E529A1197ADC34
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/kiNNgTfbiahTrbUuPCj_8KRsD48.roa
Signing time: Wed 08 Nov 2023 06:41:18 +0000
ROA not before: Wed 08 Nov 2023 06:41:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209018
IP address blocks: 89.34.230.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ad:a9:f2:d2:35:ea:5e:a4:c7:e5:29:a1:19:7a:dc:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 8 06:41:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92234d8137db89a853adb52e3c28fff0a46c0f8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:0a:4c:48:3c:97:ee:fa:2b:fc:04:11:e3:06:
2d:1c:0d:29:dc:6e:6b:51:bc:b8:18:d3:ba:fa:81:
5e:5a:c3:70:ff:a8:95:75:16:fc:94:8c:24:90:d1:
d1:1f:87:09:04:fb:e4:0d:68:b7:1f:6a:1c:fd:d3:
d9:64:9a:8f:05:9f:f8:73:6f:6a:f0:88:2f:d6:95:
5e:79:8d:f3:52:58:b2:de:e8:82:50:57:19:9a:59:
63:55:b4:1f:de:44:4d:21:9a:89:40:02:62:b4:f8:
cb:be:6e:97:1b:2b:aa:75:89:85:e5:e1:d7:c0:14:
c8:2a:91:e9:24:c8:88:c5:4b:96:1c:49:e1:5b:13:
b8:87:fb:cf:a9:91:77:26:63:8b:82:8c:ea:b7:a8:
5f:37:22:58:6c:c3:51:b6:38:92:1b:8e:79:bb:59:
b5:c6:a3:e9:e0:a1:fc:1d:72:08:68:2f:b2:d2:75:
61:bd:99:64:71:87:fb:77:2d:80:82:6e:35:4c:cc:
a3:e3:d8:2b:cd:84:b2:ba:26:2b:7b:c1:d3:42:b9:
d7:f2:4f:06:bd:05:14:a0:2f:80:dd:53:97:6c:11:
ef:dc:e2:e0:9b:eb:93:6b:ca:d7:27:ef:1e:bd:5d:
90:02:4b:35:7b:b4:cf:b6:30:02:db:98:f7:27:55:
90:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:23:4D:81:37:DB:89:A8:53:AD:B5:2E:3C:28:FF:F0:A4:6C:0F:8F
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/kiNNgTfbiahTrbUuPCj_8KRsD48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.230.0/24
Signature Algorithm: sha256WithRSAEncryption
00:d2:ad:79:b1:ab:e9:3b:a0:2a:36:30:e0:ca:e5:a5:92:d9:
c5:73:c5:a8:f5:58:4b:44:d1:76:b0:c7:0b:f9:e0:43:32:cf:
f7:7f:35:20:eb:36:0f:a6:6c:09:73:db:54:bd:16:b0:20:05:
48:ea:d1:e4:d0:08:9d:56:1c:db:93:c5:4a:29:95:86:cd:a1:
12:0e:ff:88:39:3d:6b:16:43:5c:a0:12:a3:d7:3b:70:c5:71:
e7:9d:32:ab:55:e4:1a:58:dc:b4:fb:89:79:e2:bd:a3:a7:63:
85:d1:a9:90:b4:93:47:3b:c5:ac:85:70:6c:d8:4e:63:92:1d:
d7:95:68:ce:7c:e6:cb:d4:fa:4d:ba:c6:2a:bd:7b:7a:1a:cd:
c3:75:5c:31:dd:db:95:37:5e:8d:e2:9b:e4:f0:cd:21:9e:0a:
f0:e3:bd:ba:dd:0c:52:bd:6b:38:b6:44:05:04:ee:34:31:c0:
1b:b1:6f:af:c8:07:51:5a:0b:4b:c4:3e:3d:a7:0a:42:ed:a1:
f0:29:09:87:ae:db:25:93:73:d3:7b:ee:86:d1:4b:1f:59:ee:
ce:d7:7d:ff:eb:ea:1f:50:e7:97:2a:e4:f0:f6:e4:a1:39:9f:
04:b7:8e:9f:c0:4d:dc:3b:97:bc:25:2f:f2:31:cf:20:c1:1f:
88:a8:48:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYutqfLSNepepMflKaEZetw0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTA4MDY0MTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjIzNGQ4MTM3ZGI4OWE4NTNhZGI1MmUzYzI4ZmZmMGE0NmMwZjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQpMSDyX7vor/AQR4wYtHA0p3G5r
Uby4GNO6+oFeWsNw/6iVdRb8lIwkkNHRH4cJBPvkDWi3H2oc/dPZZJqPBZ/4c29q
8Igv1pVeeY3zUliy3uiCUFcZmlljVbQf3kRNIZqJQAJitPjLvm6XGyuqdYmF5eHX
wBTIKpHpJMiIxUuWHEnhWxO4h/vPqZF3JmOLgozqt6hfNyJYbMNRtjiSG455u1m1
xqPp4KH8HXIIaC+y0nVhvZlkcYf7dy2Agm41TMyj49grzYSyuiYre8HTQrnX8k8G
vQUUoC+A3VOXbBHv3OLgm+uTa8rXJ+8evV2QAks1e7TPtjAC25j3J1WQDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJIjTYE324moU621Ljwo//CkbA+PMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEva2lOTmdUZmJpYWhUcmJVdVBDal84S1JzRDQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSLmMA0G
CSqGSIb3DQEBCwUAA4IBAQAA0q15savpO6AqNjDgyuWlktnFc8Wo9VhLRNF2sMcL
+eBDMs/3fzUg6zYPpmwJc9tUvRawIAVI6tHk0AidVhzbk8VKKZWGzaESDv+IOT1r
FkNcoBKj1ztwxXHnnTKrVeQaWNy0+4l54r2jp2OF0amQtJNHO8WshXBs2E5jkh3X
lWjOfObL1PpNusYqvXt6Gs3DdVwx3duVN16N4pvk8M0hngrw47263QxSvWs4tkQF
BO40McAbsW+vyAdRWgtLxD49pwpC7aHwKQmHrtslk3PTe+6G0UsfWe7O133/6+of
UOeXKuTw9uShOZ8Et46fwE3cO5e8JS/yMc8gwR+IqEh6
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:12 2024 by rpki-client on console-ams.rpki-client.org