Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/lGEr2tRmZIthjNyHukQLO4gaAnY.roa
File: lGEr2tRmZIthjNyHukQLO4gaAnY.roa (raw, json)
Hash identifier: ab+YQTIJxQE2nyOhknwBxXDKNfIHl2I4DpSeDuigvCw=
Subject key identifier: 94:61:2B:DA:D4:66:64:8B:61:8C:DC:87:BA:44:0B:3B:88:1A:02:76
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 0192C2544B3825E8C5A9B32BE678F59B16C4
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/lGEr2tRmZIthjNyHukQLO4gaAnY.roa
Signing time: Fri 25 Oct 2024 06:19:17 +0000
ROA not before: Fri 25 Oct 2024 06:19:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
93.114.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 27 Oct 2024 11:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c2:54:4b:38:25:e8:c5:a9:b3:2b:e6:78:f5:9b:16:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 25 06:19:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94612bdad466648b618cdc87ba440b3b881a0276
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:1c:c9:be:75:a6:e4:05:1e:e1:70:c6:2d:ed:
0a:6f:86:ec:c1:6a:46:93:be:64:18:0b:88:2b:66:
36:6e:5f:98:6e:94:a7:8a:55:3b:95:81:07:8c:0a:
8e:7f:e7:c2:45:ea:c5:72:74:70:c8:af:2e:88:ff:
7a:f3:78:c4:8c:25:8b:98:e6:a3:a8:ad:ec:b5:f8:
1a:4f:ca:0f:43:14:56:c1:d1:c2:a6:b4:d4:11:4b:
47:33:4e:7d:fc:db:30:03:75:74:ba:85:93:93:2f:
89:74:8b:bf:e9:7d:c8:22:54:3d:cd:0d:9c:ed:47:
ed:db:fe:02:b4:55:b3:de:2e:13:c6:28:d6:b1:d2:
9d:da:a8:d4:d2:7f:90:f0:89:36:aa:e7:fc:56:41:
07:6c:dc:04:c4:c1:cf:9c:34:90:1d:a5:a0:22:cc:
86:96:60:a9:0e:52:6d:7d:c8:a6:96:ef:64:f9:b3:
e1:83:b8:d2:17:d6:45:0e:e0:bf:78:2a:e0:78:33:
b2:66:f0:21:01:1a:b7:96:ab:32:ad:a3:88:df:87:
e9:9d:bb:15:a1:1e:4f:70:68:e7:fd:dd:cd:10:a8:
ec:f7:23:bc:e6:92:3d:96:88:a2:eb:c9:98:6b:f4:
6f:a5:20:f7:90:7a:2c:e9:ad:0b:d5:56:8c:61:9f:
cb:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:61:2B:DA:D4:66:64:8B:61:8C:DC:87:BA:44:0B:3B:88:1A:02:76
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/lGEr2tRmZIthjNyHukQLO4gaAnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
93.114.89.0/24
Signature Algorithm: sha256WithRSAEncryption
80:8d:70:5f:74:de:29:74:31:4a:c8:46:30:66:7d:93:d3:68:
50:b5:76:40:ba:8c:c4:3f:42:7e:ac:2f:b7:4e:d9:3e:06:43:
97:1e:5b:5a:30:38:d2:a6:94:01:27:17:03:e2:ad:82:84:1a:
0e:84:f2:67:bf:5e:78:96:be:08:6e:5a:8b:cd:16:cf:c3:68:
1c:5e:48:e4:59:37:9e:4d:bd:4b:21:7b:1b:3d:9c:d5:ca:89:
f7:87:84:9d:6d:2e:b8:20:8a:85:52:75:b5:19:07:ad:5e:0d:
7f:45:18:e1:69:96:e1:68:11:01:12:78:6b:37:ae:07:03:bb:
8d:34:1a:d3:9a:6e:4a:10:80:07:03:64:1b:7f:a5:62:96:2e:
8c:05:03:e0:24:19:dd:4c:b2:a5:1b:68:23:1a:53:0e:ed:04:
b9:87:c0:4d:d1:d5:d7:61:e8:61:9e:79:38:80:44:ae:a2:ee:
21:fe:00:0e:87:34:9b:5a:f4:2c:ea:c7:95:b6:76:69:b9:69:
30:ee:b5:2c:49:6a:73:46:fa:43:fe:5e:0f:70:bc:6a:cc:ac:
1e:be:d0:f1:8d:5e:b1:3a:10:94:f7:d8:c2:34:7d:5d:3e:65:
d4:d0:3a:90:ac:18:c2:5b:1b:42:e4:bc:ea:6d:72:f2:f4:6d:
2e:d1:0f:f2
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZLCVEs4JejFqbMr5nj1mxbEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQxMDI1MDYxOTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDYxMmJkYWQ0NjY2NDhiNjE4Y2RjODdiYTQ0MGIzYjg4MWEwMjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hzJvnWm5AUe4XDGLe0Kb4bswWpG
k75kGAuIK2Y2bl+YbpSnilU7lYEHjAqOf+fCRerFcnRwyK8uiP9683jEjCWLmOaj
qK3stfgaT8oPQxRWwdHCprTUEUtHM059/NswA3V0uoWTky+JdIu/6X3IIlQ9zQ2c
7Uft2/4CtFWz3i4TxijWsdKd2qjU0n+Q8Ik2quf8VkEHbNwExMHPnDSQHaWgIsyG
lmCpDlJtfcimlu9k+bPhg7jSF9ZFDuC/eCrgeDOyZvAhARq3lqsyraOI34fpnbsV
oR5PcGjn/d3NEKjs9yO85pI9loii68mYa/RvpSD3kHos6a0L1VaMYZ/LzQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJRhK9rUZmSLYYzch7pECzuIGgJ2MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvbEdFcjJ0Um1aSXRoak55SHVrUUxPNGdhQW5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABZKlED
BAJZKlADBABdclkwDQYJKoZIhvcNAQELBQADggEBAICNcF903il0MUrIRjBmfZPT
aFC1dkC6jMQ/Qn6sL7dO2T4GQ5ceW1owONKmlAEnFwPirYKEGg6E8me/XniWvghu
WovNFs/DaBxeSORZN55NvUshexs9nNXKifeHhJ1tLrggioVSdbUZB61eDX9FGOFp
luFoEQESeGs3rgcDu400GtOabkoQgAcDZBt/pWKWLowFA+AkGd1MsqUbaCMaUw7t
BLmHwE3R1ddh6GGeeTiARK6i7iH+AA6HNJta9Czqx5W2dmm5aTDutSxJanNG+kP+
Xg9wvGrMrB6+0PGNXrE6EJT32MI0fV0+ZdTQOpCsGMJbG0LkvOptcvL0bS7RD/I=
-----END CERTIFICATE-----
Generated at Sun Oct 27 12:43:51 2024 by rpki-client on console-ams.rpki-client.org